Software Vulnerabilities August 9, 2022

Controlling the Source: Abusing Source Code Management Systems

13 min read - For full details on this research, see the X-Force Red whitepaper “Controlling the Source: Abusing Source Code Management Systems”. This material is also being presented at Black Hat USA 2022. Source Code Management (SCM) systems play a vital role within…

Advanced Threats August 2, 2022

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

4 min read - You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why…

Mobile Security August 4, 2021

ITG18: Operational Security Errors Continue to Plague Sizable Iranian Threat Group

5 min read - This blog supplements a Black Hat USA 2021 talk given August 2021.  IBM Security X-Force threat intelligence researchers continue to track the infrastructure and activity of a suspected Iranian threat group ITG18. This group’s tactics, techniques and procedures(TTPs) overlap with…

CISO December 16, 2019

15 Can’t-Miss Cybersecurity Conferences in 2020: Physical and Virtual Industry Events

6 min read - Improve your ongoing education plan for next year by committing to attend some of the best cybersecurity conferences in 2020, including RSAC, BSides, THINK, Black Hat and more.

News August 16, 2019

7 Can’t-Miss Cybersecurity Lessons From Black Hat USA and Vegas Security Week

5 min read - Black Hat USA and DEF CON revealed some shocking developments in IoT and biometric security, providing important cybersecurity lessons for enterprise security professionals.

CISO July 24, 2019

5 IoT Security Conferences You Don’t Want to Miss

3 min read - If you're a CISO, you should consider attending an IoT security conference to learn from the leaders in the field about how to integrate IoT security into your threat management program.

Artificial Intelligence August 9, 2018

How to Outsmart the Smart City

5 min read - Researchers from Threatcare and IBM X-Force Red joined forces to test several smart city devices, with the goal of investigating "supervillain-level" attacks. Here's what the teams found.

Intelligence & Analytics July 30, 2018

How to Get the Most Out of DEF CON and Black Hat 2018

3 min read - Whether you're most interested in smart city security, vulnerability management or an epic game of CTF, we'll help you get the most out of your time in Las Vegas this week.

CISO December 19, 2017

Mark Your Calendar for the Top Security Conferences of 2018

3 min read - Security conferences offer IT professionals and enthusiasts an opportunity to network with peers, learn from experts and browse emerging technologies.

August 22, 2017

Is Antivirus Protection Still Relevant?

2 min read - A survey of Black Hat attendees showed that many security experts doubt the ability of antivirus protection products to detect ransomware.