Security and identity

Two-factor authentication (2FA) verifies a user’s identity by asking for two pieces of proof, such as an online account password and a one-time passcode.

Multifactor authentication (MFA) verifies a user’s identity by requiring at least two forms of proof, such as a password, fingerprint or other biometric data.

Explore how agentic AI introduces new security concerns in this conversation between world-renowned cybersecurity leader Wendi Whitmore and David Levy

The X-Force Red team was able to breach a hardened external perimeter and gain code execution to an on-premises SQL server, resulting in full Active Directory compromise. Learn how they did it, and how to prevent it from happening to you.

IBM X-Force observed Hive0148 spreading the Grandoreiro banking trojan to users in Mexico and Costa Rica. Learn more about this phishing and Malware-as-a-Service campaign.

Enterprise mobility management (EMM) tools and services help organizations secure and manage mobile devices, apps and data.

A brute force attack uses trial-and-error to crack passwords or encryption keys and gain unauthorized access.

The IBM X-Force Red team covers the fundamentals of COM and DCOM, dives into the RunAs setting and why authentication coercions are impactful and introduces a new credential harvesting tool - RemoteMonologue.

Most of us think of cybersecurity as a purely digital affair, but cyberattacks can actually begin right here in the physical world.

Digital credentials are a secure way to verify an identity without paper credentials. Examples include digital badges and digital certificates.

Social engineering will always be a problem, but we can all do our part to make scammers' jobs harder.

Microsoft offers a bug bounty for qualifying bypasses into Windows Defender Application Control. Learn how IBM's X-Force team found a bypass using Loki C2.

Privilege escalation is a cyberattack technique in which a threat actor alters or elevates their permissions in a target system.

Biometric authentication uses physical features—like facial features, iris scans or fingerprints—to verify peoples' identities.

Threat intelligence is detailed, actionable threat information for preventing and fighting cyberthreats targeting an organization.

Customer identity and access management (CIAM) manages the digital identities of customers and other external end users.

The Common Vulnerability Scoring System (CVSS) is a widely used framework for classifying and rating software vulnerabilities.

Due to modern defensive solutions, targeted and large-scale enumeration of Active Directory (AD) environments has become increasingly detected. Learn more on that and a new tool to help fight it.

A digital identity is a profile tied to a specific user, machine or other entity in an IT ecosystem. Digital IDs help track activity and stop cyberattacks.

Hugging Face announced the release of smolagents, a lightweight framework for building AI agents. However, X-Force discovered a vulnerability and Hugging Face was quick to implement a fix. Learn more.

4 ways to bring cybersecurity into your community | IBM

While open-source licensing and cloud computing propel innovation in the AI space, they’re also a source of risk. Red teams can help keep models secure.

The straight and narrow — How to keep ML and AI training on track | IBM

The education sector is uniquely vulnerable to ransomware attacks. These proactive steps can help your organization stay safe.

AI has already automated many repetitive, time-consuming cybersecurity tasks. But will AI threaten the human creativity threat detection depends on?

Today, cybersecurity and incident response are no longer solely a technical issue — it is a fundamentally human one.

In light of current conflicts, the UK is now faced with real-world military decisions that will affect our immediate future. Ed Gillett and Col Chambers assert that industry and government must switch to a readiness mindset before the European post-war peace shatters.“My vision for the British Army is to field fifth-generation land […]

Stress-testing multimodal AI applications is a new frontier for red teams | IBM

In an interview with Ruben Boonen, CNE Capability Development Lead at IBM, we dig into what researchers think of Apple's Private Cloud Compute system.

AI-driven SOC "co-pilots" are topping the lists for 2025's cybersecurity predictions, providing round-the-clock assistance to security analysts.