Security News

Siemens and IBM announce new solution designed to optimize the SLM of assets
2020-06-19 01:15

Expanding on their long-term partnership, Siemens and IBM announce the availability of a new solution designed to optimize the Service Lifecycle Management of assets by dynamically connecting real-world maintenance activities and asset performance back to design decisions and field modifications. This new solution establishes an end-to-end digital thread between equipment manufacturers and the owner/operators of that equipment by leveraging elements of the Xcelerator portfolio from Siemens Digital Industries Software and IBM Maximo.

IBM Acquires Cloud Security Company Spanugo
2020-06-16 11:35

IBM has announced a definitive agreement to acquire cloud cybersecurity posture management solutions provider Spanugo. Spanugo's technology allows organizations to demonstrate compliance in real time, while also helping them continuously improve their cloud security to ensure that attacks can be repelled.

Critical Remote Code Execution Vulnerabilities Patched in IBM WebSphere
2020-06-09 12:15

Two critical vulnerabilities patched recently by IBM in its WebSphere Application Server product can be exploited by a remote, unauthenticated attacker to execute arbitrary code with elevated privileges. Two of the flaws have been rated critical and they can be exploited for remote code execution, while the third has been classified as high severity and it can lead to information disclosure.

Wipro and IBM collaborate to assist customers embark on a secure hybrid cloud journey
2020-06-09 00:30

Wipro announced a collaboration with IBM to assist Wipro customers embark on a seamless and secure hybrid cloud journey. Through this alliance, Wipro will develop hybrid cloud offerings to help businesses migrate, manage and transform mission-critical workloads and applications, with security across public or private cloud and on-premises IT environments.

IBM Releases Open Source Toolkits for Processing Data While Encrypted
2020-06-05 15:36

IBM this week announced the availability of open source toolkits that allow for data to be processed while it's still encrypted. The toolkits implement fully homomorphic encryption, which enables the processing of encrypted data without providing access to the actual data.

IBM Cloud clients now have full access to Alert Logic’s MDR capabilities
2020-05-10 23:00

Alert Logic announced that organizations relying on IBM Cloud services now have full access to Alert Logic's comprehensive managed detection and response capabilities. The company uses the Alert Logic MDR solution for the security layer of its IBM Cloud deployment.

Coronavirus-themed spam surged 14,000% in two weeks says IBM
2020-05-06 18:00

Since February, spam exploiting the novel coronavirus has jumped by 4,300% and 14,000% in the past 14 days, according to IBM X-Force, IBM's threat intelligence group.

IBM == Insecure Business Machines: No-auth remote root exec exploit in Data Risk Manager drops after Big Blue snubs bug report
2020-04-21 19:04

IBM has acknowledged that it mishandled a bug report that identified four vulnerabilities in its enterprise security software, and plans to issue an advisory. IBM Data Risk Manager offers security-focused vulnerability scanning and analytics, to help businesses identify weaknesses in their infrastructure.

RCE Exploit Released for IBM Data Risk Manager
2020-04-21 18:19

UPDATED. Four serious security vulnerabilities in the IBM Data Risk Manager have been identified that can lead to unauthenticated remote code execution as root in vulnerable versions, according to analysis - and a proof-of-concept exploit is available. IBM weighed in on the problem this week, after a researcher went public with the bugs, one of which may end up being a zero-day issue - Big Blue is still investigating.

IBM Tells Researcher It Will Not Patch Serious Data Risk Manager Flaws
2020-04-21 15:28

A security researcher says IBM has told him that it would not be patching several vulnerabilities found in its Data Risk Manager product, despite demonstrating that they can be exploited by a remote, unauthenticated attacker to execute arbitrary code with root privileges. Pedro Ribeiro of Agile Information Security has disclosed technical information for a total of four zero-day vulnerabilities affecting IBM Data Risk Manager, an enterprise security solution that "Provides executives and their teams a business-consumable data risk control center that helps to uncover, analyze, and visualize data-related business risks so they can take action to protect their business."