Active loading indicator
1 – 30 of 674 items
[]
674 results
28 July 2025
Insights
Cyber Frontlines: Mark Hughes

Learn more about IBM’s team of experts who closely monitor and assess cybersecurity trends and insights. In this edition, meet Mark Hughes, Global Managing Partner, Cybersecurity Services for IBM.

Cybersecurity
28 July 2025
Insights
Cyber Frontlines: Troy Bettencourt

Learn more about IBM’s team of experts who closely monitor and assess cybersecurity trends and insights. In this edition, meet Troy Bettencourt, Global Partner & Head of X-Force.

Incident response
28 July 2025
Insights
Cyber Frontlines: Golo MĂĽhr

Learn more about our team of experts who closely monitor and assess cybersecurity trends and insights, including discovering and ethically disclosing the latest vulnerabilities and threats affecting today’s consumers, businesses and governments.

Threat management
28 July 2025
Insights
Cyber Frontlines: Erik Svanoe

Learn more about our team of experts who closely monitor and assess cybersecurity trends and insights, including discovering and ethically disclosing the latest vulnerabilities and threats affecting today’s consumers, businesses and governments.

Adversary simulation
28 July 2025
Insights
Cyber Frontlines: Claire Nuñez

Learn more about IBM’s team of experts who closely monitor and assess cybersecurity trends and insights. In this edition, meet Claire Nuñez, Creative Director at IBM X-Force Cyber Range.

Incident response
23 July 2025
Explainer
What is Network Security?

Network security is a field of cybersecurity that’s specifically focused on protecting computer networks and communication systems from internal and external cyberthreats and cyberattacks.

Network security
23 July 2025
News
Hive0156 continues Remcos campaigns against Ukraine

IBM X-Force is monitoring active Hive0156 Remcos Remote Access Trojan (RAT) campaigns targeting victims of Ukraine. Learn more about this threat.

Threat management
22 July 2025
Explainer
Threat detection and response

Threat detection and response (TDR) refers to the tools and processes organizations use to detect, investigate and mitigate cybersecurity threats.

Threat detection and response
22 July 2025
News
In the protobuf: Web browser artifacts using Google's data interchange format

Skip the nose clip and head straight for the diving bell in this descent into the murky depths of the Resource Prefetch Predictor web artifacts found within Chromium-based web browsers, in use on both computers and mobiles today.

Data security
18 July 2025
Explainer
What is Web Security?

Web security encompasses a range of solutions and security policies that organizations rely on to protect their networks, users, and assets from various security risks.

Web security
10 July 2025
News
Hive0145 back in German inboxes with Strela Stealer and a backdoor

Hive0145, the threat actor known for delivering Strela Stealer to exfiltrate email credentials, is back to no good and now targeting Germany using malicious SVG files to download a simple reverse shell X-Force named StarFish.

Malware
03 July 2025
News
Identifying and abusing Azure Arc for hybrid escalation and persistence

Explore how Azure Arc can be identified in environments, misconfigurations in deployment can allow for privilege escalation, an overprovisioned Service Principal can be used for code execution and how Arc can be used as an out-of-band persistence mechanism.

Cybersecurity
02 July 2025
News
Reproducing a million-dollar bug: WhatsApp CVE-2019-11932 (with AFL & Frida)

Dive into research on a double-free vulnerability, CVE-2019-11932, in an image processing library used by WhatsApp and a GIF-processing vulnerability affecting Android mobile phones.

Threat management
01 July 2025
Insights
How a post-quantum approach to cryptography can help protect mainframe data

As the industry gets closer to achieving a cryptographically relevant quantum computer, the security of data—operational, personal and financial—will be more critical than ever. Protecting that data from this newest risk vector will become a top priority for many enterprises.

Quantum-safe
30 June 2025
Explainer
What is Access Management?

Access management is the cybersecurity discipline that controls user access rights to digital resources.

User access management
27 June 2025
Explainer
What Is an Identity Fabric?

An identity fabric is a framework for integrating and orchestrating multiple identity and access management (IAM) systems to act as a single unified system.

Identity fabric
27 June 2025
Explainer
What Is a Compliance Audit?

A compliance audit is an impartial assessment of an organization’s activities and records to determine whether it is meeting internal and external standards.

Data compliance
23 June 2025
News
Hive0154 aka Mustang Panda shifts focus on Tibetan community to deploy Pubload backdoor

China-aligned threat actor Hive0154 has spread numerous phishing lures in targeted campaigns throughout 2025 to deploy the Pubload backdoor. As of May 2025, X-Force noticed these attacks targeting the Tibetan community. Learn more.

Threat management
20 June 2025
Explainer
What Is Public Key Encryption?

Public key encryption is a type of cryptographic system that uses a mathematically linked pair of keys—one public, one private—to encrypt and decrypt data.

Public key encryption
17 June 2025
News
Becoming the trainer: Attacking ML training infrastructure

Learn more about machine learning training environments and infrastructure, as well as different attack scenarios against critical components, including cloud compute, model artifact storage and model registries.

Cloud security
13 June 2025
Explainer
What Is Cybersecurity?

IBM's definition of cybersecurity. Learn how modern threats evolve with technology, stay ahead with trends and access the latest security reports.

Cybersecurity
11 June 2025
Insights
What is Behavioral Biometrics?

Behavioral biometrics is a form of authentication that analyzes unique patterns in a user’s activity—such as mouse or touchscreen usage—to verify identity.

Behavioral biometrics
11 June 2025
Explainer
What Is FIDO2?

FIDO2 (Fast Identity Online 2) is an open standard for passwordless authentication that was developed by the FIDO Alliance in partnership with the World Wide Web Consortium.

FIDO authentication
11 June 2025
Explainer
What is Identity Governance and Administration?

Identity governance and administration (IGA) manages regulatory compliance for digital identities and user access rights in a computer system.

Identity governance and administration
06 June 2025
News
Cyberattack Magnet? Unyielding Threats Plague The Industrial Sector

Threat actors have been heavily targeting the industrial sector in recent years. Learn more about why this industry is being targeted and what organizations can do to protect against these cyberattacks.

Cybersecurity
05 June 2025
Explainer
What is Identity and Access Management (IAM)?

Identity and access management (IAM) tools help ensure that the right people can access the right resources for the right reasons at the right time.

Identity and access management
03 June 2025
IBM X-Force Threat Analysis: DCRat presence growing in Latin America

IBM X-Force has been monitoring phishing email campaigns from Hive0131 pretending to be The Judiciary of Colombia and using fake notifications to Colombians of criminal proceedings to deliver malware. Learn more about this threat.

Threat management
02 June 2025
Weaponized SVGs: Inside a global phishing campaign targeting financial institutions

Since the start of 2025, IBM X-Force has been tracking a phishing campaign targeting financial institutions worldwide, using weaponized Scalable Vector Graphics (SVG) files to initiate multi-stage malware infections. Learn more.

Security intelligence
30 May 2025
Explainer
What is Cryptojacking?

Cryptojacking is a type of cyberattack in which cybercriminals hijack the computing resources of victims’ devices to mine cryptocurrency without permission.

Cryptojacking
30 May 2025
Explainer
What is DDoS Protection and Mitigation?

Distributed denial-of-service (DDoS) protection and mitigation is the use of cybersecurity tools and services to prevent or quickly resolve DDoS attacks.

DDoS
1 – 30 of 674 items