November 24, 2014 By Pamela Cobb 2 min read

As security threats to network environments have evolved, so has the IBM X-Force Research and Development group. When the group was founded in the late 1990s, its vision was to develop protection strategies and educate customers. The benefit of strategic thinking means that those two goals are still applicable today.

If you’re unfamiliar with the team, I encourage you to take a few minutes to watch this overview video featuring Chris Poulin, one of our research strategists:

In addition to having a wonderfully expressive eyebrow, Poulin is also an accomplished speaker and author on a wide array of security topics. If you want to hear more from him but can’t catch him in person at one of our cybersecurity roadshows or client events, you can watch his in-depth interview with SiliconANGLE or read any of his blogs on SecurityIntelligence.com.

The Foundation of IBM Protection Strategies

Poulin is just one example of the experts on the team. Earlier this month, Robert Freeman, another of those brilliant minds, disclosed a vulnerability in Microsoft Internet Explorer (IE) that has been around for 19 years. This vulnerability allows an attacker to gain full control of the browser in any version, starting with IE 3.0. This vulnerability has been given any number of nicknames, from “Unicorn” to “Godmode,” and it is just one of the over 86,000 vulnerabilities cataloged in the X-Force database, one of the oldest commercially available vulnerability databases.

Thanks to the work of our team of researchers going back to the 1990s, X-Force has been able to build behavior-based protection strategies that can stop advanced threats. Perhaps you remember a little vulnerability named Shellshock? Thanks to those strategies, IBM Security Network Protection customers were protected against Shellshock exploits way back in 2007. The researchers had the foresight to create algorithms to block potentially malicious behavior such as shellcode injections.

With IBM’s acquisitions in the security area, X-Force has expanded its research efforts into new areas. In Trusteer, it added a team of malware experts such as Dana Tamir, who uncovered new uses for “classic” banking malware in the case of Citadel being modified to attack petrochemical companies. I’d also be remiss if I didn’t include the efforts of our mobile application security researchers, such as Roee Hay, who keep us all informed of emerging threats to mobile platforms.

There is no way I could list all the security experts that contribute to the efforts to develop protection strategies for IBM customers, so rather than publishing a yearbook-like list of names, let’s talk about how these experts work together to educate the public.

X-Force Security Education for the Masses

Outside of the insights posted on SecurityIntelligence.com, X-Force publishes its X-Force Threat Intelligence Quarterly, authors white papers, produces webinars and posts videos to educate not only IBM clients, but also the public at large on emerging trends in the security industry. All these assets are now conveniently located in its Research Finder.

The IBM Managed Security Services group, which monitors real-world threats to IBM clients, also publishes independent research papers on zero-day attacks such as Shellshock and industry-specific views on sectors such as finance and health care.

X-Force also presents at industry and IBM events such as InterConnect 2015 in addition to its cybersecurity roadshows. If you’re able, I highly encourage you to take advantage of the many exciting research education events, either virtually or in person, that X-Force has planned for 2015.

More from X-Force

Ongoing ITG05 operations leverage evolving malware arsenal in global campaigns

13 min read - Summary As of March 2024, X-Force is tracking multiple ongoing ITG05 phishing campaigns featuring lure documents crafted to imitate authentic documents of government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated documents associated with finance, critical infrastructure, executive engagements, cyber security, maritime security, healthcare, business, and defense industrial production. Beginning in November 2023, X-Force observed…

Why federal agencies need a mission-centered cyber response

4 min read - Cybersecurity continues to be a top focus for government agencies with new cybersecurity requirements. Threats in recent years have crossed from the digital world to the physical and even involved critical infrastructure, such as the cyberattack on SolarWinds and the Colonial Pipeline ransomware attack. According to the IBM Cost of a Data Breach 2023 Report, a breach in the public sector, which includes government agencies, is up to $2.6 million from $2.07 million in 2022. Government agencies need to move…

CVE-2023-20078 technical analysis: Identifying and triggering a command injection vulnerability in Cisco IP phones

7 min read - CVE-2023-20078 catalogs an unauthenticated command injection vulnerability in the web-based management interface of Cisco 6800, 7800, and 8800 Series IP Phones with Multiplatform Firmware installed; however, limited technical analysis is publicly available. This article presents my findings while researching this vulnerability. In the end, the reader should be equipped with the information necessary to understand and trigger this vulnerability.Vulnerability detailsThe following Cisco Security Advisory (Cisco IP Phone 6800, 7800, and 8800 Series Web UI Vulnerabilities - Cisco) details CVE-2023-20078 and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today