Category: Security Intelligence

What’s behind unchecked CVE proliferation, and what to do about it

The volume of Common Vulnerabilities and Exposures (CVEs) has reached staggering levels, placing immense pressure on organizations’ cyber defenses. According to SecurityScorecard, there were 29,000 vulnerabilities recorded in 2023, and by mid-2024, nearly 27,500 had already been identified. Meanwhile, Coalition’s…

Quishing: A growing threat hiding in plain sight

Our mobile devices go everywhere we go, and we can use them for almost anything. For businesses, the accessibility of mobile devices has also made it easier to create more interactive ways to introduce new products and services while improving…

Cybersecurity Awareness Month: 5 new AI skills cyber pros need

The rapid integration of artificial intelligence (AI) across industries, including cybersecurity, has sparked a sense of urgency among professionals. As organizations increasingly adopt AI tools to bolster security defenses, cyber professionals now face a pivotal question: What new skills do…

Why safeguarding sensitive data is so crucial

A data breach at virtual medical provider Confidant Health lays bare the vast difference between personally identifiable information (PII) on the one hand and sensitive data on the other. The story began when security researcher Jeremiah Fowler discovered an unsecured…

Addressing growing concerns about cybersecurity in manufacturing

Manufacturing has become increasingly reliant on modern technology, including industrial control systems (ICS), Internet of Things (IoT) devices and operational technology (OT). While these innovations boost productivity and streamline operations, they’ve vastly expanded the cyberattack surface. According to the 2024…

3 proven use cases for AI in preventative cybersecurity

IBM’s Cost of a Data Breach Report 2024 highlights a ground-breaking finding: The application of AI-powered automation in prevention has saved organizations an average of $2.2 million. Enterprises have been using AI for years in detection, investigation and response. However,…

Best practices on securing your AI deployment

As organizations embrace generative AI, there are a host of benefits that they are expecting from these projects—from efficiency and productivity gains to improved speed of business to more innovation in products and services. However, one factor that forms a…

What’s behind the 51% drop in ransomware attacks?

In a world where cyber threats feel omnipresent, a recent report has revealed some unexpected good news: ransomware attacks on state and local governments have dropped by 51% in 2024. Still, this decline does not signal the end of the…

Navigating the ethics of AI in cybersecurity

Even if we’re not always consciously aware of it, artificial intelligence is now all around us. We’re already used to personalized recommendation systems in e-commerce, customer service chatbots powered by conversational AI and a whole lot more. In the realm…

Cybersecurity Awareness Month: Horror stories

When it comes to cybersecurity, the question is when, not if, an organization will suffer a cyber incident. Even the most sophisticated security tools can’t withstand the biggest threat: human behavior. October is Cybersecurity Awareness Month, the time of year…

Is AI saving jobs… or taking them?

Artificial intelligence (AI) is coming to take your cybersecurity job. Or, AI will save your job. Well, which is it? As with all things security-related, AI-related and employment-related, it’s complicated. How AI creates jobs A major reason it’s complicated is…

Are we getting better at quantifying risk management?

As cyber threats grow more sophisticated and pervasive, the need for effective risk management has never been greater. The challenge lies not only in defining risk mitigation strategy but also in quantifying risk in ways that resonate with business leaders.…

Trends: Hardware gets AI updates in 2024

The surge in artificial intelligence (AI) usage over the past two and a half years has dramatically changed not only software but hardware as well. As AI usage continues to evolve, PC makers have found in AI an opportunity to…

Spooky action: Phantom domains create hijackable hyperlinks

According to a recent paper published at the 2024 Web Conference, so-called “phantom domains” make it possible for malicious actors to hijack hyperlinks and exploit users’ trust in familiar websites. The research defines phantom domains as active links to dot-com domains…

SANS Institute: Top 5 dangerous cyberattack techniques in 2024

The SANS Institute — a leading authority in cybersecurity research, education and certification — released its annual Top Attacks and Threats Report. This report provides insights into the evolving threat landscape, identifying the most prevalent and dangerous cyberattack techniques that…

Cybersecurity risks in healthcare are an ongoing crisis

While healthcare providers have been implementing technical, administrative and physical safeguards related to patient information, they have not been as diligent in securing their medical devices. These devices are critical to patient care and can leave hospitals at risk for…

What can businesses learn from the rise of cyber espionage?

It’s not just government organizations that need to worry about cyber espionage campaigns — the entire business world is also a target. Multipolarity has been a defining trend in geopolitics in recent years. Rivalries between the world’s great powers continue…

How I got started: AI security executive

Artificial intelligence and machine learning are becoming increasingly crucial to cybersecurity systems. Organizations need professionals with a strong background that mixes AI/ML knowledge with cybersecurity skills, bringing on board people like Nicole Carignan, Vice President of Strategic Cyber AI at…

How cyber criminals are compromising AI software supply chains

With the adoption of artificial intelligence (AI) soaring across industries and use cases, preventing AI-driven software supply chain attacks has never been more important. Recent research by SentinelOne exposed a new ransomware actor, dubbed NullBulge, which targets software supply chains…

How to embrace Secure by Design principles while adopting AI

The rapid rise of generative artificial intelligence (gen AI) technologies has ushered in a transformative era for industries worldwide. Over the past 18 months, enterprises have increasingly integrated gen AI into their operations, leveraging its potential to innovate and streamline…

Cost of a data breach: The industrial sector

Industrial organizations recently received a report card on their performance regarding data breach costs. And there’s plenty of room for improvement. According to the 2024 IBM Cost of a Data Breach (CODB) report, the average total cost of a data…

CISOs list human error as their top cybersecurity risk

With cybersecurity, the focus often is on technology — specifically, how cyber criminals use it to conduct attacks and the tools that organizations can use to keep their systems and data safe. However, this overlooks the most important element in…

Cost of a data breach 2024: Financial industry

According to the IBM Cost of a Data Breach 2024 report, the average global breach cost has reached $4.88 million — a significant increase over last year’s $4.45 million and the biggest jump since the pandemic. For financial industry enterprises,…

How CIRCIA is changing crisis communication

Read the previous article in this series, PR vs cybersecurity teams: Handling disagreements in a crisis. When the Colonial Pipeline attack happened a few years ago, widespread panic and long lines at the gas pump were the result — partly due…

Cost of a data breach: The healthcare industry

Cyberattacks grow every year in sophistication and frequency, and the cost of data breaches continues to rise with them. A new report by IBM and the Ponemon Institute, the 2024 Cost of Data Breach Study, details the financial impacts of…

Unveiling the latest banking trojan threats in LATAM

This post was made possible through the research contributions of Amir Gendler. In our most recent research in the Latin American (LATAM) region, we at IBM Security Lab have observed a surge in campaigns linked with malicious Chrome extensions. These…

Crisis communication: What NOT to do

Read the 1st blog in this series, Cybersecurity crisis communication: What to do When an organization experiences a cyberattack, tensions are high, customers are concerned and the business is typically not operating at full capacity. Every move you make at this…

Cybersecurity crisis communication: What to do

Cybersecurity experts tell organizations that the question is not if they will become the target of a cyberattack but when. Often, the focus of response preparedness is on the technical aspects — how to stop the breach from continuing, recovering…

Cybersecurity crisis communication: What to do

Cybersecurity experts tell organizations that the question is not if they will become the target of a cyberattack but when. Often, the focus of response preparedness is on the technical aspects — how to stop the breach from continuing, recovering…

It all adds up: Pretexting in executive compromise

Executives hold the keys to the corporate kingdom. If attackers can gain the trust of executives using layered social engineering techniques, they may be able to access sensitive corporate information such as intellectual property, financial data or administrative control logins…

ChatGPT 4 can exploit 87% of one-day vulnerabilities

Since the widespread and growing use of ChatGPT and other large language models (LLMs) in recent years, cybersecurity has been a top concern. Among the many questions, cybersecurity professionals wondered how effective these tools were in launching an attack. Cybersecurity…

Vulnerability management empowered by AI

Vulnerability management involves an ongoing cycle of identifying, prioritizing and mitigating vulnerabilities within software applications, networks and computer systems. This proactive strategy is essential for safeguarding an organization’s digital assets and maintaining its security and integrity. To make the process…

Manage AI threats with the right technology architecture

In an increasingly digital world, companies continuously face the threat of cyberattacks. Current advances in artificial intelligence (AI) promise significant improvements in detecting and defending against such threats. However, it is no secret that attackers are increasingly using AI. Cyber…

Water facilities warned to improve cybersecurity

United States water facilities, which include 150,000 public water systems, have become an increasingly high-risk target for cyber criminals in recent years. This rising threat has demanded more attention and policies focused on improving cybersecurity. Water and wastewater systems are…

Generative AI security requires a solid framework

How many companies intentionally refuse to use AI to get their work done faster and more efficiently? Probably none: the advantages of AI are too great to deny. The benefits AI models offer to organizations are undeniable, especially for optimizing…

Self-replicating Morris II worm targets AI email assistants

The proliferation of generative artificial intelligence (GenAI) email assistants such as OpenAI’s GPT-3 and Google’s Smart Compose has revolutionized communication workflows. Unfortunately, it has also introduced novel attack vectors for cyber criminals. Leveraging recent advancements in AI and natural language…

AI-driven compliance: The key to cloud security

The growth of cloud computing continues unabated, but it has also created security challenges. The acceleration of cloud adoption has created greater complexity, with limited cloud technical expertise available in the market, an explosion in connected and Internet of Things…

Important details about CIRCIA ransomware reporting

In March 2022, the Biden Administration signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). This landmark legislation tasks the Cybersecurity and Infrastructure Security Agency (CISA) to develop and implement regulations requiring covered entities to…

How I got started: AI security researcher

For the enterprise, there’s no escape from deploying AI in some form. Careers focused on AI are proliferating, but one you may not be familiar with is AI security researcher. These AI specialists are cybersecurity professionals who focus on the…

How a new wave of deepfake-driven cybercrime targets businesses

As deepfake attacks on businesses dominate news headlines, detection experts are gathering valuable insights into how these attacks came into being and the vulnerabilities they exploit. Between 2023 and 2024, frequent phishing and social engineering campaigns led to account hijacking…

New cybersecurity sheets from CISA and NSA: An overview

The Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) have recently released new CSI (Cybersecurity Information) sheets aimed at providing information and guidelines to organizations on how to effectively secure their cloud environments. This new release includes…

Threat intelligence to protect vulnerable communities

Key members of civil society—including journalists, political activists and human rights advocates—have long been in the cyber crosshairs of well-resourced nation-state threat actors but have scarce resources to protect themselves from cyber threats. On May 14, 2024, the Cybersecurity and…

NIST’s role in the global tech race against AI

Last year, the United States Secretary of Commerce announced that the National Institute of Standards and Technology (NIST) has been put in charge of launching a new public working group on artificial intelligence (AI) that will build on the success…

Passwords, passkeys and familiarity bias

As passkey (passwordless authentication) adoption proceeds, misconceptions abound. There appears to be a widespread impression that passkeys may be more convenient and less secure than passwords. The reality is that they are both more secure and more convenient — possibly…

Unpacking the NIST cybersecurity framework 2.0

The NIST cybersecurity framework (CSF) helps organizations improve risk management using common language that focuses on business drivers to enhance cybersecurity. NIST CSF 1.0 was released in February 2014, and version 1.1 in April 2018. In February 2024, NIST released…

Obtaining security clearance: Hurdles and requirements

As security moves closer to the top of the operational priority list for private and public organizations, needing to obtain a security clearance for jobs is more commonplace. Security clearance is a prerequisite for a wide range of roles, especially…

GenAI: The next frontier in AI security threats

Threat actors aren’t attacking generative AI (GenAI) at scale yet, but these AI security threats are coming. That prediction comes from the 2024 X-Force Threat Intelligence Index. Here’s a review of the threat intelligence types underpinning that report. Cyber criminals…

The evolution of a CISO: How the role has changed

In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at…

3 Strategies to overcome data security challenges in 2024

There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030. This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need…

ICS CERT predictions for 2024: What you need to know

As we work through the first quarter of 2024, various sectors are continuously adapting to increasingly complex cybersecurity threats. Sectors like healthcare, finance, energy and transportation are all regularly widening their digital infrastructure, resulting in larger attack surfaces and greater…

How I got started: Ransomware negotiator

Specialized roles in cybersecurity are proliferating, which isn’t surprising given the evolving threat landscape and the devastating impact of ransomware on many businesses. Among these roles, ransomware negotiators are becoming more and more crucial. These negotiators operate on the front…

How AI can be hacked with prompt injection: NIST report

The National Institute of Standards and Technology (NIST) closely observes the AI lifecycle, and for good reason. As AI proliferates, so does the discovery and exploitation of AI cybersecurity vulnerabilities. Prompt injection is one such vulnerability that specifically attacks generative…

From federation to fabric: IAM’s evolution

In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in…