IBM addressed a shared memory vulnerability in its Db2 data management solutions that could lead to information disclosure. IBM fixed a shared memory vulnerability in its Db2 data management products that can be exploited by malicious local users to access sensitive data. The vulnerability, which is tracked as CVE-2020-4414, was discovered by researche

Last week on Malwarebytes Labs, we provided a zero-day guide for 2020 featuring recent attacks and advanced preventive techniques, and we learned how to cough in the face of scammers, offering security tips for the 2020 tax season. We also looked at a web skimmer hiding within EXIF metadata that was exfiltrating credit cards via image files. In the most r

Last week, a few major tech companies informed the public that they will not provide facial recognition software to law enforcement. These companies are concerned about the way in which their technology might be used. What happens when software that threatens our privacy falls into the hands of organization which we no longer trust? In general, being awar

Amazon, IBM and now Microsoft ban the sale of facial recognition technology to police departments and are urging for federal laws to regulate its use. Microsoft has joined Amazon and IBM in banning the sale of facial recognition technology to police departments, the tech giants are also urging for federal laws to regulate the use of these solutions. Mi

IBM has addressed two critical vulnerabilities in IBM WebSphere Application Server that could allow a remote attacker to execute arbitrary code. In April, a security researcher who goes online with the moniker ‘tint0’ discovered three serious deserialization issues affecting the IBM WebSphere Application Server. Two of the vulnerabilities (

The digital threat landscape is always changing. This year is an excellent (albeit extreme) example. With the help of Dimensional Research, Tripwire found out that 58% of IT security professionals were more concerned about the security of their employees’ home networks than they were before the outbreak of coronavirus 2019 (COVID-19). Slightly fewer percenta

A security researcher disclosed details of four zero-day flaws impacting an IBM security product after the IT giant refused to address them. The security researcher Pedro Ribeiro, Director of Research at Agile Information Security, has published details about four zero-day vulnerabilities affecting the IBM Data Risk Manager (IDRM) after the company refuse

As cyberthreats make headlines, companies across the globe are working hard to develop efficient IT infrastructures capable of protecting sensitive data and maintaining compliance with privacy regulations. Although it checks both of these boxes, many organizations have been hesitant to adopt encryption due to cost, operational impact, the complexity of key m

What have you learned during National Cybersecurity Awareness Month (NCSAM) that could help drive change in your organization? We’ve featured 22 tips so far, so there should be at least a few things for you to work on. Maybe your company needs to revamp its cybersecurity training or do a better job managing data. As with anything in life, there is alwa

To more closely align with the way clients think about security, IBM Security is focused on providing an open security immune system that enables organizations to integrate and leverage the investments they have already made within their specific industry. Experts Discuss the Benefits of an Industry-Focused Security Strategy We consulted six experts from the

Not one, not two, but six of the most recent analyst reports evaluating the major Identity and Access Management-as-a-Service (IDaaS) vendors positioned IBM Cloud Identity Service as an overall market leader in cloud-based identity and access management (IAM). The market is crowded with both startups and large IDaaS vendors, making this is a big win for IBM

On July 17, IBM unveiled its z14 mainframe server, which combines the traditional mainframe hardware with new capabilities in areas such as cloud, cognitive, analytics, application management, blockchain, machine learning and more. Most importantly, z14 includes enhanced security features — namely, pervasive encryption — to help clients stay one step ahead

Organizations today are battling three compounding challenges: complex cyberattacks that shift as they unfold, complicated technology environments and a fast-growing skills gap. As a result, technologies and processes that enable a dynamic, fast and orchestrated response are becoming vital. IBM Resilient has many enterprise deployments around the world spa

IBM X-Force Red marked its first-year anniversary with the addition of security specialists, including Space Rogue, who increases the team’s impressive roster of talent. Hello, my name is Space Rogue. Well, actually, it’s Cris Thomas, but the security community is most likely to recognize my work over the past two decades under my pseudonym. The

Earlier this year, I gave a talk at the RSA Conference about the privacy and security flaws in many of today’s connected cars. The response was nothing short of astounding. As it turns out, people get very nervous when you talk about finding and controlling their cars from a mobile phone. While I didn’t initially set out to find vulnerabilities i