X-Force Archives - Cyber Security Minute

2021 X-Force Threat Intelligence Index Reveals Peril From Linux Malware, Spoofed Brands and COVID-19 Targeting

Issued by: Security Intelligence

From the front lines of incident response engagements to managed security services, IBM Security X-Force observes attack trends firsthand, yielding insights into the cyber threat landscape. Every year, X-Force collates billions of data points to assess cybersecurity threats to our customers. This report — the X-Force Threat Intelligence Index 2021 — represents our latest edition…

Vulnerabilities

Why Fixing Security Vulnerabilities Is Not That Simple

Issued by: Security Intelligence

It sounds simple: A scanner identifies a vulnerability, the vulnerability is patched. What happens in between, however, can be far from simple. Yet if you are not on a security team or, more specifically, a vulnerability management team, you would never know the bumpy, winding road that often stretches between scanning and patching. The Patch…

Vulnerabilities

The Inconvenient Truth About Your Eight-Character Password

Issued by: Security Intelligence

October is National Cyber Security Awareness Month (NCSAM), which means it’s time to talk about passwords for the umpteenth time. Why beat this dead horse again? Because just about everyone still uses passwords, and even the most recent password security recommendations do not make them any stronger. This year, the recommendation was eight characters —…

Malware & Threats

10 Ways to Fight Advanced Malware With Threat Intelligence Sharing

Issued by: Security Intelligence

Last month, we celebrated the two-year anniversary of the IBM X-Force Exchange (XFE). During that week, the threat intelligence sharing platform reached a record spike in traffic as users flocked to the site to stay up to date on the recently exposed WannaCry ransomware.

Network Security

Enticing Clicks With Spam

Issued by: Security Intelligence

Among the key findings from the upcoming IBM X-Force Threat Intelligence Index for 2017, available March 29, is the ongoing use of spam as an entry vector for attackers. While targeted attacks make headlines, the prevalence of spam traffic means that a variety of attackers are still finding success in this scattershot method to gain…

Vulnerabilities

Android Vulnerabilities: Attacking Nexus 6 and 6P Custom Boot Modes

Issued by: Security Intelligence

In recent months, the X-Force Application Security Research Team has discovered several previously undisclosed Android vulnerabilities. The November 2016 and January 2017 Android Security Bulletins included patches to one high-severity vulnerability, CVE-2016-8467, in Nexus 6 and 6P. Our new paper, “Attacking Nexus 6 & 6P Custom Bootmodes,” discusses this vulnerability as well as CVE-2016-6678.

Vulnerabilities

Attackers Targeting Retail Are Shopping for Low-Hanging Fruit

Issued by: Security Intelligence

The end of the year is often a time of reflection. What went wrong? What went right? If you’re a retailer that experienced a security breach in 2016, you’re likely reflecting on what went wrong and seeking to identify the gaps in your security landscape. Why? Because breaches are costly. In fact, the Ponemon Institute’s…

Network Security

Secure By Design: Antidote for Dynamic Cyberthreats

Issued by: Security Intelligence

There was an interesting twist to the recent distributed denial-of-service (DDoS) attack against domain name provider Dyn that plunged huge areas of North America and Europe into internet darkness. The perpetrators didn’t directly attack the servers of their ultimate target. Instead, they compromised 100,000 small, interconnected devices with weak default passwords, building an enormous botnet…

Malware & Threats

Ransomware Report: Top Security Threat Expected to Continue Rising in 2017

Issued by: Security Intelligence

Digital extortion by means of ransomware or a systems breach was one of the most prominent threats to consumers and businesses in 2016. It seems IBM Security’s prediction materialized quite excessively this past year. Ransomware is a generic name for a family of computer bugs programmed to lock up endpoints, such as PCs, servers or…

Network Security, Vulnerabilities

Mirai Evolving: New Attack Reveals Use of Port 7547

Issued by: Security Intelligence

When the source code for the Mirai botnet was made public in late September, a top concern was that bad actors might modify the code to increase the number of Internet of Things (IoT) devices they can compromise. It seems these fears have been realized. A few weeks ago, Reverse Engineering Blog disclosed a vulnerability…