42 Posts

Michelle Alvarez

Threat Researcher and Editor, IBM Managed Security Services

Michelle Alvarez is a Threat Researcher and Editor for IBM's Managed Security Services; she brings more than 10 years of industry experience to her role. In this role she focuses communications efforts around threat research and mitigation. Michelle joined IBM through the Internet Security Services (ISS) acquisition, where she served as an Analyst on the X-Force Vulnerability Database Team.

Written By Michelle Alvarez

DDoS Extortion: Ransomware’s Older Cousin

Though ransomware has been received a lot of press, extortion by threat of distributed denial-of-service (DDoS) attack is still very real — and dangerous.

Ransomware: The Enterprise’s Boogeyman

Ransomware is a growing problem in today's threat landscape, but organizations can prepare for and prevent this type of malware from becoming an issue.

IBM X-Force Research: Battling Security Threats From Within

Imagine a scenario: In a single day, a disgruntled employee downloads sensitive or confidential company documents, announces his or her resignation, and gives the inside scoop to a journalist friend. The revelations hit the headlines, and the...

Uptick in Wire Transfer Scam: I BEC Your Pardon?

A global wire transfer scam expertly targets businesses and their email accounts. How can your enterprise protect against this type of fraudulent event?

Got Linux? BillGates Botnet Activity on the Rise

While it may be just one form of malware currently plaguing Linux systems, the BillGates botnet has recently increased its activity.

Study: Basic Needs Critical Infrastructure Sectors Account for 8 Percent of All Incidents in 2014

According to a recently released IBM study, the basic needs critical infrastructure sectors accounted for 8 percent of all security incidents in 2014.

Pressing Your Luck With WordPress? A Look at CMS Security Risks

A new paper from IBM discusses the security of content management systems (CMS) such as WordPress and how attackers are targeting them.

The Deep Web: What’s Lurking in the Underbelly of the Internet?

Organizations should be aware of how the Deep Web works in order to make sure employees aren't accessing it and sensitive information isn't on it.

Vulnerabilities Detected in Employee-Installed Dating Applications

Mobile Dating Apps Can Place Confidential Information at Risk As more people utilize mobile dating applications to find companionship, the apps have become increasingly attractive to potential attackers. This study explores mobile security...

Identifying the Insider Threat: The Benign and the Malignant

Whether a disgruntled employee intentionally steals data or an unknowing co-worker accidentally releases information, the insider threat is real.

Co-Written By Michelle Alvarez

Downward Trend in Publicly Available Exploit Code? Don’t Ease Up on Patch Management Just Yet

IBM X-Force reported a downward trend in publicly available exploit code, but security teams must still prioritize vulnerability and patch management.

Apache Struts 2: A Zero-Day Quick Draw

It took fraudsters less than 24 hours after the disclosure of a previously unknown Apache Struts 2 vulnerability to develop a Python script to exploit it.

Mirai IoT Botnet: Mining for Bitcoins?

Just in time for IoT Day, the Mirai botnet is launching attacks with a new trick up its sleeve: a built-in bitcoin mining component.