A recent IBM study revealed that many high-profile attacks against retail companies originate from vulnerabilities classified as low-hanging fruit.
Researchers detected an increase in Shellshock attacks — the second wave of activity since the malware celebrated its two-year anniversary in September.
As if to celebrate its two-year anniversary, Shellshock, one of the most infamous bugs of 2014, ramped up its activity in September.
Command injection attacks may not get a lot of hype, but they can be seriously damaging to an enterprise that isn't careful about its security.
To better prevent command injection attacks, developers need to learn how to think like a hacker and identify weak points in software.
The financial industry is plagued by a few main types of malware and cybercrime attacks, including Shellshock and denial-of-service attacks.
IBM found that malware was the biggest offender of data breaches throughout the retail industry this year, but it was hardly the only threat.
Open source projects have gotten a bad rap in security circles thanks to Heartbleed and other flaws, but an industry consortium may change that.
Security vulnerabilities have surprisingly long lifetimes, and organizations can use many methods to respond to and prevent infrastructure threats.
A session at IBM InterConnect will discuss the vulnerabilities that rocked the Internet in 2014, such as Heartbleed and Shellshock, and what may come next.