Patch Management - Security Intelligence

Man using a laptop in public that is vulnerable to the WinRAR bug

news

Researchers Uncover Highly Exploitable WinRAR Bug That Puts 500 Million Users at Risk

More than 100 unique exploits of a WinRAR bug have been identified since security researchers discovered a 19-year-old vulnerability in the file compression system.

March 19, 2019 | By Shane Schick

news

IT professionals using vulnerability management software.

article

How Patch Posture Reporting Improves Security Landscapes

If your vulnerability management tools do not report on your company's patch posture, you may be missing crucial holes in your software that are ripe for exploitation.

March 15, 2019 | By I-Lung Kao

article

Security professional working to protect his organization from the SLUB backdoor.

news

SLUB Backdoor Receives Commands From GitHub and Communicates Through Slack

Security researchers have discovered that the new SLUB backdoor is receiving attack commands from GitHub and relying on Slack for communicating with its attackers.

March 12, 2019 | By David Bisson

news

Security professionals collaborating on vulnerability management.

article

Comprehensive Vulnerability Management in Connected Security Solutions

To stay ahead of attackers, organizations should consider vulnerability management solutions that integrate with SIEM tools, network and threat modeling capabilities, and patch management systems.

March 7, 2019 | By Thibault Barillon

article

Man using laptop for online banking targeted with fileless malware

news

Fileless Malware Targeting Brazilian and Thai Bank Customers With Multiple Threats

Security researchers discovered a new fileless malware strain targeting bank customers in Brazil and Thailand with a hack tool and at least two infostealers.

March 6, 2019 | By David Bisson

news

Woman using a web browser targeted with banking malware

news

Attack Campaign Using Fake Browser Updates to Deliver Ransomware and Banking Malware

Researchers observed an attack campaign distributing fake browser updates to infect website visitors with ransomware and banking malware.

March 6, 2019 | By David Bisson

news

Security professionals discussing cybersecurity practices in the office

article

Spring Cleaning for CISOs: Replace These 3 Bad Habits With Better Cybersecurity Practices

Spring is just around the corner, which means it's time for CISOs to evaluate their security strategy, eliminate processes that aren't working, and adopt new cybersecurity practices and technologies.

March 5, 2019 | By Douglas Bonderud

article

Woman interfacing with a visitor management system on a screen in an airport: vulnerabilities

article

Stranger Danger: X-Force Red Finds 19 Vulnerabilities in Visitor Management Systems

Two X-Force Red interns discovered 19 previously undisclosed vulnerabilities across five popular visitor management systems that could enable attackers to establish a foothold on corporate networks.

March 4, 2019 | By Daniel Crowley

article

Man making an online purchase on laptop infected with Golang brute-forcer

news

New Golang Brute-Forcer Targeting E-Commerce Sites to Steal Personal and Payment Data

Researchers discovered new Trojan malware written in Golang that's targeting e-commerce websites with brute-force attacks.

February 27, 2019 | By David Bisson

news

Woman using computer infected with Shade ransomware

news

Threat Actors Impersonate Oil and Gas Companies in Latest Shade Ransomware Attack

Digital criminals tried to impersonate oil and gas companies in a recent attack campaign distributing Shade ransomware.

February 20, 2019 | By David Bisson

news

GlitchPOS Creator Offers Instructional Video to Make Deploying POS Malware Easier

New Mirai Variant Targets Business Presentation and Display Devices

Brute-Force Attack Wave Uses Legacy Protocols, Credential Dumps to Compromise Cloud Accounts

Threat Actors Use Fake Copyright Infringement Notifications in Instagram Hacking Campaign

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

Security Considerations for Whatever Cloud Service Model You Adopt

At RSAC 2019, It’s Clear the World Needs More Public Interest Technologists

To Improve Critical Infrastructure Security, Bring IT and OT Together

5 Characteristics of an Effective Incident Response Team: Lessons From the Front Line

The Business of Organized Cybercrime: Rising Intergang Collaboration in 2018

Spectre, Meltdown and More: What You Need to Know About Hardware Vulnerabilities

Stranger Danger: X-Force Red Finds 19 Vulnerabilities in Visitor Management Systems

Podcast: Digital Identity Trust, Part 3 — Powering Digital Growth With Digital Identity Trust

Podcast: Monitoring National Cybersecurity Trends With Former NSA Deputy Director Bill Crowell

X-Force Red in Action: Spotlight on Password Security With Dustin ‘Evil Mog’ Heywood

Podcast: Demystifying the Role of AI in Cybersecurity

Webinar: A Treatment Plan for UEM in Healthcare

Webinar: Cloud IAM: Your Key to Digital Transformation

Webinar: Under the Radar: March Live Webinar and Demo

Cyberattacks and the Airline Industry: The Strategic Threat Landscape

Tag: Patch Management

Researchers Uncover Highly Exploitable WinRAR Bug That Puts 500 Million Users at Risk

How Patch Posture Reporting Improves Security Landscapes

SLUB Backdoor Receives Commands From GitHub and Communicates Through Slack

Comprehensive Vulnerability Management in Connected Security Solutions

Fileless Malware Targeting Brazilian and Thai Bank Customers With Multiple Threats

Attack Campaign Using Fake Browser Updates to Deliver Ransomware and Banking Malware

Spring Cleaning for CISOs: Replace These 3 Bad Habits With Better Cybersecurity Practices

Stranger Danger: X-Force Red Finds 19 Vulnerabilities in Visitor Management Systems

New Golang Brute-Forcer Targeting E-Commerce Sites to Steal Personal and Payment Data

Threat Actors Impersonate Oil and Gas Companies in Latest Shade Ransomware Attack