Abby Ross, @HonestAb2

Associate Partner, X-Force Red

Abby Ross is Associate Partner for X-Force Red, IBM Security's team of veteran hackers. Abby is a seasoned marketing and public relations professional, with a focus on cyber security. Abby specializes in understanding security challenges facing organizations worldwide and communicating how cyber security technologies and services can help overcome them.

Threat Hunting August 2, 2022

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

4 min read - You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why…

Security Services April 27, 2022

Electron application attacks: No vulnerability required

3 min read - While you may have never heard of “Electron applications,” you most likely use them. Electron technology is in many of today’s most popular applications, from streaming music to messaging to video conferencing applications. Under the hood, Electron is essentially a…

X-Force January 13, 2022

The Best Threat Hunters Are Human

4 min read - “You won’t know you have a problem unless you go and look.” Neil Wyler, who is known as ‘Grifter’ in the hacker community, made that statement as a precursor to an unforgettable story. An organization hired Grifter to perform active…

Government November 9, 2021

A New Cybersecurity Executive Order Puts the Heat on Critical Infrastructure Suppliers

3 min read - Ransomware. Five years ago, the cybersecurity community knew that term well, although among others it was far from dinner table conversation. Times have changed. Since early 2020, ransomware has hit a slew of headlines. People inside and outside of the…

Offensive Security November 3, 2021

An Attack Against Time

3 min read - When Liza Minnelli sang that famous tune, “Money makes the world go around,” she should have added one more word: time. Time makes the world go around. It’s that one agreed-upon part of life that the world shares. From laptops…

Offensive Security August 26, 2021

Red & Blue: United We Stand

4 min read - Offensive and defensive security are typically viewed as opposite sides of the same fence. On one side, the offensive team aims to prevent attackers from compromising an organization, whereas on the other side the defensive team aims to stop attackers…

Endpoint July 13, 2021

Your Home Away From Home May Not Be as Cybersecure as You Think

4 min read - Home is where the ‘smart’ is. A recent study revealed the average American household has 25 connected or Internet of Things (IoT) devices. The number of consumers who have smart home devices connected to their home internet has grown by…

Energy & Utility May 4, 2021

It’s an Operational Technology World, and Attackers Are Living in It

5 min read - In April 2021, the U.S. government announced a new effort to protect industrial control systems (ICS) from cyberattacks. For the cybersecurity community, the announcement may come as no surprise. Vulnerabilities in critical infrastructure such as ICS and the operational technologies…

Data Protection April 13, 2021

Wake Me Up Before You Know Know … About the Latest Third-Party Data Breach

4 min read - “It has gotten to the point, unfortunately, where they are so frequent and common these days, that it’s like, here we go again,” Christopher Sitter says when I asked him about the prospect of a third-party data breach. Sitter is the…

Data Protection January 19, 2021

For Attackers, Home is Where the Hideout Is

4 min read - Remember the good ol’ days of playing hide-and-seek? It’s hard to forget the rush of finding the perfect hiding place. I remember crouching into a tiny ball behind the clothes hanging in my mother’s closet, or standing frozen like a…

Intelligence & Analytics October 8, 2020

Autonomous Vehicle Security Needs From A Hacker’s Perspective

3 min read - With connected cars becoming more common, the industry has more standards and options when it comes to autonomous vehicle security. Adam Laurie, known in hacker circles as Major Malfunction, leads X-Force Red’s automotive testing practice. He has seen firsthand how…

Data Protection September 23, 2020

A Recipe for Reducing Medical Device Internet of Things Risk

2 min read - You may recall this blog post from March 2020. It highlighted the importance of factoring in clinical, organizational, financial and regulatory impact when determining which medical Internet-of-Things (IoMT) security vulnerabilities should be fixed first. Consider this post a part two.…

Failed to load data

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.

Subscribe today

Analysis and insights from hundreds of the brightest minds in the cybersecurity industry to help you prove compliance, grow business and stop threats.

Cybersecurity News By Topic By Industry Exclusive Series X-Force Podcast Events Contact About Us

Security Intelligence

{{title}}

{{title}}

{{title}}

Topics

Abby Ross, @HonestAb2

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

Electron application attacks: No vulnerability required

The Best Threat Hunters Are Human

A New Cybersecurity Executive Order Puts the Heat on Critical Infrastructure Suppliers

An Attack Against Time

Red & Blue: United We Stand

Your Home Away From Home May Not Be as Cybersecure as You Think

It’s an Operational Technology World, and Attackers Are Living in It

Wake Me Up Before You Know Know … About the Latest Third-Party Data Breach

For Attackers, Home is Where the Hideout Is

Autonomous Vehicle Security Needs From A Hacker’s Perspective

A Recipe for Reducing Medical Device Internet of Things Risk

{{{title}}}

Topic updates