Tag: defense

KnowBe4 launches AI agent to tailor security awareness assessments

Mar 11, 2026 1:49 PM

Tags: ai, awareness, cyber, defense, intelligence, risk, technology, tool

KnowBe4 has expanded its Artificial Intelligence Defense Agents (AIDA) suite with the launch of a new AI-powered assessment tool designed to help organisations measure human cyber risk more accurately. The company has introduced the Custom SAPA (Security Awareness Proficiency Assessment) AI Agent, which generates tailored security awareness assessments based on an organisation’s own technology environment,…
Did cybersecurity recently have its Gatling gun moment?

Mar 11, 2026 12:49 PM

Tags: ai, attack, automation, cyber, cyberattack, cybercrime, cybersecurity, defense, detection, email, endpoint, government, hacker, intelligence, LLM, malicious, malware, phishing, ransomware, siem, social-engineering, spear-phishing, strategy, tactics, threat, tool, update, vulnerability, warfare

inflection point. Both emblematic of an irreversible tipping point, where the nature of conflict was altered by its sudden asymmetry.The Gatling gun is the perfect analogy for the current cyber landscape. Just as it transformed warfare from a manual craft into an industrial process, modern threats have shifted from individual attacks to automated, high-velocity engagements.Here…
A 5-step approach to taming shadow AI

Mar 11, 2026 12:49 PM

Tags: ai, api, business, communications, compliance, control, data, defense, finance, framework, governance, incident response, monitoring, network, nist, risk, risk-assessment, risk-management, service, strategy, technology, tool

thought work happened and how it actually does today.Here’s a five-step approach to put a robust AI-risk management framework in place: Employees often use public model APIs, browser-based prompt tools and unsanctioned or ungoverned internal chatbots to boost productivity without considering the risk of exposing sensitive data.AI usage is not difficult to identify; you just need…
12 ways attackers abuse cloud services to hack your enterprise

Mar 11, 2026 8:47 AM

Tags: access, ai, api, attack, backdoor, backup, business, ceo, china, cloud, communications, control, corporate, credentials, crowdstrike, cyber, cybercrime, cyberespionage, cybersecurity, data, defense, detection, endpoint, exploit, extortion, firewall, framework, group, hacking, incident, incident response, infrastructure, kubernetes, login, malicious, malware, microsoft, network, openai, phishing, ransomware, russia, service, social-engineering, threat, tool

Hiding command-and-control in trusted APIs: Attackers are also forging malware that routes C2 traffic through trusted services such as OpenAI APIs.For example, the SesameOp backdoor routes traffic through OpenAI’s Assistants API, masking C2 communications as legitimate AI development work.”In cases such as the SesameOp backdoor, traffic looks like normal AI development activity,” says Parthiban Jegatheesan,…
Building Identity Resilience Against Deepfake Attacks

Mar 10, 2026 10:48 PM

Tags: attack, deep-fake, defense, detection, gartner, identity, resilience, risk, strategy

Gartner’s Apeksha Kaushik on Why Detection Alone Can’t Stop ID Impersonation. Organizations facing deepfake-driven impersonation attacks must move beyond traditional detection strategies and build stronger identity resilience. Security leaders should adopt layered defenses that combine detection, prevention and broader risk signals to disrupt attackers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/building-identity-resilience-against-deepfake-attacks-a-30964
The CSO role is evolving fast with AI in Cyber Defense strategy

Mar 10, 2026 9:48 PM

Tags: ai, cyber, data, defense, strategy

First seen on csoonline.com Jump to article: www.csoonline.com/article/4143188/the-cso-role-is-evolving-fast-with-ai-in-cyber-defense-strategy.html
The CSO role is evolving fast with AI in Cyber Defense strategy

Mar 10, 2026 9:48 PM

Tags: ai, cyber, data, defense, strategy

First seen on csoonline.com Jump to article: www.csoonline.com/article/4143188/the-cso-role-is-evolving-fast-with-ai-in-cyber-defense-strategy.html
US military contractor likely built iPhone hacking tools used by Russian spies in Ukraine

Mar 10, 2026 9:48 PM

Tags: cybercrime, defense, espionage, google, government, group, hacking, iphone, military, russia, tool, ukraine

Google found a series of hacking tools they said were used by a Russian espionage group and a cybercriminal group in China. Sources from a U.S. government defense contractor said some of those hacking tools were theirs. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/10/us-military-contractor-likely-built-iphone-hacking-tools-used-by-russian-spies-in-ukraine/
U.S. military contractor likely built iPhone hacking tools used by Russian spies in Ukraine

Mar 10, 2026 7:49 PM

Tags: cybercrime, defense, espionage, google, government, group, hacking, iphone, military, russia, tool, ukraine

Google found a series of hacking tools they said were used by a Russian espionage group and a cybercriminal group in China. Sources from a U.S. government defense contractor said some of those hacking tools were theirs. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/10/us-military-contractor-likely-built-iphone-hacking-tools-used-by-russian-spies-in-ukraine/
An iPhone-hacking toolkit used by Russian spies likely came from US military contractor

Mar 10, 2026 5:47 PM

Tags: cybercrime, defense, espionage, google, government, group, hacking, iphone, military, russia, tool

Google found a series of hacking tools they said were used by a Russian espionage group and a cybercriminal group in China. Sources from a U.S. government defense contractor said some of those hacking tools were theirs. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/09/an-iphone-hacking-toolkit-used-by-russian-spies-likely-came-from-u-s-military-contractor/
Closed Loop Security: Zero Trust, C2C Ransomware Defense

Mar 10, 2026 5:47 PM

Tags: access, cybersecurity, defense, ransomware, service, tool, zero-trust

<div cla In Part 1 of this series, we established the core problem facing cybersecurity today: it still operates as an open-loop system. Tools detect alerts, behaviors, and anomalies, but they do not enforce whether systems remain in a known-good, trusted state. As a result, security teams are perpetually reacting to symptoms rather than preventing…
The Economic Argument: The Real Cost of Insecure APIs in the AI Era

Mar 10, 2026 3:48 PM

Tags: access, ai, api, application-security, attack, business, compliance, control, corporate, cybersecurity, data, defense, exploit, finance, flaw, framework, governance, identity, injection, international, jobs, malicious, privacy, regulation, risk, threat, tool, vulnerability

When cybersecurity teams talk about risk, they usually speak in technical terms like vulnerabilities, exploits, and attack vectors. But when they walk into the boardroom, they need to speak a different language. They need to speak about cost. In the era of AI, the cost of insecure APIs has shifted from a potential liability to…
Fake job applications pack malware that kills EDR before stealing data

Mar 10, 2026 3:48 PM

Tags: data, defense, edr, jobs, malware, russia

Russian-speaking attackers lure HR staff into downloading ISO files that disable defenses First seen on theregister.com Jump to article: www.theregister.com/2026/03/10/malware_targeting_hr/
iPhone Hacking Toolkit Tied to Russian Espionage May Have Originated in the U.S.

Mar 10, 2026 9:48 AM

Tags: breach, china, cyber, data-breach, defense, espionage, exploit, framework, hacking, intelligence, iphone, military, russia

A highly advanced iPhone hacking toolkit, originally developed for Western intelligence agencies, has leaked into the hands of Russian spies and Chinese cybercriminals. The exploit framework, known internally as >>Coruna,<< was likely created by Trenchant, the hacking and surveillance division of U.S. defense contractor L3Harris. This major breach demonstrates how strictly controlled military cyber weapons…
When AI safety constrains defenders more than attackers

Mar 10, 2026 8:47 AM

Tags: access, ai, attack, authentication, awareness, business, chatgpt, ciso, control, defense, detection, email, exploit, framework, LLM, malicious, malware, marketplace, microsoft, offense, open-source, openai, penetration-testing, phishing, RedTeam, service, social-engineering, spear-phishing, strategy, threat, tool, training, usa, vulnerability

The attacker advantage: Threat actors operate under no such constraints. They simply use jailbroken models, locally hosted open-source alternatives, or purpose-built malicious tools that have proliferated across underground markets.WormGPT, originally shut down in 2023, has reappeared largely as a recycled brand name for uncensored AI tools. New variants posted on underground marketplace BreachForums between October…
When AI safety constrains defenders more than attackers

Mar 10, 2026 8:47 AM

Tags: access, ai, attack, authentication, awareness, business, chatgpt, ciso, control, defense, detection, email, exploit, framework, LLM, malicious, malware, marketplace, microsoft, offense, open-source, openai, penetration-testing, phishing, RedTeam, service, social-engineering, spear-phishing, strategy, threat, tool, training, usa, vulnerability

The attacker advantage: Threat actors operate under no such constraints. They simply use jailbroken models, locally hosted open-source alternatives, or purpose-built malicious tools that have proliferated across underground markets.WormGPT, originally shut down in 2023, has reappeared largely as a recycled brand name for uncensored AI tools. New variants posted on underground marketplace BreachForums between October…
Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming

Mar 10, 2026 8:47 AM

Tags: ai, defense, RedTeam, supply-chain, threat

Pascal Andrei, CSO at Airbus, knows that the aerospace and defense sector is facing a threat environment that is evolving faster than most organizations can track. From … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/10/pascal-andrei-airbus-aerospace-defense-cybersecurity/
Anthropic Files Lawsuit Against U.S. Government Over Claude Risk Designation

Mar 10, 2026 7:47 AM

Tags: ceo, cyber, defense, government, military, office, risk

Anthropic has launched an unprecedented lawsuit against the U.S. government after being designated a >>supply chain risk>>. The legal action, filed in a California federal court, targets the executive office of President Donald Trump, Defense Secretary Pete Hegseth, and 16 government agencies. The dispute centers on Anthropic CEO Dario Amodei’s refusal to allow the military…
An iPhone-hacking toolkit used by Russian spies likely came from U.S military contractor

Mar 10, 2026 5:47 AM

Tags: cybercrime, defense, espionage, google, government, group, hacking, iphone, military, russia, tool

Google found a series of hacking tools they said were used by a Russian espionage group and a cybercriminal group in China. Sources from a U.S. government defense contractor said some of those hacking tools were theirs. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/09/an-iphone-hacking-toolkit-used-by-russian-spies-likely-came-from-u-s-military-contractor/
President Trump’s Cyber Strategy for America: What It Means for the U.S. and Why It Matters Globally

Mar 9, 2026 11:48 PM

Tags: access, ai, awareness, business, ceo, cloud, compliance, computing, cryptography, cyber, cybercrime, cybersecurity, data, defense, exploit, governance, government, healthcare, incident response, infrastructure, intelligence, international, malicious, network, regulation, resilience, risk, skills, startup, strategy, supply-chain, technology, threat, tool, training, usa, vulnerability, zero-trust

President Trump’s Cyber Strategy for America signals a shift toward risk-based security and cooperation across emerging technologies. While centered on U.S. interests, the strategy provides a blueprint to collectively strengthen global cyber resilience. Key takeaways Cybersecurity as a global security imperative: The strategy signals that cybersecurity has evolved beyond a mere “IT issue” to become…
Stop Chasing Threats, Start Containing Them

Mar 9, 2026 9:47 PM

Tags: attack, automation, ciso, data, defense, detection, identity, resilience, risk, soc, threat, tool

Why SOCs Must Move Beyond Alerts and Adopt Identity-Aware Defense Models Today Security operations centers are overwhelmed by alerts, fragmented identity data and tool sprawl. As identity-based attacks rise, CISOs are shifting toward identity-aware detection, automation and outcome-driven security operations to reduce risk and improve resilience across hybrid environments. First seen on govinfosecurity.com Jump to…
Tenable Named a Challenger in the 2026 Gartner® Magic Quadrant for CPS Protection Platforms

Mar 9, 2026 7:48 PM

Tags: access, advisory, ai, attack, business, cloud, compliance, control, cyber, data, defense, detection, firmware, gartner, guide, Hardware, identity, incident, intelligence, metric, monitoring, network, resilience, risk, service, software, technology, threat, tool, unauthorized, update, usa, vulnerability, vulnerability-management, windows

Security is no longer a siloed effort. Find out how Tenable integrates mature industrial security capabilities into an enterprise-ready approach for unified exposure management. Key takeaways In our view, this year’s Gartner Magic Quadrant for CPS Protection Platforms validates a critical market transition away from a sole focus on niche, standalone OT tools. By integrating…
Tenable Named a Challenger in the 2026 Gartner® Magic Quadrant for CPS Protection Platforms

Mar 9, 2026 7:48 PM

Tags: access, advisory, ai, attack, business, cloud, compliance, control, cyber, data, defense, detection, firmware, gartner, guide, Hardware, identity, incident, intelligence, metric, monitoring, network, resilience, risk, service, software, technology, threat, tool, unauthorized, update, usa, vulnerability, vulnerability-management, windows

Security is no longer a siloed effort. Find out how Tenable integrates mature industrial security capabilities into an enterprise-ready approach for unified exposure management. Key takeaways In our view, this year’s Gartner Magic Quadrant for CPS Protection Platforms validates a critical market transition away from a sole focus on niche, standalone OT tools. By integrating…
Trump Administration Unveils New Cyber Strategy For America

Mar 9, 2026 4:46 PM

Tags: cyber, defense, strategy, threat, usa

US national cyber strategy focuses on stronger defenses, countering threats, fostering innovation First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/usa-unveils-new-cyber-strategy/
Real Attack Alert Analysis: Strengthening Organizational Cyber Defense Through Early Detection

Mar 9, 2026 3:48 PM

Tags: attack, control, cyber, data, defense, detection, endpoint, monitoring, threat

Executive Overview Organizations today face an expanding range of cyber threats targeting sensitive data, operational systems, and critical infrastructure. Attackers continuously refine their techniques to bypass traditional security controls, making proactive monitoring and rapid response essential for preventing major incidents. Modern security platforms such as endpoint detection and response systems and security information and event…
MaaS VIP Keylogger Campaign Uses Steganography to Steal Credentials at Scale

Mar 9, 2026 12:47 PM

Tags: credentials, cyber, defense, email, malware, phishing, service, spear-phishing

A large-scale spear-phishing campaign distributing aVIP Keyloggervariant sold as Malware-as-a-Service (MaaS). The campaign employs steganography, in-memory execution, and modular payload design to evade defenses while harvesting credentials across browsers, email clients, and collaboration tools. Researchers observed fraudulent purchase-order emails that encouraged victims to open an attached RAR file. The compressed archive contained an executable disguised…
7 Most Influential Women in Cybersecurity You Should Follow in 2026

Mar 9, 2026 10:47 AM

Tags: cybersecurity, defense, hacker

On April 18, 2016, the US Department of Defense did something it had never done in its history. It invited hackers in. 13 minutes after… First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/7-most-influential-women-in-cybersecurity-you-should-follow-in-2026/
Rogues gallery: 15 worst ransomware groups active today

Mar 9, 2026 10:47 AM

Tags: access, ai, alphv, apt, attack, backup, breach, cloud, cyber, cybercrime, dark-web, data, data-breach, defense, detection, email, encryption, endpoint, exploit, extortion, finance, government, group, healthcare, infrastructure, insurance, intelligence, korea, law, leak, linux, lockbit, malicious, malware, moveIT, network, north-korea, organized, phishing, ransom, ransomware, russia, service, social-engineering, software, strategy, threat, tool, usa, vmware, vpn, vulnerability, windows, zero-day

Black Basta: History: Black Basta appeared on the ransomware scene in early 2022 and is believed to be a spin-off from Conti, a group notorious for attacking major organizations.How it works: Black Basta usually deploys malware through exploitation of known vulnerabilities and social engineering campaigns. “Employees in the target environment are email bombed and then…
4 ways to prepare your SOC for agentic AI

Mar 9, 2026 9:47 AM

Tags: access, ai, attack, automation, best-practice, cloud, compliance, control, cybersecurity, data, defense, detection, edr, framework, governance, guide, identity, injection, intelligence, least-privilege, metric, mitre, radius, RedTeam, risk, siem, skills, soar, soc, threat, tool

Build capabilities for AI governance, content and quality: Upskilling existing analysts alone is not enough. As AI agents begin operating across tools, making decisions and triggering actions with minimal human involvement, the demands on the SOC will extend well beyond traditional analyst capabilities, experts say.Content engineering, for instance, is one emerging requirement. In an AI-enabled…
Hackers abuse .arpa DNS and ipv6 to evade phishing defenses

Mar 8, 2026 3:47 PM

Tags: defense, dns, email, hacker, phishing, threat

Threat actors are abusing the special-use “.arpa” domain and IPv6 reverse DNS in phishing campaigns that more easily evade domain reputation checks and email security gateways. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-abuse-arpa-dns-and-ipv6-to-evade-phishing-defenses/