Daily News About IBM Security

The post 2025 IBM X-Force Threat Index: Large-Scale Credential Theft Escalates, Threat Actors Pivot to Stealthier Tactics appeared first on TechChannel.

The 2025 X-Force Threat Intelligence Index tracks new and existing trends and attack patterns, including a spike in lower-profile credential theft …

International Business Machines Corp ( IBM, Financial ) has released its 2025 X-Force Threat Intelligence Index, revealing a significant shift in cybercriminal tactics towards stealthier methods, particularly credential theft. The shift from ransomware to credential theft suggests that companies may need to allocate more resources towards identity protection and advanced threat detection technologies.

IBM X-Force observed an 84% increase in emails delivering infostealers in 2024 compared to the prior year, a method threat actors relied heavily on to scale identity attacks. Reliance on legacy technology and slow patching cycles prove to be an enduring challenge for critical infrastructure organisations as cyber criminals exploited vulnerabilities in more than one-quarter of incidents that IBM X-Force responded to in this sector last year.

2025 IBM X-Force Threat Index: Large-Scale Credential Theft Escalates, Threat Actors Pivot to Stealthier Tactics Newswire.ca – Thu Apr 17, 4:45AM CDTARMONK, N.Y., April 17, 2025 /CNW/ — IBM (NYSE: IBM) today released the 2025 X-Force Threat Intelligence Index highlighting that cybercriminals continued to pivot to stealthier tactics, with lower-profile credential theft spiking, while ransomware attacks on enterprises declined. IBM X-Force observed an 84% increase in emails delivering infostealers in 2024 compared to the prior year, a method threat actors relied heavily on to scale identity attacks.Read more at newswire.caThis article contains syndicated content. We have not reviewed, approved, or endorsed the content, and may receive compensation for placement of the content on this site. For more information please view the Barchart Disclosure Policy here.

– Nearly half of all cyberattacks resulted in stolen data or credentials

A new report out today from IBM Corp. shows that cybercriminals are evolving their tactics, increasingly opting for stealth over spectacle. The finding comes from the annual 2025 X-Force Threat Intelligence Index, based on data from IBM X-Force incident response cases, dark web monitoring, threat intelligence sources and partner collaborations. The report reveals that identity The post IBM X-Force report finds shift from ransomware to credential theft in 2024 appeared first on SiliconANGLE.

Want to uncover the latest insights on ransomware, dark web threats, and AI risks? Read the 2025 Threat Intelligence Index → https://ibm.biz/BdnicvLearn more about IBM X-Force Threat Intelligence Index 2025 here → https://ibm.biz/BdnicK🔐 Cyber threats are evolving—are you ready? Jeff Crume unpacks the 2025 IBM X-Force Threat Intelligence Index, revealing trends in ransomware, dark web vulnerabilities, and AI attack surfaces. Discover actionable strategies to secure your systems and stay ahead of emerging risks. 🌐💡Read the Cost of a Data Breach report → https://ibm.biz/Bdnica#cybersecurity #threatintelligence #xforce

Refer documentation for more information at : ​​https://www.ibm.com/docs/en/maas360?topic=devices-battery-health-dashboard​https://community.ibm.com/community/user/security/blogs/apoorva-chourasia/2025/03/19/introduction-to-maas360-battery-health-dashboard

A new study from the IBM Institute for Business Value As the digital landscape continues to change, organizations face a daunting reality: cybersecurity complexity is eating away at their bottom line.

As the developers have since written in a warning message, the patch was broken and did not adequately protect systems. Another vulnerability (CVE-2025-24791 “medium” ), which allows attackers to bypass access restrictions, has also been closed.

View the 15-min video to understand why your organization needs the protection that Storage Protect for Cloud (SP4C) offers. Additionally, you will see the SP4C UI as the speaker walks through scenarios such as recovering a OneDrive file and utilizing delegated administrative controls to empower end users and scale the organizations IT team.

Discover how security platformization can help reduce cybersecurity costs. Explore the report → https://ibm.biz/BdnxAjSecurity platforms offer unparalleled visibility, strengthened defenses, improved costs, and efficiency—all leading to tangible business benefits. AI news moves fast. Sign up for a monthly newsletter for AI updates from IBM → https://ibm.biz/BdGnhA#ibm #security #securityconcerns #businessvalue

Attackers can attack IBM InfoSphere Information Server via several security vulnerabilities and, among other things, gain higher user rights. At this point, a locally authenticated attacker can obtain higher rights by sending a crafted request.

With MaaS360’s new AI capabilities, policy management is easier and more intuitive!Understand Android and Apple policies with easy-to-grasp summaries, and get recommendations to achieve your goals.

IBM X-Force discovered a set of previously unknown malware (Sheriff backdoor) used in a cyber espionage attack against an entity within Ukraine’s defense sector in the first half of 2024. The threat actor used a popular news portal in Ukraine, ukr.net, to host the Sheriff backdoor. The modular backdoor can execute actor directed commands, collect screenshots, and covertly exfiltrate victim data using the Dropbox cloud storage API. During the investigation, X-Force identified threat activity similar to CloudWizard APT and Turla (aka ITG12), both of which are Russia-nexus threat groups that targeted Ukrainian entities.

Forshaw’s blog describes a PPL bypass use case where the IDispatch interface, as exposed in the WaaSRemediation COM class, is manipulated for trapped COM object abuse and .NET code execution. In February 2024, James Forshaw ( @tiraniddo ) of Google Project Zero released a blog post detailing a novel approach for abusing Distributed COM (DCOM) remoting technology where trapped COM objects can be used to execute .NET managed code in the context of a server-side DCOM process.

Cybersecurity is a fascinating industry which needs to inspire the next generation to embark on fulfilling careers. With a male majority in the workforce, there is still a way to go to diversify people in the sector from different backgrounds. The support for this aim has been led by tech giant IBM to encourage skills and development which builds the future digital economic growth, whilst the government is equally resourceful on how it plans to safeguard online services.  IBM has partnered with the Department for Science, Innovation, and Technology, and the National Cyber Security Centre to provide the online platform for the CyberFirst Girls competition, open to girls between the ages of 12 and 13 in the UK.  The cybersecurity programme is available for schools nationwide to allow students to participate in a series of cyber challenges from cryptography to artificial intelligence, which is affecting the world around them everyday.  Some of the challenges of diversifying the sector were restated by Shruti Kulkarni, Information Security Architect, at Elexon who participated in our Transformative Women interviews.  Women currently account for just 17% of the cybersecurity workforce and it is partly the responsibility of the sector to offer a balanced and interesting environment, and individuals themselves. Minister for Cyber Security Feryal Clark recently spoke out on the “need to build a diverse workforce which is reflective of every community in the country” to tackle online threats.  

In 2025, IBM will provide the digital platform for this event, ensuring the program continues expanding and attracting more young female talent to cybersecurity. As the cyber sector continues to grow and is now valued at £13 billion, the importance of tackling the ongoing challenges of skill gaps and gender equality within the industry has become clear.

Students face a set of challenges from cryptography and networking to artificial intelligence, and the aim is to build their skills and nurturing talent to encourage girls to take up careers in the field. “By partnering with IBM to deliver the next edition of the CyberFirst Girls Competition, we’re driving forward our plans to do exactly that – building up the skills of young girls across the country and nurturing the next generation of UK cyber leaders,” said Feryal Clark, Minister for Cyber Security.