Skip to main content

IBM X-Force Threat Insight Quarterly Report

The IBM X-Force® Threat Insight Quarterly is designed to highlight some of the most significant threats and challenges facing security professionals today. This report is a product of IBM Managed Security Services (MSS) and is compiled by the IBM X-Force (X-Force) security intelligence team. Each issue focuses on a specific challenge and provides a recap of the most significant recent online threats.

About IBM X-Force
IBM X-Force is a primary security research organization that discovers vulnerabilities and security flaws in computer networks and tracks emerging Internet threats. The X-Force serves as trusted security advisor to the U.S. Department of Homeland Security as well as many other federal, state and local government organizations, helping create governmental security standards and initiatives.

X-Force research helps form the basis for the IBM security solutions. By researching vulnerabilities, IBM is able to update its products and services to prevent attacks before they negatively impact an organization. IBM products and services rely on X-Force research to preempt threats. Questions or comments regarding the content of this report should be addressed to xftas@us.ibm.com.

Latest report

This edition of the IBM X-Force Threat Insight Report provides an exhaustive list of security alerts, breaches and the most commonly seen threats in Q4 2009. It also delivers two new and insightful articles by IBM researchers. The first article addresses the new threat landscape introduced within social networking. These sites enable people to reconnect with old friends, communicate and collaborate with others and share pictures - but they also open up a new arena for those with malicious intent.

The second article guides readers through the process of responsible vulnerability disclosure, and offers advice for vendors on how to simplify their vulnerability notifications to better protect their customers.

Register to read this latest report (690KB)

Get Adobe® Reader®

Report archive

  • Oct 2009

    Port Security, One More Tool in the Toolbox

  • Listen to the Q3 podcast

  • Jul 2009

    Conficker, the never-ending story

  • Apr 2009

    The threat from within

  • Feb 2009

    Cyberterrorism – A Tale of Two Incidents

  • Jul 2008

    Master Boot Record (MBR) rootkits

  • Jun 2008

    Structured Query Language (SQL) injection

  • May 2008

    Keyloggers, SSH

  • Apr 2008

    SSH and SEO techniques

  • Mar 2008

    IGMP and MLD - Two serious Windows vulnerabilities, and Phishing

  • Feb 2008

    The problem with passwords

  • Jan 2008

    Domain Name System (DNS)

  • Dec 2007

    Cyberterrorism - Fact or Fiction?

  • Nov 2007

    The State of Cryptography - Modern Applications in Information Technology

  • Oct 2007

    Honeypots and Honeynets - From darknets to things that go bump in the dark

  • Sep 2007

    The State of Cryptography - Public Key Cryptography

  • Aug 2007

    Denial of Service (DoS) Attacks - A Significant Threat?

  • Jul 2007

    The Web Operating System (WebOS)

  • Jun 2007

    Virtualization - The Impact on the Security Enterprise Landscape

  • May 2007

    The Emerging Threat Landscape

  • Apr 2007

    From Botnet to Malnet

  • Mar 2007

    Internet Protocol Television (IPTV)

  • Feb 2007

    Shellcode Heuristics

  • Jan 2007

    Browser Exploitations

  • Q3 2006

    Challenges of Regulatory Compliance

  • Q2 2006

    Vulnerability Management

  • Q1 2006

    Wireless Technology

  • Q4 2005

    Protecting Information - Closing the Path to Identity Theft

  • Q3 2005

    Security implications and considerations of Internet Protocol version 6 (IPv6)

  • Q2 2005

    Trojans, Spyware and Adware

  • Q1 2005

    Focus on Voice over Internet Protocol (VoIP)

  • Q4 2004

    Focus on Phishing