I had the pleasure of attending the IBM InterConnect conference in February, and my colleagues like to make fun of the fact that I plan my hotel stay so I strategically walk by a certain chocolate megastore on the Vegas Strip on my way to the conference. My passion for highlighting the great security research from IBM X-Force rivals my love of the combination of chocolate and peanut butter, so it’s a bonus I get to combine the two things at the InterConnect conference.

In 2015, we started integrating security research publications across the IBM Security division under the IBM X-Force name. After all, for over 20 years, the X-Force brand has stood for expert analysis and threat intelligence to educate and better protect clients. It’s with excitement that we are offering a two-part webinar series to highlight the latest trend research being published.

A New IBM X-Force Series

The upcoming “2015 Security by the Numbers: Trends and Insights From IBM X-Force” series will, at a macro level, discuss the recently released “2016 IBM X-Force Threat Intelligence Report,” highlighting trends on cybercrime, emerging attack types and how breaches of durable personally identifiable information (PII) are offering attackers inroads to corporate networks.

Later in the month, we invite you to take a deep dive on the 2016 IBM X-Force Cyber Security Intelligence Index, which examines the major threats that IBM’s own Security Services clients faced in 2015. This will help you better understand the current threat landscape by offering a detailed look at the volume of attacks, the industries most affected, the most prevalent types of attacks and attackers and the key factors enabling them.

Two Great Tastes that Taste Great Together

In both webinars, experts within IBM X-Force share their insights and recommendations on how to best protect your network and valuable digital assets. While financial gain is still a significant motivator for cybercriminals, it’s by no means the only one, as we see in both the macro industry trends and within our own client base.

Last year’s attackers branched out in a big way, inflicting physical damage and pilfering intellectual property and sensitive personal data, which they can, in turn, use to further infiltrate even bigger financial targets through social engineering.

Having these two publications under the IBM X-Force brand brings two great things together: the macro and micro look at the latest trends and the details on how they are affecting companies like yours.

Register for the IBM X-Force Webinar series

More from X-Force

“Authorized” to break in: Adversaries use valid credentials to compromise cloud environments

4 min read - Overprivileged plaintext credentials left on display in 33% of X-Force adversary simulations Adversaries are constantly seeking to improve their productivity margins, but new data from IBM X-Force suggests they aren’t exclusively leaning on sophistication to do so. Simple yet reliable tactics that offer ease of use and often direct access to privileged environments are still heavily relied upon. Today X-Force released the 2023 Cloud Threat Landscape Report, detailing common trends and top threats observed against cloud environments over the past…

Email campaigns leverage updated DBatLoader to deliver RATs, stealers

11 min read - IBM X-Force has identified new capabilities in DBatLoader malware samples delivered in recent email campaigns, signaling a heightened risk of infection from commodity malware families associated with DBatLoader activity. X-Force has observed nearly two dozen email campaigns since late June leveraging the updated DBatLoader loader to deliver payloads such as Remcos, Warzone, Formbook, and AgentTesla. DBatLoader malware has been used since 2020 by cybercriminals to install commodity malware remote access Trojans (RATs) and infostealers, primarily via malicious spam (malspam). DBatLoader…

New Hive0117 phishing campaign imitates conscription summons to deliver DarkWatchman malware

8 min read - IBM X-Force uncovered a new phishing campaign likely conducted by Hive0117 delivering the fileless malware DarkWatchman, directed at individuals associated with major energy, finance, transport, and software security industries based in Russia, Kazakhstan, Latvia, and Estonia. DarkWatchman malware is capable of keylogging, collecting system information, and deploying secondary payloads. Imitating official correspondence from the Russian government in phishing emails aligns with previous Hive0117 campaigns delivering DarkWatchman malware, and shows a possible significant effort to induce a sense of urgency as…

X-Force releases detection & response framework for managed file transfer software

5 min read - How AI can help defenders scale detection guidance for enterprise software tools If we look back at mass exploitation events that shook the security industry like Log4j, Atlassian, and Microsoft Exchange when these solutions were actively being exploited by attackers, the exploits may have been associated with a different CVE, but the detection and response guidance being released by the various security vendors had many similarities (e.g., Log4shell vs. Log4j2 vs. MOVEit vs. Spring4Shell vs. Microsoft Exchange vs. ProxyShell vs.…