#IBMXForce
Text
IBM X-Force Drops Ransomware, InfoStealers, AI Threats Rise
IBM Report: 2024 X-Force Threat Intelligence Index
IBM today unveiled the 2024 X-Force Threat Intelligence Index, which underscores a growing global identity crisis as cybercriminals intensify their efforts to compromise businesses globally by using user identities. In 2023, cybercriminals saw more opportunities to “log in” rather than hack into corporate networks through legitimate accounts, making this approach a preferred weapon of choice for threat actors, according to IBM X-Force, IBM Consulting’s offensive and defensive security services arm.
Based on observations and insights from tracking more than 150 billion security events daily across more than 130 countries, the X-Force Threat Intelligence Index was created. Furthermore, information is collected and examined from various IBM sources, such as IBM Managed Security Services, Incident Response, X-Force Red, IBM X-Force Threat Intelligence, and data from Red Hat Insights and Intezer, which were included in the 2024 report.
Among the principal points of emphasis are:
Critical infrastructure attacks expose industry “faux pas.” Patching, multi-factor authentication, and least-privilege principles could have prevented compromise in nearly 85% of attacks on critical sectors. This suggests that achieving what the security industry has historically referred to as “basic security” may be more difficult than previously thought.
Groups that use ransomware change to a more economical strategy. Enterprise ransomware attacks decreased by almost 12% in the previous year as larger organizations chose to rebuild their infrastructure rather than pay and decrypt the ransomware. Groups that had previously focused on ransomware were seen to shift to info stealers, as this increasing backlash is expected to affect adversaries’ revenue expectations from encryption-based extortion.
Attacks against generative AI don’t yet yield a return. According to X-Force analysis, at-scale attacks against these platforms may occur when a single generative AI technology approaches 50% of the market or when the market consolidates into three or fewer technologies.
Charles Henderson, Global Managing Partner, IBM Consulting, and Head of IBM X-Force, stated, “While security fundamentals’ doesn’t get as many head turns as ‘AI-engineered attacks,’ it remains that enterprises’ biggest security problem boils down to the basic and known – not the novel and unknown.” “Identity is being used against enterprises time and time again, a problem that will worsen as adversaries invest in AI to optimize the tactic.”
IBM X-force threat intelligence
Cybercriminals now find it easiest to exploit legitimate accounts because there are billions of compromised credentials available on the Dark Web. According to X-Force, info stealing malware increased 266% in 2023 as actors sought user identities. From social media and messaging apps, this malware steals emails, banking information, cryptocurrency wallet data, and credentials.
Because it is more difficult to identify, this “easy entry” for attackers prompts an expensive response from businesses. X-Force reports that major incidents resulting from attackers using legitimate accounts required security teams to implement nearly 200% more complex response measures than the average incident. This was because defenders had to discern between malicious and legitimate user activity on the network. According to IBM’s 2023 Cost of a Data Breach Report, breaches resulting from compromised or stolen credentials took an average of 11 months to identify and resolve, making it the infection vector with the longest response lifecycle.
This extensive surveillance of users’ online behavior was made clear when the FBI and European law enforcement took down a global cybercrime forum in April 2023, gathering the login credentials of over 80 million accounts. Threats based on identity will probably keep increasing as long as enemies use generative AI to make their attacks more effective. X-Force has already seen over 800,000 posts on GPT and AI in Dark Web forums in 2023, confirming that cybercriminals are interested in and aware of these developments.
Attackers “Log into” Networks of Critical Infrastructure
Critical infrastructure organizations were the target of nearly 70% of attacks that X-Force responded to globally. This is a concerning finding that shows that cybercriminals are betting on these high-value targets’ need for uptime to achieve their goals.
Phishing emails, the use of legitimate accounts, and the exploitation of public-facing applications were the causes of nearly 85% of the attacks that X-Force responded to in this sector. With DHS CISA reporting that most successful attacks on government agencies, critical infrastructure organizations, and state-level government bodies in 2022 involved the use of legitimate accounts, the latter presents a higher risk to the industry. This emphasizes how important it is for these companies to create incident response plans and regularly stress test their environments for possible exposures.
Generative AI: The Next Great Development in Secure
Cybercriminals need to target technologies that are widely used by most organizations globally to see a return on investment from their campaigns. Similar to how previous technological advancements, such as ransomware, Windows Server dominance, BEC scams, Microsoft 365 dominance, cryptojacking, and the consolidation of the Infrastructure-as-a-Service market, encouraged cybercriminal activity, this pattern is expected to continue with artificial intelligence.
According to X-Force, the establishment of generative AI market dominance, which occurs when a single technology approaches 50% of the market or when the market consolidates into three or fewer technologies, could lead to the maturation of AI as an attack surface and encourage cybercriminals to invest more in new tools.
While generative AI is still in its pre-mass market phase, businesses must safeguard their AI models before cybercriminals ramp up their operations. Businesses should understand that their current underlying infrastructure serves as a gateway to their AI models and can be targeted by attackers without the need for creative attacks. This emphasizes the need for an all-encompassing security strategy in the generative AI era, as described in the IBM Framework for Securing Generative AI.
Further discoveries:
Europe is the favored target of adversaries. Europe was the target of almost one in three attacks seen globally; the continent also saw the highest number of ransomware attacks (26% worldwide).
What happened to all the phish? Although phishing attacks are still the most common vector of infection, their volume has decreased by 44% since 2022. However, since AI has the potential to enhance this attack and X-Force research shows that AI can accelerate attacks by almost two days, cybercriminals will still favor the infection vector.
Everyone is at risk. According to Red Hat Insights, 82% of clients had at least one CVE with known exploits that was left unfixed in their environment when the scan was conducted, and 80% of the top ten vulnerabilities found in systems in 2023 received a base severity score of ‘High’ or ‘Critical’ on the CVSS.
“Kerberoasting” pays off: According to X-Force, there has been a 100% rise in “kerberoasting” attacks, in which hackers pretend to be users in order to abuse Microsoft Active Directory tickets and escalate privileges.
Misconfigured security X-Force Red penetration testing engagements show that security misconfigurations made up 30% of all exposures found, with over 140 different ways for attackers to take advantage of misconfigurations.
Read more on Govindhtech.com
#IBM#IBMXForce#Ransomware#InfoStealers#AIThreats#IBMConsulting#RedHatInsights#generativeAI#Technews#technology#govindhtech#cpu
0 notes
Text
RT IBMSecurity "In this final installment of a 3-part series on the Brazilian RAT found by #IBMXForce, Pavel Asinovsky highlights how researchers reconstructed the malware. Learn how the team fully simulated the overlay attack: https://t.co/o7gIAuFNLA https://t.co/aBehX12HxG"
RT IBMSecurity "In this final installment of a 3-part series on the Brazilian RAT found by #IBMXForce, Pavel Asinovsky highlights how researchers reconstructed the malware. Learn how the team fully simulated the overlay attack: https://t.co/o7gIAuFNLA pic.twitter.com/aBehX12HxG"
— Ross Radev (@Ross_Radev) July 14, 2019
from Twitter https://twitter.com/Ross_Radev
0 notes
Photo
Caleb Barlow, Vice President of Threat Intelligence for IBM, poses for a portrait outside X-Force Command, IBM's "mobile cyber range" to use in corporate cybersecurity training. #nikond850 #nikon #d850 #nashvillephotographer #nashvillephotography #ibm #ibmxforce #xforcecommand #threatintelligence #cyberthreat #cybersecurity #calebbarlow #threatintelligenceibm #makeportraits #portraitphotography #commercialphotography #portraits #portraitphotography #cybersecuritytraining https://ift.tt/2CRdVDR
0 notes
Text
IBM X-Force IRIS Cyberattack Preparation and...
Hot off the press! #IBMXForce IRIS introduces its cyberattack preparation and execution frameworks
IBM X-Force IRIS Cyberattack Preparation and...
A new white paper highlights how IBM X-Force IRIS characterizes and communicates threat intelligence to help organizations improve their cyberattack preparation and response capabilities.
getsocial.voicestorm.com
0 notes
Text
IBM X-Force IRIS Uncovers Active Business Email...
#IBMXForce IRIS Uncovers Active Business Email Compromise Campaign Targeting Fortune 500 Companies
IBM X-Force IRIS Uncovers Active Business Email...
IBM X-Force IRIS observed a widespread business email compromise (BEC) campaign targeting many Fortune 500 companies that exploits flaws in common accounts payable processes.
getsocial.voicestorm.com
0 notes
Text
Six Major Data Breach Trends From 2017
#IBMXForce research reveals 6 major data breach trends from 2017
Six Major Data Breach Trends From 2017
The IBM X-Force team monitored major data breach trends throughout 2017 and gleaned key insights to help companies avoid headline-grabbing security incidents and protect sensitive data. The post Six Major Data Breach Trends From 2017 appeared first on Security Intelligence .
getsocial.voicestorm.com
0 notes
Text
Six Major Data Breach Trends From 2017
#IBMXForce research reveals 6 major data breach trends from 2017
Six Major Data Breach Trends From 2017
The IBM X-Force team monitored major data breach trends throughout 2017 and gleaned key insights to help companies avoid headline-grabbing security incidents and protect sensitive data. The post Six Major Data Breach Trends From 2017 appeared first on Security Intelligence .
getsocial.voicestorm.com
0 notes
Text
New Year, New Threats: Five Security...
Check out the new blog + podcast from @calebbarlow and #IBMXForce! New Year, New Threats: Five #Security Predictions That Will Take Hold in 2018
New Year, New Threats: Five Security...
The IBM Security X-Force team offered some security predictions for new trends in the technology landscape and threats that are poised to emerge in 2018. The post New Year, New Threats: Five Security Predictions That Will Take Hold in 2018 appeared first on Security Intelligence .
getsocial.voicestorm.com
0 notes
Text
IBM X-Force Research: What You Need to Know...
New research report from #IBMXForce! What You Need to Know About Injection Attacks #IBMISDL
IBM X-Force Research: What You Need to Know...
Read this IBM X-Force Research Report to learn how attackers are using injection attacks and what steps you can take to help protect your systems and data.
getsocial.voicestorm.com
0 notes
Text
2016: The Year of the Mega Breach
Brand new #IBMXForce Threat Intelligence Index deems 2016 the year of the mega breach. Read the report to learn why
2016: The Year of the Mega Breach
The latest edition of the IBM X-Force Threat Intelligence Index detailed how companies were affected by data breaches during the "year of the mega breach." The post 2016: The Year of the Mega Breach appeared first on Security Intelligence .
getsocial.voicestorm.com
0 notes
Text
RT IBMSecurity "The AVLay remote access Trojan (RAT) discovered by #IBMXForce facilitates fraudulent banking transactions. Read more about how researchers found what triggers the malware: https://t.co/2Ep2Ez7hjc https://t.co/1pkX93FYvy"
RT IBMSecurity "The AVLay remote access Trojan (RAT) discovered by #IBMXForce facilitates fraudulent banking transactions. Read more about how researchers found what triggers the malware: https://t.co/2Ep2Ez7hjc pic.twitter.com/1pkX93FYvy"
— Ross Radev (@Ross_Radev) July 12, 2019
from Twitter https://twitter.com/Ross_Radev
0 notes
Text
Orchestrating Your Incident Response Strategy...
Join us on 3/10 to learn how to orchestrate your incident response strategy. #IBMXForce IRIS #BTRTG
Orchestrating Your Incident Response Strategy...
IBM’s new X-Force IRIS team is focused on helping clients proactively prepare and respond to security incidents. With capabilities and expertise that are industry leading, IBM can help organizations before, during and after a security incident. This webinar will help clients understand the current landscape for incident response and what steps organizations can take to …
getsocial.voicestorm.com
0 notes
Text
IBM X-Force IRIS Cyberattack Preparation and...
Hot off the press! #IBMXForce IRIS introduces its cyberattack preparation and execution frameworks
IBM X-Force IRIS Cyberattack Preparation and...
A new white paper highlights how IBM X-Force IRIS characterizes and communicates threat intelligence to help organizations improve their cyberattack preparation and response capabilities.
getsocial.voicestorm.com
0 notes
Text
Anatomy of an hVNC Attack
#IBMXForce looks at the anatomy of an hVNC attack
Anatomy of an hVNC Attack
Cybercriminals who rely on remote control tactics to commit financial fraud may use hidden virtual network computing (hVNC) modules to cover their tracks. The post Anatomy of an hVNC Attack appeared first on Security Intelligence .
getsocial.voicestorm.com
0 notes
Text
RT IBMSecurity "#IBMXForce reverse engineered a Brazilian Remote Access Trojan (RAT). Read the first installment in a three-part series to learn how the malware was discovered: https://t.co/GdLWyMxKCy https://t.co/9Q2ZSk7LLd"
RT IBMSecurity "#IBMXForce reverse engineered a Brazilian Remote Access Trojan (RAT). Read the first installment in a three-part series to learn how the malware was discovered: https://t.co/GdLWyMxKCy pic.twitter.com/9Q2ZSk7LLd"
— Ross Radev (@Ross_Radev) July 3, 2019
from Twitter https://twitter.com/Ross_Radev
0 notes
Text
RT @IBMcommunity: Join us for an evening of interactive learning and immersive demonstrations that take you through a #cyber attack simulation in the #IBMXForce Command Center! Register: https://t.co/68ynYn5T3u https://t.co/T19MAZMHqw
Join us for an evening of interactive learning and immersive demonstrations that take you through a #cyber attack simulation in the #IBMXForce Command Center!
Register: https://t.co/68ynYn5T3u pic.twitter.com/T19MAZMHqw
— IBM Community (@IBMcommunity) June 21, 2019
from Twitter https://twitter.com/Ross_Radev
0 notes
Last Seen Blogs
h0neyhues
H0NEYHUES
over-sleep2
成人指定されて外せないから引っ越し用w
browfixationpro-blog
Untitled
gamesphotosshare
#modapkd.wordpress.com
mettenette
hanilmi jeri tó