Tag: control
-
5 critical steps to achieve business resilience in cybersecurity
Tags: access, ai, attack, authentication, automation, backup, breach, business, communications, control, credentials, cybersecurity, data, defense, detection, endpoint, identity, malicious, mfa, msp, password, ransomware, resilience, soc, threat, tool, updateLooking for end-to-end coverage of your environment? Check out N-able Unified Security Solutions. 2. Transition from manual to automated response : SOC teams can’t keep up with the flood of alerts”, N-able handled 2 alerts per minute on average in 2025. That’s why automation and Security Orchestration, Automation and Response (SOAR) saw a 500% YoY surge”, almost one in four responses are now…
-
Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve remote code execution, according to findings from the Microsoft Defender Security Research Team.”Instead of exposing command execution through URL parameters or request bodies, these web shells rely on threat actor-supplied cookie values to gate…
-
North Korealinked hackers drain $285M from Drift in sophisticated attack
Drift lost $285M in a sophisticated attack, likely by North Korea, who used nonce-based tricks to gain control and quickly drain funds Drift suffered a $285 million cryptocurrency heist in a highly sophisticated attack likely linked to North Korea. Threat actors used durable nonce accounts to pre-sign and delay transactions, while also compromising multisig approvals…
-
Why Privileged Access is Becoming the Control Plane for Agentic AI
AI agents are the new “high-speed insiders.” Discover why traditional identity models fail autonomous systems and how Privileged Access Management (PAM) is evolving into a real-time authorization control plane. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/why-privileged-access-is-becoming-the-control-plane-for-agentic-ai/
-
12 cyber industry trends revealed at RSAC 2026
Tags: access, ai, application-security, authentication, awareness, business, ciso, cloud, control, cyber, cybersecurity, data, deep-fake, defense, detection, edr, endpoint, firewall, gartner, governance, identity, infrastructure, insurance, metric, microsoft, monitoring, mssp, phishing, programming, risk, risk-management, service, siem, skills, soc, software, startup, technology, threat, tool, trainingLegacy security vendors have the inside track on AI, for now: As far as AI technology consumption for cybersecurity, most CISOs I spoke with were open-minded while leaning toward their existing vendors, at least in the short term. This may buy legacy security vendors a bit, but not much time.Remember what happened in the cloud…
-
Pro-Iran Handala group breached Israeli defence contractor PSK Wind Technologies
Iran-linked hackers claim to have breached Israeli air defence contractor PSK Wind, which develops command and control systems. Pro-Iran Handala group announced on April 2 that it breached PSK Wind Technologies, an Israeli engineering and IT firm specializing in integrated systems for defense and critical communications, including command and control solutions. Handala appears as a…
-
Phorpiex Botnet Fuels Ransomware, Sextortion, and Crypto-Theft Attacks
Hackers are abusing the long-running Phorpiex (Trik) botnet to run large-scale ransomware, sextortion, and crypto-clipping operations, turning one infrastructure into a multi-purpose crime machine. A newer variant called Twizt gives the botnet a hybrid architecture that combines traditional command-and-control (C2) with a peer”‘to”‘peer (P2P) protocol, allowing infected machines to share commands and node lists directly with each…
-
Drift loses $280 million North Korean hackers seize Security Council powers
The Drift Protocol lost at least $280 million after a threat actor took control of its Security Council administrative powers in a planned, sophisticated operation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/drift-loses-280-million-north-korean-hackers-seize-security-council-powers/
-
North Korea Uses GitHub as C2 in New LNK Phishing Campaign
A new phishing campaign that uses malicious Windows shortcut (LNK) files to target users in South Korea, while abusing GitHub as Command and Control (C2) infrastructure to hide its activity. The operation, linked through tooling and tradecraft to North Korearelated actors, shows a clear evolution from earlier, less obfuscated XenoRAT-delivery campaigns observed since 2024. In…
-
Cloudflare’s new CMS is not a WordPress killer, it’s a WordPress alternative
The next wave of web development: In an interview with Computerworld, Cloudflare senior product manager Matt Taylor said his team sees the project as the next wave of web development platforms.”There is a whole new generation of developers, and WordPress is old news to them. If you are starting today, there is no way you…
-
Drift loses $280 million as hackers seize Security Council powers
The Drift Protocol lost at least $280 million after a threat actor took control of its Security Council administrative powers in a planned, sophisticated operation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/drift-loses-280-million-as-hackers-seize-security-council-powers/
-
Reengineering AML in the Era of Instant Payments
Financial Institutions Are Rethinking Controls to Ensure Frictionless Transactions. When the Federal Reserve lifted FedNow’s transaction limit from $1 million to $10 million last November, the regulatory change transformed instant payments from a retail convenience to a corporate treasury rail. AML decisions on high-value instant wire transfers must now be made in real time. First…
-
New Rowhammer attacks give complete control of machines running Nvidia GPUs
Both GDDRHammer and GeForge hammer GPU memory in ways that compromise the CPU. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/04/new-rowhammer-attacks-give-complete-control-of-machines-running-nvidia-gpus/
-
How Do I Make Kubernetes Self”‘Service Without Losing Control?
<div cla Platform teams are under pressure to move faster, but handing full Kubernetes access to every developer is risky. Self”‘service and control are not opposites; they are two sides of a well”‘designed platform. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/how-do-i-make-kubernetes-self%e2%80%91service-without-losing-control/
-
NIST CSF 2.0 and Universalizing Cybersecurity
Over the past decade, the proliferation of standards, controls, and sector-specific frameworks has created a paradox where the more guidance exists, the harder it is to weed through the complexity and build secure systems that comply with that guidance. This is where NIST Cybersecurity Framework (CSF) 2.0 comes in. CSF functions as a translation layer,”¦…
-
Open-Source FIM: Freely Available. But What Makes Them Expensive?
<div cla In a previous article, we explained why it is worth licensing File Integrity Monitoring (FIM) rather than using open-source alternatives. The decision is not “free vs paid”; it is about streamlined access to the risk management capabilities of FIM and controlling costs. CimTrak is a purpose-built system that produces control and evidence through…
-
Microsoft Warns of WhatsApp Attachments Spreading Backdoor on Windows PCs
Microsoft warns of a WhatsApp attachments spreading VBS malware that installs backdoors on Windows PCs, giving hackers remote access and control systems. First seen on hackread.com Jump to article: hackread.com/microsoft-whatsapp-attachments-backdoor-windows-pcs/
-
New ‘Storm’ Infostealer Remotely Decrypts Stolen Credentials
This modern infostealer adopted server-side decryption of stolen credentials to bypass security controls First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/storm-infostealer-remotely/
-
Critical PX4 Autopilot Vulnerability Let Attackers Gain Control of Drones
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert regarding a severe vulnerability in the PX4 Autopilot system. This critical flaw could allow malicious actors to completely take over unmanned aerial vehicles (UAVs) and drones used across vital infrastructure sectors. Tracked as CVE-2026-1579, the security flaw carries a near-maximum Common Vulnerability Scoring…
-
Agentic AI Governance: How to Approach It
Simulators don’t just teach pilots how to fly the plane; they also teach judgment. When do you escalate? When do you hand off to air traffic control? When do you abort the mission? These are human decisions, trained under pressure, and just as critical as the technical flying itself. First seen on securityboulevard.com Jump to…
-
Agentic AI Governance: How to Approach It
Simulators don’t just teach pilots how to fly the plane; they also teach judgment. When do you escalate? When do you hand off to air traffic control? When do you abort the mission? These are human decisions, trained under pressure, and just as critical as the technical flying itself. First seen on securityboulevard.com Jump to…
-
Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both
P_MLE and P_SECURE) in the tabpanel sidebar introduced in 2025, and a missing security check in the autocmd_add() function.Claude Code then helpfully tried to find ways to exploit the vulnerability, eventually suggesting a tactic that bypassed the Vim sandbox by persuading a target to open a malicious file. It had gone from prompt to proof-of-concept…
-
5 AWS AI Controls Every Security Team Should Have
Most teams govern AI workloads at the application layer. They configure guardrails for their Bedrock agents, scope IAM roles per workload, and build policies around approved models. That discipline matters, but it breaks down the moment a developer spins up a new account or invokes a model directly without touching the application stack. Org-level enforcement……
-
Ethereum-Based EtherRAT, EtherHiding Power Stealthy Malware Campaigns
Hackers are abusing the Ethereum blockchain to hide and control a new Node.js backdoor called EtherRAT, using a stealthy technique known as EtherHiding to make their command”‘and”‘control (C2) infrastructure difficult to disrupt. EtherRAT, previously profiled by Sysdig and linked to North Korean “Contagious Interview” activity, is a Node.js backdoor that lets attackers run arbitrary commands,…
-
Gigabyte Control Center: Schadcode-Lücke in verbreitetem Hardware-Steuertool
Viele Nutzer mit Gigabyte-Hardware verwenden das Gigabyte Control Center. Eine Lücke darin lässt Angreifer unter anderem Schadcode einschleusen. First seen on golem.de Jump to article: www.golem.de/news/gigabyte-control-center-schadcode-luecke-in-verbreitetem-hardware-steuertool-2604-207159.html
-
WhatsApp malware campaign uses malicious VBS files to gain persistent access
MSI as the backdoor vehicle for persistence: The final stages of the campaign lead to persistence, using Microsoft Installer (MSI) packages as the delivery mechanism for backdoors.MSI files are an effective choice as they are not usually treated as inherently suspicious and can execute custom actions during installation. In this campaign, they are used to…
-
9 ways CISOs can combat AI hallucinations
Tags: access, ai, breach, ciso, compliance, control, corporate, cybersecurity, data, defense, encryption, flaw, framework, GDPR, governance, identity, metric, penetration-testing, regulation, risk, soc, tool, trainingTreat AI outputs as drafts, not finished products: One of the biggest risks is over-trusting AI, according to security experts. Coté says her organization changed its policy so AI-generated content cannot go straight into compliance documentation without a human review.”The moment your team starts treating an AI-generated answer as a finished work product, you have…