Source: www.databreachtoday.com – Author: 1
Fraud Management & Cybercrime
,
Ransomware
,
Video
John Dwyer of IBM Security X-Force on Using Predictive Threat Intelligence
Tom Field (SecurityEditor) •
August 21, 2023
This year’s massive exploitation of managed file transfer products such as Fortra’s GoAnywhere and Progress Software’s MOVEit proves that MFTs are a hacker’s paradise. Exploiting one is a great way to steal data and carry out an extortion-based attack.
See Also: Live Webinar | Unmasking Pegasus: Understand the Threat & Strengthen Your Digital Defense
Research by John Dwyer of IBM Security X-Force shows that MFTs have characteristics that make them attractive to cybercriminals: They handle critical data, often connect to a third party, contain personal identifying information, and often allow lateral movement. But there is a path toward protecting MFTs in the future, Dwyer’s research also shows.
In this video interview with Information Security Media Group at Black Hat USA 2023, Dwyer discussed:
- The need for scaled contextual awareness of datasets to make defenders aware of their MFTs’ underlying software components;
- How IBM is developing a predictive threat intelligence platform;
How the threat landscape is evolving globally.
Dwyer leads a team of security researchers focused on adversary trend analysis, threat hunting, detection engineering, incident response technology and integrating partner technologies into X-Force’s ecosystem. He tracks and models adversary operations to develop immersive simulation exercises to help drive improvements in incident response, threat hunting, and detection engineering. Prior to joining X-Force, Dwyer was a defensive cyber operations researcher working with the U.S. Army and U.S. Air Force to develop and incident response capabilities.
Original Post url: https://www.databreachtoday.com/managed-file-transfer-products-are-hackers-paradise-a-22886
Category & Tags: –
