X-Force July 8, 2016 The Webshell Game Continues 5 min read - IBM X-Force researchers have noted a dramatic increase in the use of malicious webshell attacks throughout the first half of 2016.
X-Force July 5, 2016 BadTunnel: Bad News? 3 min read - The recently discovered BadTunnel could mean bad news for Microsoft Windows users — that is, unless they move to patch their systems immediately.
May 2, 2016 Windows ‘God Mode’ May Be the Answer to Malware’s Prayers 2 min read - The attackers behind the Dynamer malware may have pinpointed a way to exploit Windows God Mode in order to create a persistent threat.
Software Vulnerabilities April 28, 2016 Understanding EdgeHTML’s Attack Surface and Exploit Mitigations 5 min read - EdgeHTML's large attack surface can be daunting for users. Learn more about possible attacks as well as exploit mitigations that enhance security.
April 26, 2016 Security Researcher Bypasses Windows AppLocker 2 min read - Security researcher Casey Smith explained how he was able to bypass Windows AppLocker, one of the primary tools that enforces security in Windows.
Endpoint April 26, 2016 SS7 Vulnerability Isn’t a Flaw — It Was Designed That Way 2 min read - The SS7 vulnerability may have recently made headlines, but the flaw itself has actually been around for decades and is integral to the user experience.
Threat Intelligence April 14, 2016 Got WordPress? PHP C99 Webshell Attacks Increasing 5 min read - IBM MSS X-Force researchers found that C99 webshell attacks are increasing, particularly against content management systems such as WordPress.
Mainframe April 5, 2016 Considerations for Patching the Cisco ASA Vulnerability 3 min read - The Cisco ASA IKE buffer overflow is a critical vulnerability and requires a proactive response. Let's look at possible Cisco ASA remediation actions.
March 28, 2016 Samba, a SMB Protocol, to Be Patched April 12 2 min read - SerNet recently revealed that it will work with Microsoft to fix the SMB protocol SAMBA's vulnerability with a patch deployed in April.
March 23, 2016 Symantec Endpoint Protection Hosed by Three Severe Vulnerabilities 2 min read - An endpoint protection solution from Symantec was recently found to have three severe vulnerabilities that could leave users vulnerable to cyberattacks.