Tag: defense
-
State-affiliated hackers set up for critical OT attacks that operators may not detect
Tags: access, antivirus, attack, conference, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, exploit, firmware, fortinet, group, hacker, incident response, infrastructure, Internet, Intruder, lessons-learned, malware, mfa, monitoring, network, password, penetration-testing, phishing, regulation, russia, service, spear-phishing, supply-chain, threat, tool, ukraine, update, vulnerabilityRussia’s OT attack teams expand beyond Ukraine: The Russia-linked pair Kamacite and Electrum, which Dragos has tracked since the mid-2010s and is responsible for the 2015 and 2016 cyberattacks that took down parts of Ukraine’s power grid, expanded operations into NATO territory in 2025 after years focused almost exclusively on Ukrainian targets.Kamacite, which serves as…
-
Microsoft leads takedown of Tycoon2FA phishing service infrastructure
Stringent defenses needed: CSOs must employ stringent defenses against tools that use reverse proxies, Beggs said, including strengthening email filtering by enforcing DMARC, DKIM, and SPF; enforcing secure session handling at the edge by using client-bound session tokens tied to device or TLS certificates; ensuring continuous validation by issuing a new challenge when the device fingerprint…
-
Microsoft leads takedown of Tycoon2FA phishing service infrastructure
Stringent defenses needed: CSOs must employ stringent defenses against tools that use reverse proxies, Beggs said, including strengthening email filtering by enforcing DMARC, DKIM, and SPF; enforcing secure session handling at the edge by using client-bound session tokens tied to device or TLS certificates; ensuring continuous validation by issuing a new challenge when the device fingerprint…
-
What to Expect from Iran’s Digital Counterstrike
Tags: attack, breach, cloud, communications, cyber, cyberattack, cybersecurity, data, defense, espionage, exploit, extortion, finance, government, group, hacking, infrastructure, intelligence, international, iran, leak, middle-east, military, network, ransomware, risk, risk-assessment, service, tool, update, vulnerability, wormAfter the United States and Israel began a bombing campaign on Iran, leading to the decapitation of its political and military leaders, the Middle East has erupted into waves of kinetic warfare. But what should we expect about cyber? Iran has a formidable offensive cybersecurity capability and is considered one of the four most aggressive…
-
AI Should Be the First Defense for Stablecoin Payment Fraud
Millisecond Detection and Layered Controls Will Shape Future Payment Security. Stablecoins can remove chargebacks and make transactions irreversible in fraud cases. This trend is forcing banks to analyze risks before a payment executes. AI models must work within milliseconds while maintaining accuracy and minimizing friction for legitimate users. First seen on govinfosecurity.com Jump to article:…
-
Iranian cyberattacks fail to materialize but threat remains acute
Tags: ai, application-security, attack, ceo, control, country, cyber, cyberattack, cybercrime, cybersecurity, defense, endpoint, finance, government, group, healthcare, infrastructure, intelligence, Internet, iran, malware, mfa, monitoring, phishing, risk, service, supply-chain, technology, threat, tool, update, vpnTargeting and response: According to Adrian Cheek, a senior cybercrime researcher at Canadian threat intelligence company Flare, the most at-risk sectors are critical infrastructure, including the defense and government supply chain, financial services, energy, and healthcare.”Water, energy, and healthcare sectors are currently the most exposed. These sectors combine high targeting priority with weak baseline security,…
-
Cyber Defense Magazine – A New Bell Rings For K-12 Cloud Security After the Illuminate Settlement
This article was originally published in Cyber Defense Magazine on 02/09/26 by Charlie Sander. The Illuminate incident serves as a crucial reminder to edtech vendors of the potential backlash that can occur when privacy promises are not upheld In a recent complaint, the FTC addresses Illuminate Education’s need to strengthen its data security after a breach…
-
Phishing in 2026: 3 Attack Tactics That Beat Most Enterprise Defenses
Phishing drives about 90% of cyberattacks in 2026, using tactics like encrypted flows, QR code scams, and trusted cloud platforms to steal credentials. First seen on hackread.com Jump to article: hackread.com/phishing-2026-attack-tactics-beat-enterprise-defenses/
-
Indian APT ‘Sloppy Lemming’ Targets Defense, Critical Infrastructure
India-nexus cyber threat actors are growing more active and sophisticated, using custom tools coded in Rust and cloud-based command and control. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/india-apt-sloppy-lemming-defense-critical-infrastructure
-
Anthropic AI ultimatums and IP theft: The unspoken risk
Tags: ai, ceo, china, ciso, data, data-breach, defense, google, government, intelligence, monitoring, network, openai, risk, service, theft, toolChina’s extraction campaign: A targeting operation, not a curiosity: Anthropic’s disclosure that three China”‘based AI companies (DeepSeek, Moonshot AI, and MiniMax) ran more than 16 million interactions through roughly 24,000 fraudulent accounts is not a story about model misuse. It is a story about targeting. These campaigns went straight at Claude’s most sensitive capabilities: agentic…
-
Hacktivists Claim DHS Breach, Leak 6,600+ ICE Contractor Records
Hacktivists claim they breached DHS systems, leaking records tied to 6,681 ICE contractor applicants, including major tech and defense firms. The post Hacktivists Claim DHS Breach, Leak 6,600+ ICE Contractor Records appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-dhs-ice-contractor-data-leak-hacktivist-claim/
-
Threat actors weaponize OAuth redirection logic to deliver malware
An ongoing phishing campaign is abusing the OAuth authentication redirection mechanism to avoid triggering conventional email and browser defenses, Microsoft researchers have … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/03/attackers-abusing-oauth-redirection-phishing-malware/
-
Threat actors weaponize OAuth redirection logic to deliver malware
An ongoing phishing campaign is abusing the OAuth authentication redirection mechanism to avoid triggering conventional email and browser defenses, Microsoft researchers have … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/03/attackers-abusing-oauth-redirection-phishing-malware/
-
Phishing campaign exploits OAuth redirection to bypass defenses
Microsoft researchers warn that threat actors abuse OAuth redirects to target government users and deliver malware. Microsoft has warned of phishing campaigns targeting government and public-sector organizations by abusing OAuth URL redirection. Instead of stealing credentials or exploiting software flaws, attackers leverage OAuth’s legitimate by-design behavior to bypass email and browser defenses. The tactic redirects…
-
Anthropic poaches users from rival chatbots with easier migration
Tags: defenseThe controversy over Anthropic’s negotiations with the Pentagon appears to have driven increased interest in Claude. Negotiations between the Department of Defense and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/03/anthropic-claude-memory-import-feature/
-
Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
Microsoft on Monday warned of phishing campaigns that employ phishing emails and OAuth URL redirection mechanisms to bypass conventional phishing defenses implemented in email and browsers.The activity, the company said, targets government and public-sector organizations with the end goal of redirecting victims to attacker-controlled infrastructure without stealing their tokens. It described First seen on thehackernews.com…
-
The New Security Reality: When AI Accelerates Both Attack and Defense
Discover how the integration of large language models is transforming software security, lowering barriers for attackers, and necessitating autonomous defense platforms to keep pace with emerging threats. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-new-security-reality-when-ai-accelerates-both-attack-and-defense/
-
7 factors impacting the cyber skills gap
Tags: ai, attack, automation, breach, business, ciso, control, cyber, cybercrime, cybersecurity, data, defense, detection, group, incident response, intelligence, jobs, risk, service, skills, strategy, technology, threat, tool, training, vulnerability2. Emerging technologies: New technologies, particularly AI, are contributing to a cyber landscape that’s evolving so quickly it’s hard for even highly skilled cybersecurity professionals to pace, says Dan Lohrmann, CISO at enterprise strategy and consulting firm Presidio.AI-driven threats keep moving the target, allowing cybercriminals to attack with unprecedented levels of speed and agility, Lohrmann…
-
How does AI contribute to cybersecurity stability
Is AI the Key to Cybersecurity Stability? Where digital threats are becoming increasingly sophisticated, one might ask: can artificial intelligence be the linchpin in fortifying our defenses and achieving cybersecurity stability? With industries like financial services, healthcare, travel, and technology double down on using innovative systems, including DevOps and security operations centers (SOC), it becomes……
-
UK Businesses told to brace cyber defenses amid Iran conflict risk
NCSC urges all to review posture as escalating tensions increase risk of indirect digital spillover First seen on theregister.com Jump to article: www.theregister.com/2026/03/02/ncsc_security_iran/
-
Scalable Security for Small and Large Enterprises
Building Adaptive Cyber Defense That Grows with Your Business The Scalability Imperative in Modern Cybersecurity Digital transformation has redefined how organizations operate. Cloud adoption, hybrid work models, SaaS platforms, and connected ecosystems have expanded the attack surface across businesses of every size. What differs is not the type of threats faced but the scale First…
-
British organizations urged to be alert to threat of Iranian cyberattacks
In an advisory, the U.K.’s National Cyber Security Centre warned British organizations to review and strengthen their cyber defenses amid the evolving situation in Iran and throughout the Middle East. First seen on therecord.media Jump to article: therecord.media/iran-britain-cyber-threats-warning
-
PCI-Compliant Authentication for Retail Enterprises
Retailers, fortify your defenses! Learn how PCI-compliant authentication protects customer data, prevents fraud, and avoids costly penalties. Click for expert strategies! First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/pci-compliant-authentication-for-retail-enterprises/
-
Cyberattack briefly disrupts Russian internet regulator and defense ministry websites
Russia’s internet regulator and defense ministry said their servers were hit by a large DDoS attack that briefly disrupted access to several government websites late last week. First seen on therecord.media Jump to article: therecord.media/cyberattack-briefly-takes-down-russian-government-websites
-
MY TAKE: The Pentagon punished Anthropic for red lines it accepted from OpenAI hours later
KINGSTON, Wash., On Friday afternoon, President Trump ordered every federal agency to stop using Anthropic’s AI technology. Defense Secretary Pete Hegseth followed by designating the company a “supply-chain risk to national security,” a label the government typically reserves for… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/my-take-the-pentagon-punished-anthropic-for-red-lines-it-accepted-from-openai-hours-later/
-
Iran Has One Card Left”, It’s Pointed at Your Network
In light of today’s attack by the U.S. and Israel on Iran, it is prudent to ask: What can Iran do? Strip away everything Iran had a year ago and ask yourself what’s left. Their nuclear program? Set back years, maybe a decade. Their air defenses? Dismantled across two conflicts. Hezbollah? Degraded to the point..…
-
OpenAI Will Deploy AI in US Military Classified Networks
Announcement Comes Hours After Trump Blacklists Anthropic. OpenAI said late Friday night it reached an agreement with the U.S. Department of Defense to deploy its large language models onto military classified networks. The announcement came hours after President Donald Trump instructed federal agencies to cease using AI developed by OpenAI rival Anthropic. First seen on…
-
Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute
Anthropic on Friday hit back after U.S. Secretary of Defense Pete Hegseth directed the Pentagon to designate the artificial intelligence (AI) upstart as a “supply chain risk.””This action follows months of negotiations that reached an impasse over two exceptions we requested to the lawful use of our AI model, Claude: the mass domestic surveillance of…

