Vulnerabilities - Security Intelligence

Threat intelligence information sharing is just beginning and will see drastic change and increased adoption in the coming years. While regulations around this concept are still new, there are still some steps organizations can take to benefit now.

article

Threat Intelligence Sharing: The First Steps

Threat intelligence sharing is gaining acceptance and momentum in the security community. Here are a few suggestions to get started on the right foot.

April 27, 2015 | By Doron Shiloach

article

Cybersecurity information sharing is becoming increasingly important, since organizations can no longer afford to remain isolated against sophisticated threats. Standardizing threat information can be completed by using STIX, TAXII and CybOX.

article

How STIX, TAXII and CybOX Can Help With Standardizing Threat Information

As the security threat landscape evolves, organizations should consider using STIX, TAXII and CybOX to help with standardizing threat information.

March 26, 2015 | By Koen Van Impe

article

There are several methods organizations can utilize to respond to and prevent threats and vulnerabilities that threaten their infrastructure. However, when looking for vulnerabilities, does it help to have more people looking for code issues?

article

Discovering Vulnerabilities: Do More Eyes Find More Bugs?

Security vulnerabilities have surprisingly long lifetimes, and organizations can use many methods to respond to and prevent infrastructure threats.

February 25, 2015 | By Doug Franklin

article

Security professionals who want to learn more about Heartbleed, Shellshock and other vulnerabilities that rocked the security scene in 2014 should attend the IBM InterConnect session titled, "2014: The Year That the Internet Fell Apart."

article

2014: The Year That the Internet Fell Apart

A session at IBM InterConnect will discuss the vulnerabilities that rocked the Internet in 2014, such as Heartbleed and Shellshock, and what may come next.

February 23, 2015 | By Robert Freeman

article

As dating apps grow in popularity, organizations need to make sure their mobile security remains intact and that cybercriminals don't have access to sensitive corporate data because of their employees' use of dating apps to find that "special someone."

article

A Perfect Match: Uniting Mobile Security With Your Employees’ Use of Online Dating Apps

A new IBM report details potential vulnerabilities in many popular dating apps that could negatively affect your organization's mobile security.

February 11, 2015 | By Neil Jones

article

Though technical fixes can be implemented to combat some types of mobile threats, other types require user education and increased security awareness. These are highlighted by two recent cases involving Verizon and AT&T vulnerabilities.

article

Mobile Threats Underline Mobile Security Challenges

Recent mobile security vulnerabilities faced by Verizon and AT&T point to the scope and variety of mobile threats and how firms are responding to them.

February 10, 2015 | By Rick M Robinson

article

Vulnerabilities such as Heartbleed and Shellshock are the the new norm

article

Heartbleed and Shellshock: The New Norm in Vulnerabilities

Major vulnerabilities as the new norm. What can you do to protect your business against incidents like Shellshock and Heartbleed?

October 16, 2014 | By Martin McKeay

article

Coming on the heels of the well-known Heartbleed OpenSSL vulnerability, the Bash bug has been discovered. The potential extent of its impact is not yet known, though experts speculate that a worm to exploit the vulnerability will be created soon.

news

Shellshock: Where the Bash Bug Could Hit the Hardest

The Bash bug, a new vulnerability known as Shellshock, could have a sizable impact on an untold number of devices, according to security experts.

September 26, 2014 | By Shane Schick

news

Properly planned inventory systems are a vital part of an asset management strategy. When planning, ask yourself whether you have a risk assessment of the danger and whether you have compensating controls to limit or mitigate the dangers.

article

How to Improve Asset Management for Risk Assessment and Control

Asset management can be improved when responsibilities are shared and the inventory system is established, frequently updated and quickly actionable.

September 23, 2014 | By Peter Allor

article

The Internet of Things (IoT) presents plenty of privacy concerns due to its interconnected network. As the network grows, so does the group of hackers who are working to target it to steal sensitive user data from a variety of devices and platforms.

article

How the Internet of Things (IoT) Is Changing the Cybersecurity Landscape

Privacy is a significant concern in the Internet of Things. It is already changing the security landscape and exponentially expanding the attack surface.

September 17, 2014 | By Omner Barajas

article

Fraudsters Abuse Smartphone Google Calendar Feature to Push Through Scam Offers

Latest Mirai Malware Variant Contains 18 Exploits, Focuses on Embedded IoT Devices

Extortion Scam Threatens Website Owners With Reputational Damage

Attack Campaign Exploits CVE-2019-2725, Abuses Certificate Files to Deliver Monero Miner

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

IoMT Security: A Comprehensive Approach to Mitigate Risk and Secure Connected Devices

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Industrial Control Systems Security: To Test or Not to Test?

Observations of ITG07 Cyber Operations

Getting Quantum Ready and What This Means for Cryptography

HawkEye Malware Operators Renew Attacks on Business Users

GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation

Podcast: Lateral Movement: Combating High-Risk, Low-Noise Threats

Podcast: Travel Security: Why Data Safety Doesn’t Get a Day Off

Podcast: Lessons from a Gray Beard: Transitioning From the Military to Cybersecurity

Podcast: Foundations for a Winning Operational Technology (OT) Security Strategy

Webinar: Under the Radar: IBM QRadar Demo Series

Webinar: Appliance Networking Topics

Webinar: zSecure Real Time Feeds: Alert vs. Audit

Webinar: zSecure Real Time Feeds: Alert vs. Audit

Tag: Vulnerabilities

Threat Intelligence Sharing: The First Steps

How STIX, TAXII and CybOX Can Help With Standardizing Threat Information

Discovering Vulnerabilities: Do More Eyes Find More Bugs?

2014: The Year That the Internet Fell Apart

A Perfect Match: Uniting Mobile Security With Your Employees’ Use of Online Dating Apps

Mobile Threats Underline Mobile Security Challenges

Heartbleed and Shellshock: The New Norm in Vulnerabilities

Shellshock: Where the Bash Bug Could Hit the Hardest

How to Improve Asset Management for Risk Assessment and Control

How the Internet of Things (IoT) Is Changing the Cybersecurity Landscape