Tag: ibm
-
The AI Accountability Gap CIOs Can’t Ignore
IBM Research Finds Tech Leaders Struggle With Agent Sprawl. A new IBM Institute for Business Value survey finds two-thirds of CIOs and CTOs are accountable for AI systems they don’t fully control. The survey of 2,000 tech executives details rising AI agent incidents and recommends infrastructure, governance and financial fixes. First seen on govinfosecurity.com Jump…
-
IBM execs on storage security and operational resiliency
IBM storage leaders Sam Werner and Christopher Vollmar share insights on operational resiliency, AI data protection gaps and security strategies for enterprises. First seen on techtarget.com Jump to article: www.techtarget.com/searchstorage/news/366644107/IBM-execs-on-storage-security-and-operational-resiliency
-
Rhysida and Interlock Ransomware Groups Linked to Initial Access Brokers and Crypter Ecosystem
Rhysida and Interlock sit inside the same ransomware supply chain, but their latest observed behavior shows a more nuanced relationship than simple code reuse. IBM X-Force’s long-term analysis ties both groups to initial access brokers, private crypters, downloaders, and backdoors that help them stage intrusion chains before encryption. The core finding is that both operations…
-
Ex-Threat Intel Exec Accuses IBM and AT&T of Hiding Hacks
IBM False Claims Act Plaintiff Alleges Years of Hidden Security Failures. A former IBM vice president of threat intelligence alleged IBM and AT&T failed to implement basic security controls and obtained major government contracts despite unresolved cybersecurity deficiencies that potentially exposed sensitive federal data. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ex-threat-intel-exec-accuses-ibm-att-hiding-hacks-a-31904
-
Former cyber executive turned whistleblower accuses IBM of covering up several data breaches
IBM and two of its subsidiary companies were allegedly breached during the mid-2010s, which a lawsuit filed by a former cybersecurity executive accuses IBM of not disclosing and actively covering up. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/05/former-cyber-executive-turned-whistleblower-accuses-ibm-of-covering-up-several-data-breaches/
-
Quantum Sales Pitch Goes From Compute Supremacy to Utility
IBM, Google and Other Firms Are Focusing on Commercial Value as Quantum Progresses. IBM’s $10 billion quantum computing push reflects a broader industry effort to move beyond scientific milestones and toward business value. But cybersecurity leaders say vendors should focus less on product narratives and more on meaningful progress. First seen on govinfosecurity.com Jump to…
-
IBM Targets AI Inference Costs and VM Modernization With New Red Hat Cloud Services
First seen on scworld.com Jump to article: www.scworld.com/news/ibm-targets-ai-inference-costs-and-vm-modernization-with-new-red-hat-cloud-services
-
Expired domain leads to supply chain attack on node-ipc npm package
require(‘node-ipc’). The trojanized versions were designed to remain fully functional to avoid immediate detection, which together with other decisions attackers took, such as data exfiltration via DNS TXT, suggest stealthiness was a top priority.Once executed, the malicious code collects information about the host system, including operating system version, hostname, and environment variables. It then starts…
-
Poisoned truth: The quiet security threat inside enterprise AI
It takes surprisingly little poison to corrupt: Bad internal data is the immediate problem. But the external supply chain may be even harder to control.Research by Anthropic, the UK AI Security Institute, and the Alan Turing Institute discovered that as few as 250 maliciously crafted documents can poison LLMs of any size.That creates a massive…
-
Salt Typhoon Suspected in Breach of IBM Italy Subsidiary Managing Public Infrastructure
What happened A cybersecurity incident in late April 2026 targeted Sistemi Informativi, an Italian company wholly owned by IBM Italy that provides IT infrastructure management for public agencies and key private sector organizations. IBM confirmed the breach through an official statement, acknowledging it had identified and contained a cybersecurity incident and activated incident response protocols…The…
-
Salt Typhoon breach IBM subsidiary in Italy: a warning for Europe’s digital defenses
April 2026 breach at Sistemi Informativi (IBM Italy) raises concerns over Chinese-linked cyber ops in Europe, including Salt Typhoon. In late April 2026, the Italian cybersecurity landscape was shaken by a significant breach targeting Sistemi Informativi, a company wholly owned by IBM Italy that provides IT infrastructure management for key public and private institutions. The…
-
TDL 020 – Why DNS Is Your First Line of Cyber Defense – Chris Buijs
Tags: access, attack, automation, business, cisco, ciso, cloud, container, corporate, country, cyber, cybersecurity, data, ddos, defense, dns, encryption, endpoint, finance, firewall, group, hacker, ibm, infrastructure, Internet, iot, jobs, malicious, microsoft, network, office, phone, programming, router, saas, service, software, startup, strategy, switch, technology, threat, tool, training, update, usa, vulnerability, zero-trustIn Episode 20 of The Defender’s Log, host David Redekop sits down with Amsterdam-based tech veteran Chris Buijs to discuss the often-overlooked backbone of internet security: DNS (Domain Name System). The “Set-it-and-Forget-it” Trap Buijs, who transitioned from an electrician to a network architect, notes that many organizations treat DNS as a “utility” rather than a…
-
TDL 020 – Why DNS Is Your First Line of Cyber Defense – Chris Buijs
Tags: access, attack, automation, business, cisco, ciso, cloud, container, corporate, country, cyber, cybersecurity, data, ddos, defense, dns, encryption, endpoint, finance, firewall, group, hacker, ibm, infrastructure, Internet, iot, jobs, malicious, microsoft, network, office, phone, programming, router, saas, service, software, startup, strategy, switch, technology, threat, tool, training, update, usa, vulnerability, zero-trustIn Episode 20 of The Defender’s Log, host David Redekop sits down with Amsterdam-based tech veteran Chris Buijs to discuss the often-overlooked backbone of internet security: DNS (Domain Name System). The “Set-it-and-Forget-it” Trap Buijs, who transitioned from an electrician to a network architect, notes that many organizations treat DNS as a “utility” rather than a…
-
American farms have a new steward for their safety net, disaster programs… Palantir
Tags: ibmWins $300M deal over Salesforce, IBM because of ‘integration with existing USDA systems,’ among other things First seen on theregister.com Jump to article: www.theregister.com/2026/04/23/palantir_wins_us_department_of_agriculture_contract/
-
American farms have a new steward for their safety net, disaster programs… Palantir
Tags: ibmWins $300M deal over Salesforce, IBM because of ‘integration with existing USDA systems,’ among other things First seen on theregister.com Jump to article: www.theregister.com/2026/04/23/palantir_wins_us_department_of_agriculture_contract/
-
CNAPP ein Kaufratgeber
Tags: access, ai, application-security, attack, authentication, cloud, container, detection, edr, encryption, framework, group, ibm, infrastructure, intelligence, kubernetes, linux, ml, monitoring, network, open-source, risk-management, saas, soar, software, supply-chain, threat, tool, vmwareCloud Security bleibt ein diffiziles Thema und die Tools, mit denen sie sich gewährleisten lässt, werden zunehmend komplexer und schwieriger zu durchschauen auch dank der ungebrochenen Liebe der Branche zu Akronymen. Mit CNAPP kommt nun ein weiteres hinzu. Die Abkürzung steht für Cloud-Native Application Protection Platform und kombiniert die Funktionen von vier separaten Cloud-Security-Werkzeugen: Cloud…
-
Article 5 and the EU AI Act’s Absolute Red Lines FireTail Blog
Tags: access, ai, awareness, cctv, cloud, compliance, control, data, detection, exploit, finance, group, healthcare, ibm, infrastructure, Internet, law, microsoft, monitoring, risk, service, technology, tool, training, vulnerabilityApr 20, 2026 – Alan Fagan – Most conversations about the EU AI Act focus on August 2026, when obligations for high-risk AI systems become fully enforceable. But Article 5 is already live. The Act’s eight prohibited practices became enforceable in February 2025. Fines of up to Euro35 million or 7% of global annual turnover…
-
Article 5 and the EU AI Act’s Absolute Red Lines FireTail Blog
Tags: access, ai, awareness, cctv, cloud, compliance, control, data, detection, exploit, finance, group, healthcare, ibm, infrastructure, Internet, law, microsoft, monitoring, risk, service, technology, tool, training, vulnerabilityApr 20, 2026 – Alan Fagan – Most conversations about the EU AI Act focus on August 2026, when obligations for high-risk AI systems become fully enforceable. But Article 5 is already live. The Act’s eight prohibited practices became enforceable in February 2025. Fines of up to Euro35 million or 7% of global annual turnover…
-
New IBM Security Services Aim to Counter Risks of Frontier AI Models
IBM Consulting is using AI agents in its new services to help organizations protect themselves against the growing security threats advanced AI foundation models like Anthropic’s Mythos Preview and OpenAI’s GPT-5.4-Cyber pose. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/new-ibm-security-services-aim-to-counter-risks-of-frontier-ai-models/
-
New IBM Security Services Aim to Counter Security Risks of AI Frontier Models
IBM Consulting is using AI agents in its new services to help organizations protect themselves against the growing security threats advanced AI foundation models like Anthropic’s Mythos Preview and OpenAI’s GPT-5.4-Cyber pose. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/new-ibm-security-services-aim-to-counter-security-risks-of-ai-frontier-models/
-
The AI inflection point: What security leaders must do now
The questions have matured: The AI discussion in security has evolved in phases.First came skepticism from security leaders, asking whether AI actually works in security operations. Given years of overpromised technology, the caution was warranted.Experimentation followed, with questions centering on what types of work AI should handle and where it introduces risk.Now, the dominant questions…
-
The AI inflection point: What security leaders must do now
The questions have matured: The AI discussion in security has evolved in phases.First came skepticism from security leaders, asking whether AI actually works in security operations. Given years of overpromised technology, the caution was warranted.Experimentation followed, with questions centering on what types of work AI should handle and where it introduces risk.Now, the dominant questions…
-
Seven IBM WebSphere Liberty flaws can be chained into full takeover
Tags: access, attack, authentication, credentials, cve, data, data-breach, encryption, flaw, ibm, passwordAdminCenter flaws allow further escalation: Beyond initial access, the research outlined critical issues within WebSphere Liberty’s administrative controls. The AdminCenter component, designed to enforce role-based access, contains multiple flaws that allow low-privileged users to access sensitive files and secrets.One issue, tracked under CVE-2025-14915, enables “reader”-level users to retrieve critical server files such as authentication keys,…
-
IBM Security Verify Access Flaws Let Remote Attackers Access Sensitive Data
IBM has issued an urgent security bulletin addressing a slew of vulnerabilities impacting IBM Verify Identity Access and IBM Security Verify Access. These flaws span across critical dependencies and internal mechanisms, exposing organizations to risks ranging from remote data theft to complete system compromise. Cybersecurity professionals and administrators must evaluate these threats immediately to secure…
-
The tabletop exercise grows up
would do. They do not do it.Every experienced facilitator knows the moment: someone in the room challenges the premise and the facilitator asks participants to “suspend disbelief.” That phrase should give us pause. If the scenario requires suspension of disbelief, it is not building preparedness. It is building familiarity with a document.The gap between documentation…
-
The Hidden Cost of Recurring Credential Incidents
When talking about credential security, the focus usually lands on breach prevention. This makes sense when IBM’s 2025 Cost of a Data Breach Report puts the average cost of a breach at $4.4 million. Avoiding even one major incident is enough to justify most security investments, but that headline figure obscures the more persistent problems…
-
Fehler in Node.js-Projekten – IBM App Connect durch DoS-Angriffe gefährdet
First seen on security-insider.de Jump to article: www.security-insider.de/ibm-app-connect-enterprise-kritische-schwachstellen-dos-a-1f0050cd51875d8992057cfff1568d86/
-
IBM CEO pay pack jumps 51% for 2025 in target smash and grab
Median employee increase? 2.1%. And shareholders urged to vote against a request for AI bias reporting First seen on theregister.com Jump to article: www.theregister.com/2026/03/18/ibm_ceo_pay_pack_jumps/