IBM X-Force monitors the latest threats including vulnerabilities, exploits and active attacks, viruses and other malware, spam, phishing, and malicious web content. In addition to advising the general public on how to respond to emerging threats, X-Force also delivers security content, products, and services to help protect IBM customers.
Mikko Hypponen’s “Government as Malware Authors” version at TrustyCon. There is a value for security professionals, researchers and leaders in the community to revive the keynotes and continue the discussion.
A in-depth look at how to analyze OBAD manually and discover the device administrator vulnerability that makes it hide and prevent uninstallation. See also how to avoid ANR timeouts.
Return Oriented Programming (ROP) is the general case of a technique often used when exploiting security vulnerabilities caused by memory corruption issues. ROP has become a more frequently used technique in the exploitation of memory corruption vulnerabilities.
Latest security trends—from malware delivery to mobile device risks—based on data and ongoing research from the IBM X-Force Research team.
Hi everyone, its that time of the month again. Undoubtedly, the highlight for Feb’s Microsoft security update belongs to IE. With 24 issues being addressed in KB2909921, it seems that MSRC is making up for lost time when there isn’t any updates for IE in Jan 2014. So this really shouldn’t come as a big surprise at all.
A inside look at the Kaptoxa/BlackPOS malware, which is believed to be used in the massive Target data breach, with the goal of understanding how it operates and finding ways to detect its network activity.
The Microsoft security update for January 2014 dishes up a relatively small collection of patches, but it’s a valuable set. The KB2916605 patches for Microsoft Word and Web Applications fix three vulnerabilities, all of which provide Remote Code Execution (RCE) when successfully exploited. The patches for KB2913602 and KB2914368 both correct vulnerabilities leading to Escalations of Privilege (EOP). Together, these three patches cover five CVEs.
Image spam had its heyday in 2006 and 2007 with more than 40% of all spams contained an image attachment. By the summer of 2007, the game seemed to be over and image spam threats stopped almost completely. Nearly five years later, in December 2013, image spam has made a comeback!
The IBM X-Force Threat Analysis Service (XFTAS) reports on vulnerabilities that need to be brought to the attention of our customers. Such was the case in June of 2013. We found a report on a Plesk Control Panel vulnerability (CVE-2013-4878) and provided the following assessment.
Recently a colleague sent me a .docx which triggered on our scanning engine. Being the optimist me, I personally view such incidents positively; it either proves the accuracy of our engine if it is a true positive, or offers an opportunity to improve the detection logic if it turns out to be a false positive.
Current Threat Level
IBM X-Force Alerts
Live Webinar on March 19th
