X-Force March 16, 2015 Are Cracks in the Digital Foundation of the Internet Crumbling the Core? 4 min read - Today, IBM released the first 2015 X-Force Threat Intelligence Quarterly, along with the announcement of the X-Force Interactive Security Incident website.
Software Vulnerabilities March 11, 2015 DroppedIn: Remotely Exploitable Vulnerability in the Dropbox SDK for Android 8 min read - IBM X-Force has discovered a vulnerability in Dropbox SDK for Android that lets attackers connect mobile apps to Dropbox accounts that they control.
Advanced Threats March 10, 2015 Understanding Regin’s Plugin Framework: Part 2 7 min read - In the second part of this two-part series, IBM's Mark Yason discusses in more depth the Regin plugin framework hosted in the dispatcher module.
Advanced Threats February 10, 2015 Reviving the Regin Dispatcher Module: Part 1 6 min read - After reviving the Regin dispatcher module, Mark Yason ended up with a malware sample that was suitable for both static and dynamic analysis.
Mainframe February 3, 2015 Infrastructure Protection for the Threats of Today and Tomorrow 3 min read - The Infrastructure Protection track at InterConnect will feature insights from the IBM X-Force Research and Development team and customer success stories.
Software Vulnerabilities January 29, 2015 Ghost in the Machine: Linux Zero-Day Vulnerability Opens Door for Attack 3 min read - A Linux zero-day vulnerability, dubbed "Ghost," was recently discovered. It lets malicious code execute on servers that use the glibc functionality.
X-Force January 9, 2015 On the Passing of Michael Hamelin 2 min read - IBM would like to honor Michael Hamelin, a former X-Force employee who was tragically killed in an automobile accident in December 2014.
Software Vulnerabilities December 8, 2014 CVE-2014-0195: Adventures in OpenSSL’s DTLS Fragmented Land 7 min read - Here is a look at the remote code execution bug in OpenSSL's DTLS, how it works and the different ways cybercriminals might leverage it for exploitation.
Application Security December 4, 2014 SpoofedMe Social Login Attack Discovered by IBM X-Force Researchers 7 min read - IBM X-Force has found a social login attack that lets attackers intrude in many websites' local accounts and has alerted those affected by it.
Application Security December 1, 2014 IoT and App Dev Security: Where Are We Now? 4 min read - As organizations continue to utilize the Internet of Things (IoT), they need to keep app security in mind to keep their enterprises safe from attacks.