Collaborate Disseminate
X-Force Red believes vulnerabilities should be ranked based on the importance of the exposed asset and whether the vulnerability is being weaponized by criminals, not necessarily its CVSS score.
The post Calling Into Question the CVSS appeared first on Security Intelligence.
When used as part of the software development process, machine learning can help identify vulnerabilities before threat actors have a chance to exploit them.
The post Machine Learning Will Transform How We Detect Software Vulnerabilities appeared first on Security Intelligence.
Continue reading Machine Learning Will Transform How We Detect Software Vulnerabilities
Dimitry Snezhkov didn’t touch a computer until he was 18. Now he spends his days penetration testing to uncover security gaps and his nights meditating on the balance of life.
The post How Dimitry Snezhkov Balances the Yin and Yang of Penetration Testing appeared first on Security Intelligence.
Continue reading How Dimitry Snezhkov Balances the Yin and Yang of Penetration Testing
Garner’s new report recommends factoring severity, asset value and active exploits into your vulnerability management process.
The post New Gartner Report Recommends a Vulnerability Management Process Based on Weaponization and Asset Value appeared first on Security Intelligence.
A hardware vulnerability, discovered independently by researchers from academia and Google, underscores a major microprocessor flaw that, if exploited, could allow an attacker to read data.
The post CPU Vulnerability Can Allow Attackers to Read Privileged Kernel Memory and Leak Data appeared first on Security Intelligence.
The best way to remediate zero-day threats is to focus on proactively assessing and patching the vulnerabilities that facilitate them.
The post Don’t Just Put Out the Zero-Day Fire — Get Rid of the Fuel appeared first on Security Intelligence.
Continue reading Don’t Just Put Out the Zero-Day Fire — Get Rid of the Fuel
IBM X-Force researchers discovered 20 apps in the Google Play Store that deliver mobile malware to unsuspecting Android users.
The post After Big Takedown Efforts, 20 More BankBot Mobile Malware Apps Make It Into Google Play appeared first on Security Intelligence.
Today IBM X-Force Red launches a collaboration with the Watson IoT Platform to help ensure that all IoT solutions get our special brand of hacker love.
The post IBM X-Force Red Turns 1, Expands Into Auto and IoT Practice Areas appeared first on Security Intelligence.
Continue reading IBM X-Force Red Turns 1, Expands Into Auto and IoT Practice Areas
To protect their WordPress sites from scammers, administrators must proactively patch and monitor their installations to weed out unwanted content.
The post Relying on Data to Mitigate the Risk of WordPress Website Hijacking appeared first on Security Intelligence.
Continue reading Relying on Data to Mitigate the Risk of WordPress Website Hijacking
The best strategy to defend against the WannaCry ransomware attack and similar events is to adopt tools to prevent them from occurring in the first place.
The post Lessons Learned From the WannaCry Ransomware Attack and Many Others That Preceded It appeared first on Security Intelligence.