Articles about Identity

If you’ve seen ‘Blade Runner’ you’ll know how difficult it can be to determine if someone is human or not. While that was fiction it’s worth remembering that it was set in 2019.

In 2025 and in the real world it’s becoming increasingly difficult to tell humans from bots in the online world. AI-powered bots, nearly indistinguishable from humans, are multiplying rapidly. This presents a growing nightmare for headhunters, security officers and more. We spoke to Terence Kwok, founder and CEO of blockchain identity platform Humanity Protocol, about the challenge of verifying humanity online.

Continue reading →

CrowdStrike has launched Falcon Next-Gen Identity Security, a new unified solution aimed at protecting identity across the full attack chain.

The platform covers human users, non-human service accounts, and AI agent identities, delivering security without the usual integration delays typically seen in multi-vendor setups.

Continue reading →

With identity security growing more complex a new report shows that of 70 percent of enterprises recognize the need to consolidate their identity security tool stack.

The study by Enterprise Strategy Group for Silverfort finds that while 70 percent of teams plan to expand their use of an existing tool to cover a new use case in the next 12-18 months, 62 percent of organizations plan to implement a new tool to satisfy a use case, hinting that current solutions may not be adequate to satisfy evolving priorities.

Continue reading →

The latest Threat Detection Report update from Red Canary shows a rise of almost 500 percent in detections associated with cloud accounts during the first half of 2025.

This significant rise stems primarily from Red Canary’s expanded identity detection coverage and the implementation of AI agents designed to identify unusual login patterns and suspicious user behaviors. This includes identifying logins from unusual devices, IP addresses, and virtual private networks (VPNs), which significantly increases the detection of risky behaviors.

Continue reading →

Cybercriminals are increasingly using sophisticated identity-based attacks (phishing, social engineering, leveraging compromised credentials) to gain access as trusted users and move laterally across systems undetected.

We spoke to Cristian Rodriguez, field CTO, Americas at CrowdStrike, about the company’s recent research into these attacks and now organizations can defend against them.

Continue reading →

AI-powered fraud is evolving faster than most organizations can detect it. That’s the message from Proof, the identity authorization company, in its new report, The Trust Ledger: Transaction & Identity Fraud Bulletin.

The research reveals how synthetic identities, stolen credentials, and generative AI are fueling a surge in digital impersonation and fraud across industries.

Continue reading →

Recent high-profile attacks have placed increased emphasis on the software supply chain and the need to understand where code has originated.

A developer's coding style is as unique as their fingerprint and, thanks to artificial intelligence, it’s possible to identify an author based on a short code segment. Felix Mächtle, a researcher at the University of Lübeck and member of the AI Grid research network, has developed a tool that does just that. We spoke to him to learn more.

Continue reading →

Organizations are continuing to struggle to identify and address security vulnerabilities in hybrid identity systems such as Active Directory, Entra ID, and Okta.

This is among the findings of a new report, from AI-powered identity security and cyber resilience company Semperis, which is based on results from Purple Knight a free Active Directory security assessment tool by Semperis that has been downloaded by 45,000+ organizations.

Continue reading →

Advanced phishing kits and info-stealing malware have accounted for a 156 percent jump in cyberattacks targeting user logins.

A new report from cybersecurity company eSentire shows attackers are increasingly opting for obtaining login credentials and session cookies via phishing or malware. This then allows them to carry out Business Email Compromise (BEC) attacks, gain access to bank accounts, or steal cryptocurrency.

Continue reading →

Microsoft Active Directory (AD) turned 25 earlier this year -- remarkable longevity in the technology world. It’s the identity backbone for more than 80 percent of enterprises, meaning a breach could be catastrophic.

We spoke to Sean Deuby, principal technologist at Semperis, to look at the top considerations for protecting AD for the future, as most organizations he talks to have no plans to move on from the aging technology.

Continue reading →

The first day of May has numerous competitors for its patronage. It's May Day, of course, and it's International Labor Day, and apparently it's Global Love Day. Since 2013 it's also been World Password Day -- created by Intel to highlight concerns around digital security.

As of last year though there's been further competition from the upstart World Passkey Day. So are we finally seeing a serious challenge to the dominance of passwords as an authentication method?

Continue reading →

A new AI security report from Check Point Software shows how cybercriminals are co-opting generative AI and large language models (LLMs) in order to damage trust in digital identity.

At the heart of these developments is AI's ability to convincingly impersonate and manipulate digital identities, dissolving the boundary between authentic and fake.

Continue reading →

New research highlights the growing threat of identity-based attacks and looks at organizations ability to defend against them.

The study from Huntress shows 67 percent of organizations reported an increase in identity-based incidents over the past three years, with these attacks comprising more than 40 percent of security incidents for 35 percent of organizations in the past year alone.

Continue reading →

Analysis of almost 93,000 threats detected within more than 308 petabytes of security telemetry by Red Canary shows infostealer malware infections on the rise across both Windows and macOS platforms.

Used to gather identity information and other data at scale, in 2024 LummaC2 was the most prevalent stealer detected in 2024, operating under a malware-as-a-service model, and selling for anywhere from $250 per month to a one-time payment of $20,000.

Continue reading →

The year 2025 will not be a revolutionary one, it will be evolutionary, with developments coming into effect that were necessitated by events and happenings in 2024, and solutions to address these events reaching maturity levels that allow an appropriate, comprehensive response. With threats like ransomware certain to continue, identity resilience is going to become more important in the year ahead and, as such, identity will become the critical component of security.

This shift in emphasis started to take place in 2024, but there will be a greater focus on it among business leaders in the year ahead as they start to understand that identity is one of the biggest threats to any organization as it is a key vector for attackers.

Continue reading →