45 Posts

Michelle Alvarez

Manager, IBM X-Force IRIS

    Michelle Alvarez is the manager of the Threat Intelligence Production Team with IBM X-Force Incident Response and Intelligence Services (IRIS). She brings more than 15 years of industry experience to her role, specializing in threat research and communication. In her current role, she focuses communications efforts around strategic threat and impact assessments for X-Force IRIS clients. Michelle's previous roles include threat analyst, writer and manager with IBM Managed Security Services (MSS).

    Written By Michelle Alvarez

    2016: The Year of the Mega Breach

    The latest edition of the IBM X-Force Threat Intelligence Index detailed how companies were affected by data breaches during the "year of the mega breach."

    Disposing of Your Device: Don’t Throw the Data Out With the Old PC

    Disposing of your device securely means wiping old data, deauthorizing account access and finding an ecologically sound home for the old device.

    Health Care Data at Growing Risk From Ransomware, Insiders and Third-Party Breaches

    A new report based on IBM MSS data revealed that ransomware, insider threats and third-party breaches plagued health care organizations in 2016.

    Attackers Targeting Retail Are Shopping for Low-Hanging Fruit

    A recent IBM study revealed that many high-profile attacks against retail companies originate from vulnerabilities classified as low-hanging fruit.

    Rising Attack Rates and Massive Breaches Plague Government Organizations

    IBM's "2016 Cyber Security Intelligence Index" reported that the government sector is now the fourth most frequently targeted industry in the U.S.

    Hello, You’ve Been Compromised: Upward Attack Trend Targeting VoIP Protocol SIP

    According to IBM Managed Security Services data, cybercriminals most commonly target the SIP and SCCP protocols in VOIP spam attacks.

    Consequences of IoT and Telnet: Foresight Is Better Than Hindsight

    Cybercriminals have learned how to exploit the IoT and Telnet servers to commit record-shattering DDoS attacks against major websites.

    Researchers Detect Second Wave of Shellshock Attacks Since Two-Year Anniversary

    Researchers detected an increase in Shellshock attacks — the second wave of activity since the malware celebrated its two-year anniversary in September.

    Shellshock Anniversary: Major Security Flaw Still Going Strong

    As if to celebrate its two-year anniversary, Shellshock, one of the most infamous bugs of 2014, ramped up its activity in September.

    VBA Macro Malware Jumping on the Ransomware Bandwagon

    IBM observed a spike in malware activity that uses Visual Basic for Applications (VBA) macros to deliver malicious attachments.

    Co-Written By Michelle Alvarez

    Six Major Data Breach Trends From 2017

    IBM X-Force monitored major data breach trends throughout 2017 and gleaned key insights to help companies avoid headline-grabbing security incidents.

    BGP Internet Routing: What Are the Threats?

    The rate of BGP internet routing attacks has not increased significantly in the past two years. It is a considerable threat, however, because it puts the stability of the internet at risk.

    Cybersecurity Tips to Help Retailers and Consumers Stay Secure During the Holiday Season

    Consumers and retailers should implement these basic cybersecurity tips year-round to stay secure during the busy holiday shopping season.

    Downward Trend in Publicly Available Exploit Code? Don’t Ease Up on Patch Management Just Yet

    IBM X-Force reported a downward trend in publicly available exploit code, but security teams must still prioritize vulnerability and patch management.

    Apache Struts 2: A Zero-Day Quick Draw

    It took fraudsters less than 24 hours after the disclosure of a previously unknown Apache Struts 2 vulnerability to develop a Python script to exploit it.

    Mirai IoT Botnet: Mining for Bitcoins?

    Just in time for IoT Day, the Mirai botnet is launching attacks with a new trick up its sleeve: a built-in bitcoin mining component.