Collecting Cyber-News from over 60 sources

Tag: defense

8 Essential Questions for Your Workforce Identity Verification (IDV) Vendor

Aug 7, 2025 5:11 PM

Tags: ai, attack, cctv, deep-fake, defense, detection, guide, identity, injection, strategy, technology, threat, tool
KnowBe4 erweitert agentische KI zur Abwehr KI-gestützter Bedrohungen

Aug 7, 2025 5:11 PM

Tags: ai, defense, intelligence, phishing, risk, risk-management

Die weltweit renommierte Cybersicherheitsplattform KnowBe4, die sich umfassend mit Human-Risk-Management befasst, stellt die Erfolge seiner Kunden in den Mittelpunkt, die mithilfe der HRM+-Plattform tiefgreifende Transformationen ihrer Sicherheitsprogramme erzielen konnten. Durch den Einsatz KI-gestützter Lösungen wie AIDA (Artificial-Intelligence-Defense-Agents) gelang es Unternehmen wie der First Community Credit Union, den ‘Phish-prone Percentage” (PPP) nahezu auf ein Prozent zu…
Weaponizing Microsoft 365 Direct Send to Bypass Email Security Defenses

Aug 7, 2025 4:11 PM

Tags: ai, attack, corporate, cyber, data-breach, defense, email, exploit, microsoft, phishing, service, spear-phishing

Security researchers at StrongestLayer, in collaboration with Jeremy, a seasoned Security Architect at a major manufacturing firm, have exposed a multi-layered spear phishing attack that exploits Microsoft 365’s Direct Send feature to infiltrate corporate email systems. The campaign, flagged initially by StrongestLayer’s AI system TRACE, masqueraded as innocuous voicemail notifications from services like RingCentral, but…
Project Ire: Microsoft’s autonomous AI agent that can reverse engineer malware

Aug 7, 2025 3:11 PM

Tags: ai, attack, ceo, cloud, compliance, computing, control, cybersecurity, defense, detection, exploit, finance, governance, government, healthcare, infrastructure, LLM, malicious, malware, microsoft, programming, risk, service, siem, soar, soc, software, threat, tool, training

Real-world testing: In real-world tests on 4,000 “hard-target” files that had stumped automated tools, Project Ire flagged 9 malicious files out of 10 files correctly, and a low 4% false positive rate.This makes Project Ire suitable for organizations that operate in high-risk, high-volume, and time-sensitive environments where traditional human-based threat triage is insufficient.Rawat added that…
Hackers Exploit Legitimate Drivers to Disable Antivirus and Weaken System Defenses

Aug 7, 2025 3:11 PM

Tags: antivirus, cyber, defense, exploit, hacker, kaspersky, malware, ransomware, threat, vulnerability

Threat actors have been deploying a novel antivirus (AV) killer since at least October 2024, leveraging the legitimate ThrottleStop.sys driver to execute Bring Your Own Vulnerable Driver (BYOVD) tactics. This malware, detected by Kaspersky as Win64.KillAV., systematically terminates AV processes, paving the way for ransomware deployment like the MedusaLocker variant (Trojan-Ransom.Win32.PaidMeme.). The incident began with…
The AI-Powered Security Shift: What 2025 Is Teaching Us About Cloud Defense

Aug 7, 2025 2:11 PM

Tags: ai, attack, cloud, defense, intelligence, threat

Now that we are well into 2025, cloud attacks are evolving faster than ever and artificial intelligence (AI) is both a weapon and a shield. As AI rapidly changes how enterprises innovate, security teams are now tasked with a triple burden:Secure AI embedded in every part of the business.Use AI to defend faster and smarter.Fight…
The AI-Powered Security Shift: What 2025 Is Teaching Us About Cloud Defense

Aug 7, 2025 2:11 PM

Tags: ai, attack, cloud, defense, intelligence, threat

Now that we are well into 2025, cloud attacks are evolving faster than ever and artificial intelligence (AI) is both a weapon and a shield. As AI rapidly changes how enterprises innovate, security teams are now tasked with a triple burden:Secure AI embedded in every part of the business.Use AI to defend faster and smarter.Fight…
CERT-UA warns of UAC-0099 phishing attacks targeting Ukraine’s defense sector

Aug 7, 2025 1:11 PM

Tags: attack, cyber, defense, government, incident, malware, phishing, threat, ukraine

Ukraine’s CERT-UA warns of phishing attacks by UAC-0099 targeting defense sectors, using malware like MATCHBOIL, MATCHWOK, and DRAGSTARE. Ukraine’s CERT-UA warns of phishing attacks by threat actor UAC-0099 targeting government and defense sectors, delivering malware like MATCHBOIL and DRAGSTARE. The National Cyber Incident, Cyber Attack, and Cyber Threat Response Team CERT-UA investigated multiple attacks against…
Multiple Ransomware Groups are Using Tool to Kill EDR Defenses: Sophos

Aug 7, 2025 12:11 PM

Tags: defense, edr, group, ransomware, sophos, threat, tool

Multiple ransomware vendors are using the same EDR killer tool, which not only adds to the trend in developing such payloads to terminate protections for systems but also suggests that competing threat actors are sharing tools and technical knowledge, which is another challenge for security vendors, Sophos says. First seen on securityboulevard.com Jump to article:…
6 ways hackers hide their tracks

Aug 7, 2025 10:11 AM

Tags: access, ai, antivirus, api, attack, backdoor, breach, captcha, ceo, computer, control, credentials, crypto, cybersecurity, data, data-breach, defense, detection, email, endpoint, exploit, github, hacker, injection, intelligence, jobs, law, linux, LLM, login, malicious, malware, monitoring, network, open-source, openai, phishing, programming, RedTeam, resilience, reverse-engineering, risk, rust, service, social-engineering, software, supply-chain, threat, tool, virus, windows

Backdoors in legitimate software libraries: In April 2024, it was revealed that the XZ Utils library had been covertly backdoored as part of years-long supply-chain compromise effort. The widely used data compression library that ships as a part of major Linux distributions had malicious code inserted into it by a trusted maintainer.Over the last decade,…
Beef up AI security with zero trust principles

Aug 7, 2025 8:11 AM

Tags: access, ai, attack, control, data, data-breach, defense, intelligence, LLM, mitigation, mitre, monitoring, risk, strategy, tactics, threat, update, vulnerability, zero-trust

Strategies for CSOs: Brauchler offered three AI threat modelling strategies CSOs should consider:Trust flow tracking, the tracking of the movement of data throughout an application, and monitoring the level of trust that is associated with that data. It’s a defense against an attacker who is able to get untrusted data into an application to control…
Innovation in NHIs and Secrets Management

Aug 7, 2025 7:11 AM

Tags: cybersecurity, data, defense, threat

Redefining Cybersecurity with NHI Innovation and Secrets Management Are you aware of the revolutionary changes taking place in cybersecurity and data management? Transforming digital calls for a ground-breaking approach to managing security threats a shift from human-centric defenses to the comprehensive protection of Non-Human Identities (NHIs) and their secrets. What Does NHI Innovation Entail?… First…
Innovation in NHIs and Secrets Management

Aug 7, 2025 7:11 AM

Tags: cybersecurity, data, defense, threat

Redefining Cybersecurity with NHI Innovation and Secrets Management Are you aware of the revolutionary changes taking place in cybersecurity and data management? Transforming digital calls for a ground-breaking approach to managing security threats a shift from human-centric defenses to the comprehensive protection of Non-Human Identities (NHIs) and their secrets. What Does NHI Innovation Entail?… First…
How to Prevent Helpdesk Social Engineering Attacks

Aug 7, 2025 6:11 AM

Tags: access, attack, authentication, breach, credentials, cybercrime, dark-web, data, deep-fake, defense, exploit, finance, flaw, malware, mfa, network, password, phone, psychology, ransomware, social-engineering, tactics, threat, unauthorized
How to Prevent Helpdesk Social Engineering Attacks

Aug 7, 2025 6:11 AM

Tags: access, attack, authentication, breach, credentials, cybercrime, dark-web, data, deep-fake, defense, exploit, finance, flaw, malware, mfa, network, password, phone, psychology, ransomware, social-engineering, tactics, threat, unauthorized
Act Now: $100M in FY25 Cyber Grants for SLTTs Available Before August 15

Aug 6, 2025 11:11 PM

Tags: attack, breach, cisa, cloud, compliance, cyber, cyberattack, cybersecurity, data, defense, governance, government, identity, incident response, infrastructure, iot, metric, network, ransomware, resilience, risk, service, technology, threat, tool, training, vulnerability

With over $100 million on the table in FY25 cybersecurity grants, state, local and tribal governments have until August 15, 2025 to apply to secure critical cyber funding to strengthen their defenses. On August 1st, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Emergency Management Agency (FEMA) announced the FY 2025 Notice…
Akira and Lynx Ransomware Target MSPs Using Stolen Credentials and Exploited Vulnerabilities

Aug 6, 2025 11:11 PM

Tags: breach, credentials, cyber, data, defense, exploit, extortion, group, msp, ransomware, service, threat, vpn, vulnerability

The Acronis Threat Research Unit (TRU) dissected recent samples from the Akira and Lynx ransomware families, revealing incremental enhancements in their ransomware-as-a-service (RaaS) models and double-extortion strategies. Both groups leverage stolen credentials, VPN vulnerabilities, reconnaissance, privilege escalation, defense evasion, and data exfiltration to infiltrate systems, primarily targeting small and medium-sized businesses (SMBs) with recycled yet…
UAC-0099 Hackers Weaponize HTA Files to Deploy MATCHBOIL Loader Malware

Aug 6, 2025 6:11 PM

Tags: attack, cyber, cyberattack, defense, email, hacker, malware, phishing, service, threat, ukraine

UAC-0099 is a threat actor organization that has been targeting state officials, defense forces, and defense-industrial firms in a series of sophisticated cyberattacks that Ukraine’s CERT-UA has been investigating. The attacks typically initiate with phishing emails from UKR.NET addresses, featuring subjects like >>court summons
APT36 Targets Indian Government: Credential Theft Campaign Uncovered

Aug 5, 2025 3:28 PM

Tags: credentials, cyber, defense, government, group, india, phishing, theft

A sophisticated phishing campaign attributed with medium confidence to the Pakistan-linked APT36 group, also known as Transparent Tribe or Mythic Leopard, has been uncovered targeting Indian defense organizations and government entities. This operation employs typo-squatted domains that mimic official Indian government platforms, such as mail.mgovcloud.in and virtualeoffice.cloud, to deceive users into surrendering credentials. The campaign…
The age of infostealers is here. Is your financial service secure?

Aug 5, 2025 2:28 PM

Tags: access, ai, antivirus, authentication, awareness, breach, business, computer, credentials, cybersecurity, data, defense, detection, edr, endpoint, finance, Hardware, identity, intelligence, least-privilege, malware, mfa, monitoring, network, password, risk, service, siem, threat, tool, unauthorized, vulnerability

What financial institutions must do now: The stealthy nature of infostealers means traditional security measures are often inadequate. These programs are designed to operate in silence, avoiding detection by not disrupting performance. As a result, cybersecurity in the estate management space must evolve, not reactively, but proactively.First, organizations must implement robust endpoint detection and response…
Ransomware goes cloud native to target your backup infrastructure

Aug 5, 2025 10:28 AM

Tags: access, api, authentication, backup, cloud, container, control, credentials, cybercrime, data, defense, exploit, google, group, identity, infrastructure, least-privilege, linkedin, linux, malicious, malware, mfa, north-korea, ransomware, social-engineering, strategy, threat, vulnerability, vulnerability-management

Credential compromise and misconfiguration woes: More sophisticated threat groups have developed social engineering techniques to the point where they reliably trick targets into helping them to bypass multi-factor authentication (MFA) controls before ransacking compromised cloud-hosted environments.For example, threat actors are using compromised OAuth tokens to bypass MFA and inject malicious code into developer ecosystems via…
Top cybersecurity M&A deals for 2025

Aug 5, 2025 9:28 AM

Tags: 5G, access, ai, api, apple, application-security, attack, automation, awareness, banking, breach, business, ceo, cisco, cloud, compliance, control, crowdstrike, cyber, cybersecurity, data, ddos, defense, detection, edr, email, endpoint, finance, firewall, gitlab, government, group, ibm, identity, incident response, infrastructure, intelligence, leak, microsoft, mitigation, network, password, programming, risk, risk-management, saas, service, software, sophos, strategy, supply-chain, technology, threat, tool, training, vulnerability, waf, zero-trust

Palo Alto Networks to buy CyberArk for $25B as identity security takes center stage July 30, 2025: Palo Alto Networks is making what could be its biggest bet yet by agreeing to buy Israeli identity security company CyberArk for around $25 billion. “We envision Identity Security becoming the next major pillar of our multi-platform strategy, complementing our leadership…
DoD-Ready Software: Embracing the SWFT Initiative with Confidence

Aug 4, 2025 10:28 PM

Tags: defense, software
CNCERT Accuses U.S. Intelligence of Cyberattacks on Chinese Military-Industrial Targets

Aug 4, 2025 10:28 PM

Tags: breach, china, computer, cyber, cyberattack, defense, intelligence, military, network, threat

China’s National Computer Network Emergency Response Technical Team/Coordination Center (CNCERT) has publicly accused U.S. intelligence agencies of orchestrating sophisticated cyberattacks against key military-industrial entities, building on the 2022 NSA breach at Northwestern Polytechnical University. The revelations detail two emblematic incidents that underscore the persistent targeting of China’s defense sector through advanced persistent threats (APTs). The…
AppOmni Launches New SaaS and AI Security Packages to Tackle Rising Risks

Aug 4, 2025 9:28 PM

Tags: ai, control, defense, governance, risk, saas, threat

AppOmni secures AI inside SaaS with discovery, threat defense, and full governance control with new product packages. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/appomni-launches-new-saas-and-ai-security-packages-to-tackle-rising-risks/
Turning Human Vulnerability Into Organizational Strength

Aug 4, 2025 5:28 PM

Tags: awareness, defense, training, vulnerability

Investing in building a human-centric defense involves a combination of adaptive security awareness training, a vigilant and skeptical culture, and the deployment of layered technical controls. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/human-vulnerability-organizational-strength
Ex-CISA Head Easterly: Rescinded West Point Post Victim of ‘Manufactured Outrage’

Aug 4, 2025 3:28 PM

Tags: cisa, defense

Jen Easterly, a West Point graduate who led CISA during the Biden Administration, had her appointment to head a department at the academy rescinded after a complaint by Laura Loomer, a right-wing MAGA adherent who spoke out in a X posting to Defense Secretary Pete Hegseth. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/ex-cisa-head-easterly-rescinded-west-point-post-victim-of-manufactured-outrage/
Ransomware attacks: The evolving extortion threat to US financial institutions

Aug 4, 2025 2:28 PM

Tags: access, ai, antivirus, attack, backup, banking, breach, business, cloud, communications, compliance, control, credentials, crime, crimes, cyber, cybercrime, cybersecurity, dark-web, data, ddos, defense, detection, edr, email, encryption, endpoint, extortion, finance, firewall, governance, group, identity, incident response, infrastructure, insurance, intelligence, international, korea, law, leak, least-privilege, lessons-learned, linkedin, linux, lockbit, login, malicious, mfa, monitoring, network, north-korea, organized, phishing, ransom, ransomware, resilience, risk, rust, service, soc, social-engineering, software, startup, strategy, supply-chain, tactics, theft, threat, tool, training, update, usa, vmware, vulnerability, warfare, windows, zero-trust

Before sunrise on a chilly November morning, I got the kind of call no security leader ever wants. A mid-sized U.S. bank had been hit overnight hard. Customers couldn’t access their accounts, ATMs were non-functional and every screen in the company’s environment glowed with the same ominous message: their systems were encrypted, and data had…
Panel to create roadmap for establishing US Cyber Force

Aug 4, 2025 1:28 PM

Tags: cyber, defense, service

The Commission on Cyber Force Generation will develop potential routes Congress and the White House could follow in creating a separate cyber service and aim to deliver them in time for next year’s must-pass national defense authorization act. First seen on therecord.media Jump to article: therecord.media/panel-to-create-roadmap-cyber-force
The US Military Is Raking in Millions From On-Base Slot Machines

Aug 4, 2025 1:28 PM

Tags: defense, military, risk

The Defense Department operates slot machines on US military bases overseas, raising millions of dollars to fund recreation for troops”, and creating risks for soldiers prone to gambling addiction. First seen on wired.com Jump to article: www.wired.com/story/us-military-on-base-slot-machines-gambling-addiction/