45 Posts

Michelle Alvarez

Manager, IBM X-Force IRIS

    Michelle Alvarez is the manager of the Threat Intelligence Production Team with IBM X-Force Incident Response and Intelligence Services (IRIS). She brings more than 15 years of industry experience to her role, specializing in threat research and communication. In her current role, she focuses communications efforts around strategic threat and impact assessments for X-Force IRIS clients. Michelle's previous roles include threat analyst, writer and manager with IBM Managed Security Services (MSS).

    Written By Michelle Alvarez

    Q1 2018 Results: Gozi (Ursnif) Takes Larger Piece of the Pie and Distributes IcedID

    Gozi took a larger slice of the financial malware pie and become the most active banking Trojan in 2017, according to the IBM X-Force Threat Intelligence Index 2018.

    2018 IBM X-Force Report: Shellshock Fades, Gozi Rises and Insider Threats Soar

    The latest IBM X-Force report highlighted threats stemming from misconfigured cloud servers and inadvertent insider negligence and examined malware trends from 2017 that could continue into 2018.

    Injection Attacks: The Least Glamorous Attack Is One of the Most Threatening

    They may not grab the most headlines, but injection attacks are the most common threats targeting organizational networks, according to IBM MSS data.

    Don’t Just Put Out the Zero-Day Fire — Get Rid of the Fuel

    The best way to remediate zero-day threats is to focus on proactively assessing and patching the vulnerabilities that facilitate them.

    Spotlight on Energy and Utilities Sector: Attacks Targeting ICS Systems Projected to Increase

    According to IBM X-Force data, cybercriminals have been targeting industrial control systems in the energy and utilities sector at an increasing rate.

    The Educator’s Back-to-School Cybersecurity Checklist: Make Mitigating Command Injection a Priority

    To protect students, parents and teachers from data theft, academic institutions must adopt comprehensive strategies to mitigate command injection attacks.

    Information and Communication Technology (ICT) Industry: Second-Most Attacked Sector in 2016

    The information and communication technology (ICT) industry suffered the second-most attacks out of all sectors monitored by IBM X-Force in 2016.

    Manufacturing Security Incidents: Forty Percent Higher Than Cross-Industry Average in 2016

    In manufacturing, security incidents occurred at a rate 40 percent higher than the average across all other industries in 2016, according to X-Force data.

    Mark Your Calendar: IBM X-Force Tracks Cyberattacks by Month

    According to IBM X-Force research, 19 percent of cyberattacks observed over the past two years occurred during the month of December.

    A Magnet for Cybercrime: Financial Services Sector

    According to the 2017 IBM X-Force Threat Intelligence Index, cybercriminals targeted the financial services sector more than any other industry in 2016.

    Co-Written By Michelle Alvarez

    Six Major Data Breach Trends From 2017

    IBM X-Force monitored major data breach trends throughout 2017 and gleaned key insights to help companies avoid headline-grabbing security incidents.

    BGP Internet Routing: What Are the Threats?

    The rate of BGP internet routing attacks has not increased significantly in the past two years. It is a considerable threat, however, because it puts the stability of the internet at risk.

    Cybersecurity Tips to Help Retailers and Consumers Stay Secure During the Holiday Season

    Consumers and retailers should implement these basic cybersecurity tips year-round to stay secure during the busy holiday shopping season.

    Downward Trend in Publicly Available Exploit Code? Don’t Ease Up on Patch Management Just Yet

    IBM X-Force reported a downward trend in publicly available exploit code, but security teams must still prioritize vulnerability and patch management.

    Apache Struts 2: A Zero-Day Quick Draw

    It took fraudsters less than 24 hours after the disclosure of a previously unknown Apache Struts 2 vulnerability to develop a Python script to exploit it.

    Mirai IoT Botnet: Mining for Bitcoins?

    Just in time for IoT Day, the Mirai botnet is launching attacks with a new trick up its sleeve: a built-in bitcoin mining component.