Skip to main content


IBM X-Force Threat Reports

The IBM X-Force Trend and Risk Report
The IBM X-Force Trend and Risk Report is produced twice per year: once at mid-year and once at year-end. This report provides statistical information about all aspects of threats that affect Internet security, including software vulnerabilities and public exploitation, malware, spam, phishing, web-based threats, and general cyber criminal activity. They are intended to help customers, fellow researchers, and the public at large understand the changing nature of the threat landscape and what might be done to mitigate it. Questions or comments regarding this report should be addressed to xforce@iss.net.

The IBM X-Force Threat Insight Report
The IBM X-Force Threat Insight Report is designed to highlight some of the most significant threats and challenges facing security professionals today. This report is produced by the IBM Internet Security Systems (ISS) Managed Security Services (MSS) team, and is compiled by the IBM X-Force. Each issue focuses on a specific challenge and provides a recap of the most significant recent online threats. Questions or comments regarding this report should be addressed to xftas@us.ibm.com.

About IBM X-Force
The IBM X-Force research and development teams study and monitor the latest threat trends including vulnerabilities, exploits and active attacks, viruses and other malware, spam, phishing, and malicious web content. In addition to advising customers and the general public on how to respond to emerging and critical threats, the X-Force also delivers security content to protect IBM ISS customers from these threats.

Latest Trend and Risk Report

In addition to standard vulnerability, malware, spam, phishing, and web threat statistics, the IBM X-Force 2009 Mid-year Trend and Risk Report features the following special topics:

  • Document vulnerabilities. In the first half of the year alone, the total number of vulnerabilities disclosed in some of the document types we traditionally consider "secure" has already exceeded the total number of disclosed vulnerabilities found in them in all of 2008.
  • Most disclosed vulnerabilities. Microsoft is no longer number one in the "most disclosed vulnerabilities" category.
  • Better Browsers. More secure (if you update) but still the main exploitation target.
  • Bad Web Links. More prolific for spam, phishing, and the delivery of malicious code.
  • Conficker and Lessons Learned. Conficker had baffled security researchers, caused panic among computer users, and had shown us a glimpse of the mindset and the sophistication of cybercriminals.

Latest Threat Insight Report

This edition of the X-Force Threat Insight Report provides an exhaustive list of security alerts, breaches and the most commonly seen threats in Q3 2009. It also delivers two new and insightful articles by IBM ISS researchers. The first article addresses why "port security" is an important tool to securing an organization's network and outlines some common commands for configuring port security. Strong port security can enforce security policies - helping to mitigate unauthorized users from accessing the network. The second article takes the reader on a journey of investigating a malware sample, focusing on the behavioral aspects of malware analysis. If given the task, can you answer the question: "What does this file do?"

Report archive

Q2 2009 Threat Insight Quarterly (887KB)

Q2 2009 Threat Insight Quarterly podcast
(MP3, 10.8MB)

2008 Annual Trend and Risk Report Report (4.58MB)

2008 Annual Trend and Risk Report graphics
(ZIP, 3.44MB)

Q1 2009 Threat Insight Quarterly (690KB)

Q4 2008 Threat Insight Quarterly (676KB)

2008 Mid-Year Trend and Risk Report Report (3.37MB)

2008 Mid-Year Trend and Risk Report Report graphics
(ZIP, 1.33MB)

2007 Annual Trend and Risk Report Report (3.12MB)

2006 Annual Trend and Risk Report Report (2.34MB)

Q3 2008
Attacks against a major U.S. media outlet, CAPTCHA security (1.70MB)

Jul 2008
Master Boot Record (MBR) rootkits (1.71MB)

Jun 2008
Structured Query Language (SQL) injection (1.57MB)

May 2008
Keyloggers, SSH (2.13MB)

Apr 2008
SSH and SEO techniques (1.19MB)

Mar 2008
IGMP and MLD - Two serious Windows vulnerabilities, and Phishing (1.16MB)

Feb 2008
The problem with passwords (3.14MB)

Jan 2008
Domain Name System (DNS) (469KB)

Dec 2007
Cyberterrorism - Fact or Fiction? (1.28MB)

Nov 2007
The State of Cryptography - Modern Applications in Information Technology (4.05MB)

Oct 2007
Honeypots and Honeynets - From darknets to things that go bump in the dark (1.46MB)

Sep 2007
The State of Cryptography - Public Key Cryptography (1.14MB)

Aug 2007
Denial of Service (DoS) Attacks - A Significant Threat? (2.03MB)

Jul 2007
The Web Operating System (WebOS) (0.98MB)

Jun 2007
Virtualization - The Impact on the Security Enterprise Landscape (1.84MB)

May 2007
The Emerging Threat Landscape (1.51MB)

Apr 2007
From Botnet to Malnet (1.30MB)

Mar 2007
Internet Protocol Television (IPTV) (1.42MB)

Feb 2007
Shellcode Heuristics (1.33MB)

Jan 2007
Browser Exploitations (1.73MB)

Q3 2006
Challenges of Regulatory Compliance (0.98MB)

Q2 2006
Vulnerability Management (991KB)

Q1 2006
Wireless Technology (788KB)

Q4 2005
Protecting Information - Closing the Path to Identity Theft (3.40MB)

Q3 2005
Security implications and considerations of Internet Protocol version 6 (IPv6) (342KB)

Q2 2005
Trojans, Spyware and Adware (281KB)

Q1 2005
Focus on Voice over Internet Protocol (VoIP) (211KB)

Q4 2004
Focus on Phishing (144KB)

IBM Internet Security Systems

Learn more about the security solutions powered by IBM X-Force.

Go to IBM Internet Security Systems