It’s been nearly six months since the WannaCry ransomware stole global headlines and thousands of security practitioners flocked to threat intelligence feeds to help streamline their investigations. While the security community has learned many valuable lessons from the attack, it’s impossible to say that a strike of this magnitude won’t ha

On Tuesday morning, Oct. 24, 2017, organizations in Russia and Ukraine reported being hit with a ransomware outbreak that paralyzed their operations. Sporadic cases were also recorded in Turkey, Germany, Bulgaria and Japan, according to reports from different sources. The malware, self-titled Bad Rabbit, is a ransomware code designed to encrypt and lock file

How often have you heard a co-worker say that he or she had to put out a fire? Depending on your job role, you may have anywhere from one to more than a dozen so-called fires weekly. A zero-day vulnerability is an example of a work-related fire that a security operations analyst might have to extinguish. Enterprises should be prepared to handle zero-day fir

One of the most disturbing security trends over the last few years has been the rise of the meta attack. The scope of this type of attack is far larger and wider than a threat designed to achieve a specific goal. These advanced cyberattacks are so significant, in fact, that they could sink an entire organization if it doesn’t take the time to install l

As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making breaches, it’s becoming clear that the greatest risks to an organization might come down to a simple

Since we last reported on a version of the ELF Linux/Mirai malware containing cryptocurrency coin-mining tools in April, the IBM X-Force has noticed a steep increase in the volume of coin central processing unit (CPU) mining tools used in cyberattacks, specifically those targeting enterprise networks. According to IBM Managed Security Services (MSS) data,

The IBM X-Force Vulnerability Database (XFDB), which holds over 100,000 publicly disclosed vulnerabilities, is chock-full of insights concerning the cybersecurity threat landscape. Much of the data is publicly available directly on the IBM X-Force Exchange platform and can be accessed by users anytime. In reviewing the database on an ongoing basis, the IBM

In January 2017, IBM X-Force research reported the development of a new remote-access malware code targeting Brazilian banks. The malware, dubbed Client Maximus, was observed in ongoing campaigns and continues to target online banking users in the country. The development of Client Maximus, which is believed to be commercially available in Brazilian fraud an

There is an increased focus on cybersecurity among governments and energy and utilities organizations worldwide, and for good reason. Attacks on critical infrastructure such as fuel, electricity and drinking water carry the potential for damage far beyond their economic impact. As demonstrated by incidents such as the notorious shutdown of several Iranian nu

IBM X-Force Kassel is a research team that operates massive spam honeypots and monitoring, gleaning data from billions of unsolicited emails every year. With such large amounts of spam coming in, we can more easily map trends. We looked at one recently when analyzing the spammer’s workweek. Our goal in this analysis was to delve into six months of data

Co-authored by Steve Stone After finalizing initial analysis, IBM X-Force Incident Response and Intelligence Services (IRIS) concluded that the Petya variant attacks that started on Tuesday, June 27, were intended as destructive attacks against Ukraine, rather than a means for cybercriminals to make money from ransom payouts. In other words, this attack was

Early on Tuesday, June 27, reports began to circulate that organizations in the Ukraine and elsewhere in Europe were suffering ransomware attacks. It quickly became clear that this Petya attack could equal or surpass the May WannaCry attack. WannaCry’s spread was so successful because it was powered by a flaw in Windows, and although Microsoft had rele

This week, we will experience the longest day of the year: June 21. For IT professionals, more daylight means more time to handle tasks on the back burner, start new projects or even — gasp — take a step back from the cybersecurity front lines. Here’s a look at some top contenders for security tasks worth tackling this summer solstice. Address New Thre

Last month, we celebrated the two-year anniversary of the IBM X-Force Exchange (XFE). During that week, the threat intelligence sharing platform reached a record spike in traffic as users flocked to the site to stay up to date on the recently exposed WannaCry ransomware. 10 Threat Intelligence Sharing Tips to Fight Cybercrime As the X-Force team populated th

The manufacturing industry — including, but not limited to, automotive, electronics, food and beverage, textile and pharmaceutical companies — was the third most attacked sector in 2016, according to the 2017 IBM X-Force Threat Intelligence Index. In fact, the number of security incidents, which are attacks or security events reviewed by IBM security analyst