February 19, 2016 By Doron Shiloach 2 min read

In the 1930s, the United States created the Social Security Administration to help fund a pension system for senior citizens with the aid of IBM’s punched card equipment and accounting and payroll data expertise. No one could have anticipated that the Social Security number created for each U.S. citizen would one day become a prime target for cybercriminals.

Some 80 years later in 2015, IBM Security brought about a new wave of social security, enabling collaborative defense to boost threat intelligence sharing with IBM X-Force Exchange. Recently, X-Force Exchange has introduced a number of capabilities that will further enhance users’ ability to be social and still gain better security.

Open Standards

The open standards STIX and TAXII are now implemented for observables and collections in X-Force Exchange. Public collections are now even more public and can be accessed without connecting to everybody on the Internet. There are a wealth of public collections on malware and other attack vectors created by our IBM X-Force researchers, indicated by a blue bar on the contributor avatar.

These and other public collections can be easily imported to a security intelligence platform to reduce the time to action by creating a rule to produce an alert when indicators present in the collection are found in the infrastructure being monitored. Conveniently, such new rule sets are now available from the IBM Security App Exchange, which is hosted on X-Force Exchange.

Download the white paper: Combat security attacks with global threat intelligence

Circles of Trust

The key to any collaboration is the element of trust. Without the ability to trust other participants in any collaborative defense arrangement, users will doubt the reliability of the information being provided.

As mentioned above, IBM X-Force researchers are now marked in the X-Force Exchange to call attention to trusted contributions. Analysis of current threats, malware and attack vectors are now available as information is updated by our researchers, who span not only the globe, but also a wide range of skills and experience.

To form your own circle of trust, you can create a private group to share sensitive information with only those other users you choose. These users could be within your own company, an industry consortium or even a selection of colleagues spanning your entire career. Within a group, you can share a private collection to collaborate on the investigations and the associated threat indicators relevant to your network or industry.

Notifications

As an investigation grows, the information in the collection that supports that investigation will naturally expand as more threat indicators are discovered and additional analysis of the threat is completed. With threat information being so dynamic, it is important for security analysts and other consumers to be updated as new information is discovered.

To that end, X-Force Exchange can now notify you as a collection is edited, whether it’s specific observables added to the collection, a new file attached, a new collection linked or changes made to the text description. With each of these, a notification email as well as a visual indication in the notification center alerts users, encouraging them to examine the collection to obtain the most up-to-date information.

A New Era of Collaborative Defense

Just as the original Social Security program will continue to evolve, so must the social and collaborative aspects of the modern security community. To take your part in the collaborative defense of the future, visit X-Force Exchange today.

Sign up for a free trial of the IBM X-Force Exchange

More from X-Force

CVE-2023-20078 technical analysis: Identifying and triggering a command injection vulnerability in Cisco IP phones

7 min read - CVE-2023-20078 catalogs an unauthenticated command injection vulnerability in the web-based management interface of Cisco 6800, 7800, and 8800 Series IP Phones with Multiplatform Firmware installed; however, limited technical analysis is publicly available. This article presents my findings while researching this vulnerability. In the end, the reader should be equipped with the information necessary to understand and trigger this vulnerability.Vulnerability detailsThe following Cisco Security Advisory (Cisco IP Phone 6800, 7800, and 8800 Series Web UI Vulnerabilities - Cisco) details CVE-2023-20078 and…

X-Force data reveals top spam trends, campaigns and senior superlatives in 2023

10 min read - The 2024 IBM X-Force Threat Intelligence Index revealed attackers continued to pivot to evade detection to deliver their malware in 2023. The good news? Security improvements, such as Microsoft blocking macro execution by default starting in 2022 and OneNote embedded files with potentially dangerous extensions by mid-2023, have changed the threat landscape for the better. Improved endpoint detection also likely forced attackers to shift away from other techniques prominent in 2022, such as using disk image files (e.g. ISO) and…

Widespread exploitation of recently disclosed Ivanti vulnerabilities

6 min read - IBM X-Force has assisted several organizations in responding to successful compromises involving the Ivanti appliance vulnerabilities disclosed in January 2024. Analysis of these incidents has identified several Ivanti file modifications that align with current public reporting. Additionally, IBM researchers have observed specific attack techniques involving the theft of authentication token data not readily noted in current public sources. The blog details the results of this research to assist organizations in protecting against these threats. Key Findings: IBM research teams have…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today