Software Vulnerabilities January 29, 2015 Ghost in the Machine: Linux Zero-Day Vulnerability Opens Door for Attack 3 min read - A Linux zero-day vulnerability, dubbed "Ghost," was recently discovered. It lets malicious code execute on servers that use the glibc functionality.
X-Force January 9, 2015 On the Passing of Michael Hamelin 2 min read - IBM would like to honor Michael Hamelin, a former X-Force employee who was tragically killed in an automobile accident in December 2014.
Software Vulnerabilities December 8, 2014 CVE-2014-0195: Adventures in OpenSSL’s DTLS Fragmented Land 7 min read - Here is a look at the remote code execution bug in OpenSSL's DTLS, how it works and the different ways cybercriminals might leverage it for exploitation.
Application Security December 4, 2014 SpoofedMe Social Login Attack Discovered by IBM X-Force Researchers 7 min read - IBM X-Force has found a social login attack that lets attackers intrude in many websites' local accounts and has alerted those affected by it.
Application Security December 1, 2014 IoT and App Dev Security: Where Are We Now? 4 min read - As organizations continue to utilize the Internet of Things (IoT), they need to keep app security in mind to keep their enterprises safe from attacks.
X-Force November 24, 2014 IBM X-Force Still Ahead of the Threat 86,000 Vulnerabilities Later 2 min read - IBM X-Force has evolved to meet the needs of the changing security market, developing ahead-of-the-threat protection strategies and educating clients.
November 18, 2014 US Tops List of Countries Hosting Malware and Botnets 3 min read - The United States continues to host more malware and botnets than Russia, China and any other country, according to a recent X-Force report.
X-Force November 17, 2014 IoT: Will Ubiquitous Connectivity Mean Less Security? 3 min read - The fourth edition of the 2014 IBM X-Force Threat Intelligence Quarterly focuses on security threats that could arise from the Internet of Things (IoT).
X-Force November 11, 2014 IBM X-Force Researcher Finds Significant Vulnerability in Microsoft Windows 6 min read - The IBM X-Force Research team has identified a significant vulnerability (CVE-2014-6332) in every version of Microsoft Internet Explorer since 3.0.
X-Force September 26, 2014 Bash Shellshock Exploits Could’ve Been Avoided 7 Years Ago. What To Do Today! 4 min read - The Bash Shellshock bug could be worse than the Heartbleed vulnerability, but it could've been avoided 7 years ago with Protocol Analysis.