Collecting Cyber-News from over 60 sources

Tag: access

Russian Initial Access Broker Handed 81-Month Sentence

Mar 24, 2026 12:47 PM

Tags: access, cybercrime, ransomware, russia

Russian cybercriminal Aleksei Volkov has received close to seven years behind bars for role in Yanluowang ransomware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-initial-access-broker/
Autonomous AI adoption is on the rise, but it’s risky

Mar 24, 2026 11:47 AM

Tags: access, ai, business, ciso, control, data, email, group, malicious, monitoring, risk, software, technology, tool, training

Big risk, big reward: Herein lies the rub: AI experts see huge potential advantages with autonomous AI, with the possibility of creating huge workplace efficiencies, but the risks are substantial.Riley acknowledges both security concerns and the potential for agentic AI to take actions that users didn’t anticipate. While users haven’t yet seen autonomous AI able…
Streamline physical security to enable data center growth in the era of AI

Mar 24, 2026 10:47 AM

Tags: access, ai, automation, best-practice, business, control, data, framework, identity, risk, threat, tool, vulnerability

Think beyond delivery : Every company operates as an economy of projects. But at AI scale, projects must evolve into programs. Designing and delivering AI-capable data centers requires an integrated, fast-moving production model built on repeatable processes and structured knowledge transfer. Intelligent reuse of project elements, including toolsets, intellectual property, templates, design standards and best practices, becomes…
Russian Access Broker Jailed for Facilitating Ransomware Attacks Targeting U.S. Companies

Mar 24, 2026 10:47 AM

Tags: access, attack, breach, corporate, cyber, cybercrime, group, network, ransomware, russia

A United States federal court has sentenced Aleksei Volkov, a 26-year-old Russian national, to 81 months in prison for operating as an initial access broker. Volkov played a critical part in enabling major cybercrime syndicates, including the Yanluowang ransomware group, to breach corporate networks across the country. His illicit activities resulted in more than $9…
Google Forms Job Scam Spreads PureHVNC Malware

Mar 24, 2026 10:47 AM

Tags: access, business, cyber, email, finance, google, jobs, malicious, malware, phishing, scam, threat

A newly observed malware campaign is leveraging trusted platforms like Google Forms to distribute the PureHVNC Remote Access Trojan (RAT), marking a shift in how attackers initiate infections. Rather than relying on traditional phishing emails or malicious websites, threat actors are using business-themed lures such as job interviews, project proposals, and financial documents to trick…
Why CISOs should embrace AI honeypots

Mar 24, 2026 9:46 AM

Tags: access, ai, api, attack, breach, business, ciso, credentials, cyberattack, cybercrime, cybersecurity, data, defense, detection, exploit, hacker, LLM, mitigation, open-source, RedTeam, risk, service, threat, tool, vulnerability

Why CISOs should consider honeypots: Another player in the AI honeypot space is Deutsche Telekom (DT). The firm is both a user and purveyor of AI-powered honeypots through its free, open-source platform ‘T-Pot.’ The most obvious advantage to their use, explains Marco Ochse, DT’s lead for threat analytics and mitigation, lies in how little these…
New Leak Site Tied to Active Initial Access Broker Emerges on Underground Forums

Mar 24, 2026 8:47 AM

Tags: access, cyber, leak, network, ransomware

A new Tor-based leak site dubbed ALP-001 has quietly moved from selling network footholds to publicly naming victims, signaling an evolution from pure initial access brokerage to full-scale cyber extortion. The ALP-001 site, reachable only over Tor, advertises itself as a “Data Leaks / Access Market,” blending hallmarks of both a ransomware leak portal and…
SilentConnect Uses Fake Invites to Deploy ScreenConnect RAT

Mar 24, 2026 7:46 AM

Tags: access, attack, cloud, cyber, rat, service, social-engineering, tool, windows

SILENTCONNECT is a new multi-stage Windows loader that abuses fake online invitations and trusted cloud services to silently deploy the ConnectWise ScreenConnect remote access tool on victim systems. The campaign blends social engineering, living-off-the-land binaries, and low-level evasion techniques to achieve hands-on keyboard access while remaining difficult to spot in traditional monitoring. The attack starts…
Attackers are handing off access in 22 seconds, Mandiant finds

Mar 24, 2026 7:46 AM

Tags: access, exploit, mandiant

Exploits remain the leading entry point for attackers for the sixth consecutive year, according to Mandiant’s M-Trends 2026 report, which draws on more than 500,000 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/24/mandiant-m-trends-2026-report/
Critical NetScaler ADC and Gateway Flaws Expose Systems to Remote Attacks

Mar 24, 2026 6:50 AM

Tags: access, attack, cloud, cve, cyber, data, flaw, group, software, unauthorized, update, vulnerability

Cloud Software Group has published a critical security bulletin addressing two significant vulnerabilities in customer-managed NetScaler ADC and NetScaler Gateway deployments. These flaws, tracked as CVE-2026-3055 and CVE-2026-4368, could allow attackers to extract sensitive data from memory or to gain unauthorized access to sessions. System administrators are strongly urged to apply the available security updates…
Cisco Ships Zero Trust for AI Agents, Self-Service Red Teaming, and Agentic SOC Tools at RSAC 2026

Mar 24, 2026 12:46 AM

Tags: access, ai, cisco, control, identity, open-source, RedTeam, service, soc, tool, zero-trust

Cisco announced a broad set of security products at RSAC 2026 Monday aimed at securing the growing use of AI agents in enterprise environments. The announcements span identity management, pre-deployment testing, open-source tooling, and SOC automation. The centerpiece is Zero Trust Access for AI agents, which extends Cisco’s existing access control model to cover agentic..…
QNAP fixed four vulnerabilities demonstrated at Pwn2Own Ireland 2025

Mar 23, 2026 11:47 PM

Tags: access, cve, data, router, vulnerability

QNAP fixed four vulnerabilities shown at Pwn2Own 2025 that could enable code execution, data access, or system disruption. Taiwanese vendor QNAP has addressed multiple vulnerabilities, including four SD-WAN router issues (CVE-2025-62843 to CVE-2025-62846) demonstrated at the Pwn2Own Ireland 2025 by Team DDOS. The team chained multiple bugs in QNAP devices to gain root access and…
Russian authorities block paywall removal site Archive.today

Mar 23, 2026 8:47 PM

Tags: access, russia

A notice on the popular paywall-bypass website Archive.today said that access is blocked “by decision of [Russian] public authorities.” First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/23/russian-authorities-block-paywall-removal-site-archive-today/
SOCRadar Launches AI Agent Marketplace and Identity Intelligence at RSAC 2026

Mar 23, 2026 7:47 PM

Tags: access, ai, conference, identity, intelligence, marketplace, threat

SOCRadar launched its AI Agent Marketplace at RSA Conference 2026, introducing a modular hub where organizations can browse, purchase, and deploy specialized autonomous AI agents within the SOCRadar Extended Threat Intelligence Platform. The release also adds Identity and Access Intelligence capabilities designed to address what the company describes as identity >>blind spots<< across third-party SaaS..…
Faster attacks and ‘recovery denial’ ransomware reshape threat landscape

Mar 23, 2026 5:48 PM

Tags: access, ai, api, attack, authentication, backup, ciso, cloud, control, credentials, data, defense, detection, email, encryption, espionage, exploit, governance, identity, infection, infrastructure, intelligence, mandiant, mfa, monitoring, network, north-korea, phishing, ransomware, resilience, saas, service, social-engineering, strategy, tactics, theft, threat, tool, update

Social engineering becomes more interactive: While exploits remain the leading initial infection vector at 32%, the report underscores a shift toward more adaptive social engineering. Voice phishing has risen sharply, while email phishing continues to decline, signaling a move away from high-volume campaigns toward real-time interaction.Mandiant’s data shows that email phishing dropped to just 6%…
Smooth criminals talking their way into cloud environments, Google says

Mar 23, 2026 4:47 PM

Tags: access, cloud, google, phishing

Voice phishing is second most common initial access method across all IR probes, and top in cloud break-ins First seen on theregister.com Jump to article: www.theregister.com/2026/03/23/voice_phishing_skyrockets_as_smooth/
Smooth criminals talking their way into cloud environments, Google says

Mar 23, 2026 4:47 PM

Tags: access, cloud, google, phishing

Voice phishing is second most common initial access method across all IR probes, and top in cloud break-ins First seen on theregister.com Jump to article: www.theregister.com/2026/03/23/voice_phishing_skyrockets_as_smooth/
AppGate Brings Zero Trust Network Access to Industrial OT With New Secure Remote Access Product

Mar 23, 2026 3:47 PM

Tags: access, control, infrastructure, network, technology, zero-trust

AppGate is bringing Zero Trust Network Access to operational technology environments with the launch of Secure Remote Access for Industrial OT, announced at RSAC 2026. The product extends AppGate’s direct-routed ZTNA architecture into industrial control systems, manufacturing plants, energy facilities, and critical infrastructure, where remote access has historically been one of the hardest security problems..…
The hidden cost of AI speed: Unmanaged cyber risk

Mar 23, 2026 3:47 PM

Tags: access, ai, attack, business, chatgpt, ciso, cloud, control, cyber, cybersecurity, data, data-breach, exploit, flaw, google, governance, identity, infrastructure, injection, intelligence, monitoring, open-source, openai, privacy, radius, risk, service, software, threat, tool, vulnerability

AI isn’t just moving fast. It’s creating new attack paths. Cyber teams must now manage vulnerabilities and their ramifications throughout their IT environments in AI tools deployed without enough governance guardrails. The answer for securing this new attack surface? Unified exposure management. Key takeaways AI as an attack vector: By connecting to core workflows and…
23rd March Threat Intelligence Report

Mar 23, 2026 3:47 PM

Tags: access, breach, data, intelligence, threat, unauthorized

Navia Benefit Solutions, a United States-based employee benefits administrator, has disclosed a breach affecting more than 2.6 million individuals after unauthorized access and potential data exfiltration occurred between December 22, 2025 and […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2026/23rd-march-threat-intelligence-report/
Varonis Atlas: Securing AI and the Data That Powers It

Mar 23, 2026 3:47 PM

Tags: access, ai, control, data

AI agents can access data directly, making data security the foundation of AI security. Learn more about how Varonis Atlas helps orgs see, secure, and control AI systems and the data they can reach. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/varonis-atlas-securing-ai-and-the-data-that-powers-it/
Varonis Atlas: Securing AI and the Data That Powers It

Mar 23, 2026 3:47 PM

Tags: access, ai, control, data

AI agents can access data directly, making data security the foundation of AI security. Learn more about how Varonis Atlas helps orgs see, secure, and control AI systems and the data they can reach. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/varonis-atlas-securing-ai-and-the-data-that-powers-it/
SEO Poisoning Campaign Uses Fake Popular Apps to Deliver AsyncRAT

Mar 23, 2026 2:47 PM

Tags: access, cyber

SEO Poisoning Campaign Impersonates 25+ Popular Apps to Deliver AsyncRAT Since October 2025.An ongoing SEO poisoning campaign abuses search results to trick users into downloading trojanized installers for more than 25 popular applications, ultimately deploying the AsyncRAT remote access trojan. Active since at least October 2025, the operation uses a mix of fake download portals,…
We Found Eight Attack Vectors Inside AWS Bedrock. Here’s What Attackers Can Do with Them

Mar 23, 2026 2:47 PM

Tags: access, ai, attack, data, tool

AWS Bedrock is Amazon’s platform for building AI-powered applications. It gives developers access to foundation models and the tools to connect those models directly to enterprise data and systems. That connectivity is what makes it powerful but it’s also what makes Bedrock a target.When an AI agent can query your Salesforce instance, trigger a Lambda…
RSA Launches ID Plus Sovereign Deployment for Organizations That Can’t Afford Identity Downtime

Mar 23, 2026 2:47 PM

Tags: access, finance, government, identity, infrastructure, service

RSA opened RSAC 2026 with a new deployment model for its ID Plus identity platform, aimed squarely at government agencies, financial services firms, and critical infrastructure operators that need identity security to work even when everything else fails. RSA ID Plus Sovereign Deployment is a >>deploy anywhere<< identity and access management solution that gives organizations..…
Cisco Extends Security Reach to AI Agents

Mar 23, 2026 2:47 PM

Tags: access, ai, cisco, conference, cybersecurity, identity, intelligence

Cisco today at the RSA Conference (RSAC) extended its cybersecurity portfolio to secure artificial intelligence (AI) agents while at the same time employing AI to automate security operations. At the core of that effort are extensions to the Cisco Duo identity and access management (IAM) platform that make it possible to discover them and apply..…
Microsoft Exchange Online service change causes email access issues

Mar 23, 2026 1:46 PM

Tags: access, cloud, email, microsoft, mobile, service

Microsoft is working to address an ongoing service issue that has intermittently prevented some users from accessing their cloud-based Exchange Online mailboxes via Outlook mobile and Mac desktop clients since Thursday. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/new-exchange-online-virtual-account-blocks-email-access-via-mobile-mac-apps/
Why Your Weather-Powered Design Tool Needs More Than Just an API Key

Mar 23, 2026 12:47 PM

Tags: access, api, authentication, control, tool

Weather-powered design tools need more than an API key. Learn how authentication, access control, and server-side calls keep… First seen on hackread.com Jump to article: hackread.com/weather-powered-design-tool-api-key/
Behavioral XDR and threat intel nab North Korean fake IT worker within 10 days of hire

Mar 23, 2026 11:47 AM

Tags: access, authentication, business, china, ciso, control, data, edr, firewall, iam, identity, Internet, jobs, korea, login, monitoring, north-korea, service, software, threat, update, vpn, windows

Key signs of NK-linked insider infiltration: SpiderLabs has found that these threat actors commonly operate from China rather than North Korea because the internet is more stable and they can employ VPN services to conceal their true geographic origin.Astrill VPN has the ability to bypass China’s Great Firewall and allows threat actors to tunnel traffic…
Hassan Took a Bike Ride. Now He’s One of the Thousands Missing in Gaza

Mar 23, 2026 11:47 AM

Tags: access

In a place denied access to basic forensic technology”, and where people disappear into Israeli detention”, the fate of thousands remains unknown. One of them is an autistic teenager. First seen on wired.com Jump to article: www.wired.com/story/hassan-took-a-bike-ride-now-hes-one-of-the-thousands-missing-in-gaza/