42 Posts

Michelle Alvarez

Threat Researcher and Editor, IBM Managed Security Services

Michelle Alvarez is a Threat Researcher and Editor for IBM's Managed Security Services; she brings more than 10 years of industry experience to her role. In this role she focuses communications efforts around threat research and mitigation. Michelle joined IBM through the Internet Security Services (ISS) acquisition, where she served as an Analyst on the X-Force Vulnerability Database Team.

Written By Michelle Alvarez

Fool Me Once, Shame on You — Fool Me Eight Times, Shame on My Security Posture?

Organizations with weak security posture are an attractive target for cybercriminals, and they may find themselves coming under fire frequently.

Hacktivism: Fearmongering or Real Threat?

Organizations must be prepared for possible hacktivism campaigns by arming themselves with the best defensive tools and security strategies.

Insider Attacks May Be Closer Than They Appear

Security policies and employee education are just two of the many ways that organizations can mitigate the threat of insider attacks.

The Retail Industry’s Top Cyberthreat in 2015: Malware

IBM found that malware was the biggest offender of data breaches throughout the retail industry this year, but it was hardly the only threat.

The Year of the Health Care Industry Security Breach

The health care industry is increasingly being targeted by cybercriminals who are clamoring after personal health information and electronic records.

Infographic: The Top Four Cybercrime Trends Are…

A new infographic from IBM Emergency Response Services (ERS) details four of the top trends in cybersecurity — as well as some indicators of risk.

A Look Back With IBM X-Force: Lessons Learned From Security Research in 2015

The latest 2015 IBM X-Force Threat Intelligence Quarterly focuses on the lessons learned from security research throughout the year.

Cybercriminals Phish Their Way Into Customer Loyalty Programs

Loyalty programs can bring big rewards to customers, but they also may make organizations more appealing to cybercriminals looking to steal data.

Don’t Get Pantsed: Embrace a Culture of Cybersecurity With Greater Security Awareness

Every organization needs to evaluate their current cybersecurity culture and work to improve their employees' overall security awareness.

Blurred Lines: Researching the Ashley Madison Data

Ashley Madison's recent data dump provided security researchers with a treasure trove of information — but is looking into the breach completely legal?

Co-Written By Michelle Alvarez

Downward Trend in Publicly Available Exploit Code? Don’t Ease Up on Patch Management Just Yet

IBM X-Force reported a downward trend in publicly available exploit code, but security teams must still prioritize vulnerability and patch management.

Apache Struts 2: A Zero-Day Quick Draw

It took fraudsters less than 24 hours after the disclosure of a previously unknown Apache Struts 2 vulnerability to develop a Python script to exploit it.

Mirai IoT Botnet: Mining for Bitcoins?

Just in time for IoT Day, the Mirai botnet is launching attacks with a new trick up its sleeve: a built-in bitcoin mining component.