Software Vulnerabilities November 18, 2020

IBM Works With Cisco to Exorcise Ghosts From Webex Meetings

8 min read - COVID-19 has changed the way many people work, as organizations have shifted to remote work to slow the spread. In early May, more than 100 million Americans were working from home, creating an increased need for remote collaboration tools like…

Risk Management November 4, 2019

Security Supply and Demand: An Economic Approach to Cybersecurity Risk Management

4 min read - Effective cybersecurity risk management boosts infosec supply and reduces cost demands, but it isn't a purely technological venture. Here's how economic theory can help reduce total risk.

Software Vulnerabilities October 1, 2019

Why Fixing Security Vulnerabilities Is Not That Simple

6 min read - When it comes to patching, the devil is in the details. Help the process along by understanding these five issues organizations commonly face between scanning and finding security vulnerabilities.

Software Vulnerabilities May 1, 2019

Penetration Testing Versus Red Teaming: Clearing the Confusion

6 min read - There is some confusion in cybersecurity as to the difference between penetration testing and red teaming. Since all businesses have vastly different security needs, the distinction is critical.

Data Protection March 22, 2019

Vulnerability Assessments Versus Penetration Tests: A Common Misconception

6 min read - Vendors, cybersecurity professionals and marketing teams often use the terms "penetration testing" and "vulnerability assessment" interchangeably, mixing two completely different security engagements.

Endpoint March 15, 2019

How Patch Posture Reporting Improves Security Landscapes

6 min read - If your vulnerability management tools do not report on your company's patch posture, you may be missing crucial holes in your software that are ripe for exploitation.

Incident Response December 17, 2018

Is It Time to Start a PSIRT? Why Your CSIRT May Not Be Enough

5 min read - Your CSIRT protects your organizational network, but who secures your products? It may be time you started a PSIRT at your company.

December 6, 2018

Taking Action to Secure Our IBM Cloud Kubernetes Service Against Recent Kubernetes Security Vulnerabilities

2 min read - IBM Cloud Kubernetes Service is affected by recent vulnerabilities that could allow unauthorized access to Kubernetes and/or trusted user privilege escalation. Here's how to mitigate the risk.

Software Vulnerabilities October 10, 2018

Threat Actors Prey on Drupalgeddon Vulnerability to Mass-Compromise Websites and Underlying Servers

4 min read - X-Force observed attackers using known Drupal vulnerabilities, including Drupalgeddon, to target websites and the underlying infrastructure that hosts them, leveraging Shellbot to open backdoors.

October 8, 2018

Researchers Find 18 Security Vulnerabilities in Foxit PDF Reader

2 min read - A free browser plugin for creating, editing and viewing PDF files contains 18 security vulnerabilities that could expose users to remote code execution.