X-Force August 2, 2016 X-Force Red Gets Serious About Penetration Testing 2 min read - X-Force Red offers vulnerability analytics backed by the experience of hundreds of thousands of the world's best technologists.
X-Force August 1, 2016 Point-of-Sale Hazards: Skimming the Surface of Global Sporting Events 4 min read - Travelers around the globe are at high risk of robbery. While payment cards can be much simpler than cash, point-of-sale hazards pose a significant threat.
Threat Intelligence August 1, 2016 Re-examining the IBM X-Force Exchange API 6 min read - The X-Force Exchange API has undergone two significant changes since it went public in April 2015: Anonymous access disappeared and rate limits appeared.
Software Vulnerabilities July 29, 2016 Read From PDF, Write to Edge’s Memory (CVE-2016-0117) 3 min read - CVE-2016-0117 can be exploited to perform an arbitrary write to Edge's content process memory, a critical element for remote code execution.
X-Force July 27, 2016 Exploring Operating Systems for the Internet of Things 2 min read - As the Internet of Things becomes more prevalent, the demand for the technologies needed to manage and secure devices becomes greater.
X-Force July 13, 2016 Hacking the Connected Building: Real-Life ‘Mr. Robot’ 2 min read - The second season of "Mr. Robot" could focus on IoT and hacking a connected building, just like the IBM X-Force team was able to do in real life.
Advanced Threats July 12, 2016 Two Heads Are Better Than One: Going Under the Hood to Analyze GozNym 8 min read - IBM X-Force researchers recognized that the GozNym banking malware leverages features from two types of malware to make it double the threat.
Malware July 8, 2016 GootKit: Bobbing and Weaving to Avoid Prying Eyes 7 min read - IBM X-Force researchers recently studied the GootKit banking Trojan — and the many ways it effectively evades detection and maintains persistence.
X-Force July 8, 2016 The Webshell Game Continues 5 min read - IBM X-Force researchers have noted a dramatic increase in the use of malicious webshell attacks throughout the first half of 2016.
Intelligence & Analytics June 28, 2016 Security Glue: How Threat Intelligence Binds Security Providers and Partners 2 min read - Threat intelligence is the glue that holds security together. It helps create a picture of the most serious threats facing any organization.