Tag: cybersecurity
-
News alert: Syteca release 7.21 enhances privacy, access and oversight with powerful new tools
Waltham, Mass. Sept. 17, 2025, CyberNewswire, Syteca, a global cybersecurity provider, introduced the latest release of its platform, continuing the mission to help organizations reduce insider risks and ensure sensitive data protection. Syteca 7.21 is a major update… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/news-alert-syteca-release-7-21-enhances-privacy-access-and-oversight-with-powerful-new-tools/
-
TA558 Uses AI-Generated Scripts to Deploy Venom RAT in Brazil Hotel Attacks
The threat actor known as TA558 has been attributed to a fresh set of attacks delivering various remote access trojans (RATs) like Venom RAT to breach hotels in Brazil and Spanish-speaking markets.Russian cybersecurity vendor Kaspersky is tracking the activity, observed in summer 2025, to a cluster it tracks as RevengeHotels.”The threat actors continue to employ…
-
New in Syteca Release 7.21: Agentless Access, Sensitive Data Masking, and Smooth Session Playback
Syteca, a global cybersecurity provider, introduced the latest release of its platform, continuing the mission to help organizations reduce insider risks and ensure sensitive data protection. Syteca 7.21 is a major update designed to enhance user privacy, simplify access management, provide seamless oversight, and improve the user experience. With release 7.21, Syteca delivers a set…
-
The Industry’s Passkey Pivot Ignores a Deeper Threat: Device-Level Infections
Passkeys Are Progress, But They’re Not Protection Against Everything The cybersecurity community is embracing passkeys as a long-overdue replacement for passwords. These cryptographic credentials, bound to a user’s device, eliminate phishing and prevent credential reuse. Major players, like Google, Apple, Microsoft, GitHub, and Okta, have made passkey login widely available across consumer and enterprise services….…
-
House spending bill would reauthorize key cybersecurity programs
The two programs, which encourage information sharing and fund local improvements, are seen as critical for national cyber resilience. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-information-sharing-cyber-grants-renewal-funding-bill/760373/
-
Nagomi Control Brings CTEM Into Action
Nagomi Security has announced the next step in its platform evolution with Nagomi Control, a new release that redefines Continuous Threat Exposure Management (CTEM) by enabling security teams to shift from identifying exposures to fixing them. Nagomi Control provides an execution layer for CTEM. While many cybersecurity programs use CTEM to identify risks, they often…
-
Check Point Acquires AI Security Company Lakera
Yesterday, Check Point announced that it had entered into an agreement to acquire Lakera, an AI-native security platform for Agentic AI applications. It has been revealed that the acquisition has cost $300m. By joining forces with Lakera, Check Point sets a new standard in cybersecurity, becoming able to deliver a full end-to-end AI security stack…
-
Hack the Box acquires LetsDefend for blue team upskilling
Hack The Box (HTB), a provider of gamified cybersecurity skills development, has announced the acquisition of LetsDefend, a pioneering blue team training platform known for its hands-on SOC simulations and growing community members. The company said the combination of the two companies >>will offer hands-on labs, real-world simulations and cross-role skill development to empower enterprises,…
-
Check Point acquires Lakera to build a unified AI security stack
Tags: access, ai, api, attack, automation, cloud, compliance, control, cybersecurity, data, endpoint, government, infrastructure, injection, LLM, network, RedTeam, risk, saas, startup, supply-chain, tool, trainingClosing a critical gap: Experts call this acquisition significant and not merely adding just another tool to the stack. “This acquisition closes a real gap by adding AI-native runtime guardrails and continuous red teaming into Check Point’s stack,” said Amit Jaju, senior managing director at Ankura Consulting. “Customers can now secure LLMs and agents alongside…
-
MuddyWater Deploys Custom Multi-Stage Malware Hidden Behind Cloudflare
Since early 2025, cybersecurity analysts have witnessed a marked evolution in the tactics and tooling of MuddyWater, the Iranian state-sponsored Advanced Persistent Threat (APT) group. Historically known for broad Remote Monitoring and Management (RMM) campaigns, MuddyWater has pivoted to highly targeted spearphishing operations and bespoke backdoors. This shift underscores the group’s growing sophistication and its…
-
Palo Alto Networks and Microsoft Featured in MITRE ATTCK Evaluations 2026
Two cybersecurity industry leaders have made significant announcements regarding their participation in the upcoming MITRE ATT&CK Evaluations, marking a notable shift in how major security vendors approach independent testing validation. Diagram illustrating core features of Palo Alto Networks’ Cortex XDR cybersecurity platform, including threat intelligence, endpoint protection, and automation Palo Alto Networks Steps Back After…
-
Scattered Spider Resurfaces With Financial Sector Attacks Despite Retirement Claims
Cybersecurity researchers have tied a fresh round of cyber attacks targeting financial services to the notorious cybercrime group known as Scattered Spider, casting doubt on their claims of going “dark.”Threat intelligence firm ReliaQuest said it has observed indications that the threat actor has shifted their focus to the financial sector. This is supported by an…
-
You May Have to Wait a Little Longer for That Jaguar in the UK as Cyberattack Continues to Hamper Production
Jaguar Land Rover’s prolonged plant shutdown after a ransomware attack by Scattered Lapsus$ Hunters highlights the urgent need for cyber resilience. Experts stress leadership, supply chain security, and cultural commitment to cybersecurity as key to surviving modern attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/you-may-have-to-wait-a-little-longer-for-that-jaguar-in-the-uk-as-cyberattack-continues-to-hamper-production/
-
Wave of 40,000+ Cyberattacks Target API Environments
The cybersecurity landscape has witnessed a dramatic escalation in API-targeted attacks during the first half of 2025, with security researchers documenting over 40,000 API incidents across more than 4,000 monitored environments. This surge represents a fundamental shift in how cybercriminals approach digital infrastructure, with APIs becoming the primary gateway for sophisticated attack campaigns designed to inject malicious…
-
Wave of 40,000+ Cyberattacks Target API Environments
The cybersecurity landscape has witnessed a dramatic escalation in API-targeted attacks during the first half of 2025, with security researchers documenting over 40,000 API incidents across more than 4,000 monitored environments. This surge represents a fundamental shift in how cybercriminals approach digital infrastructure, with APIs becoming the primary gateway for sophisticated attack campaigns designed to inject malicious…
-
Bots vs. humans? Why intent is the game-changer
In this Help Net Security video, Jérôme Segura, VP of Threat Research at Datadome, explains why intent, not just identifying bots, must be the new focus for cybersecurity … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/17/cybersecurity-intent-detection-video/
-
Reassure Your Stakeholders with Strong NHI Policies
Does Your Organization’s Security Strategy Include Strong NHI Policies? Ensuring robust cloud security is much more than just protecting data from cyber attacks. It includes managing Non-Human Identities (NHIs) and their associated secrets effectively. But what exactly are NHIs? And why are strong NHI policies crucial for your organization’s cybersecurity defense? Understanding Non-Human Identities NHIs……
-
Building Impenetrable Security with NHIs
Is Your Cybersecurity Truly Impenetrable? Achieving an “impenetrable security” remains an elusive goal for many organizations. Yet, the rise of Non-Human Identities (NHIs) presents an innovative approach to this challenge. With an efficient management of NHIs and their corresponding secrets, organizations can significantly enhance their cloud security control. Unveiling the Power of NHIs to Cybersecurity……
-
Seceon Unveils aiCompliance CMX360: Instantly Achieve 60-80% Readiness Across 20+ Global Frameworks
Seceon Inc., an award-winning cybersecurity leader trusted by 700+ partners and 9,000+ customers worldwide, today announced aiCompliance CMX360, the industry’s first security-native compliance platform that leverages existing security telemetry to deliver immediate compliance value. Unlike traditional platforms that build evidence from scratch, CMX360 achieves 60-80% framework completion instantly by transforming years of accumulated SIEM data…
-
Geopolitics Shapes Security Budgets in Financial Services
RUSI’s William Dixon on How Trade Wars Lead to Inflation and Cyber Risks. Geopolitical instability has reshaped the cybersecurity priorities of financial services. William Dixon, senior associate fellow for cyber and international security at RUSI, says inflation, trade wars and sluggish growth are forcing cyber leaders to defend businesses with limited resources. First seen on…
-
CrowdStrike bets big on agentic AI with new offerings after $290M Onum buy
Tags: ai, api, ciso, control, crowdstrike, cybersecurity, data, data-breach, detection, marketplace, password, risk, service, soc, trainingCrowdStrike’s Agentic Security Platform: CrowdStrike developed its Agentic Security Platform precisely to help organizations keep pace with increasingly AI-equipped adversaries. “The increasing speed of the adversary, the increasing use of generative AI means from a defensive standpoint, we want to leverage these technologies as well to match and hopefully exceed the speed and efficiency of…
-
CrowdStrike Unveils New Agentic Security Platform For ‘Deeper Layer Of Autonomy’: CTO
CrowdStrike debuted a new agentic security platform to drive a higher degree of autonomy for cybersecurity teams as well as new agents across its Falcon platform, in a pair of announcements Tuesday signaling where the security giant is heading next on AI. First seen on crn.com Jump to article: www.crn.com/news/security/2025/crowdstrike-unveils-new-agentic-security-platform-for-deeper-layer-of-autonomy-cto
-
House lawmakers move to extend two key cyber programs, for now
The measure from the House Appropriations Committee would extend the life of the 2015 Cybersecurity Information Sharing Act (CISA 2015) and the State and Local Cybersecurity Grant Program, both of which are slated to expire September 30, until November 21. First seen on therecord.media Jump to article: therecord.media/house-lawmakers-move-to-extend-two-cyber-laws
-
Check Point acquires AI security firm Lakera in push for enterprise AI protection
The acquisition comes during a flurry of larger cybersecurity firms looking to add AI security to their customer offerings. First seen on cyberscoop.com Jump to article: cyberscoop.com/check-point-lakera-acquistion-ai-security/
-
Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster Takeover
Tags: access, cybersecurity, exploit, flaw, injection, kubernetes, network, rce, remote-code-execution, vulnerabilityCybersecurity researchers have disclosed multiple critical security vulnerabilities in Chaos Mesh that, if successfully exploited, could lead to cluster takeover in Kubernetes environments.”Attackers need only minimal in-cluster network access to exploit these vulnerabilities, execute the platform’s fault injections (such as shutting down pods or disrupting network communications), and perform First seen on thehackernews.com Jump to…
-
Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack
Cybersecurity researchers have flagged a fresh software supply chain attack targeting the npm registry that has affected more than 40 packages that belong to multiple maintainers.”The compromised versions include a function (NpmModule.updatePackage) that downloads a package tarball, modifies package.json, injects a local script (bundle.js), repacks the archive, and republishes it, enabling First seen on thehackernews.com…
-
40+ npm Packages Compromised in Supply Chain Attack Using bundle.js to Steal Credentials
Cybersecurity researchers have flagged a fresh software supply chain attack targeting the npm registry that has affected more than 40 packages that belong to multiple maintainers.”The compromised versions include a function (NpmModule.updatePackage) that downloads a package tarball, modifies package.json, injects a local script (bundle.js), repacks the archive, and republishes it, enabling First seen on thehackernews.com…
-
Check Point To Buy AI Cybersecurity Startup Lakera To Boost Agentic AI Security
Check Point to acquire AI cybersecurity startup Lakera to boost AI security for enterprise customers around LLMs, AI agents and multimodal workflows, says CEO Nadav Zafrir. First seen on crn.com Jump to article: www.crn.com/news/security/2025/check-point-to-buy-ai-cybersecurity-startup-lakera-to-boost-agentic-ai-security
-
Schools are getting better at navigating ransomware attacks, Sophos finds
In 2025, 67% of global lower education providers said they stopped an attack before their stolen data was encrypted, the cybersecurity company reported. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/schools-ransomware-attacks-sophos/760231/
-
AI Penetration Testing Tools: How Villager Is Shaping the Next Wave of Offensive Security
Villager, an AI-powered pen testing tool, is reshaping cybersecurity with powerful automation”, and raising misuse concerns. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/cybersecurity/ai-penetration-testing-tools-how-villager-is-shaping-the-next-wave-of-offensive-security/