Tag: defense
-
Who Controls AI on Battlefields – the Military or the Model?
Former DoD CIO Beavers on Ethics, Reliability and AI as a National Security Tool. As AI is increasingly used in defense operations, a critical question emerges: Who controls the system – the military or the model? Former DoD CIO Leslie Beavers explores challenges related to ethics and reliability, vendor risk, and autonomy as AI tools…
-
In-Memory Loader Drops ScreenConnect
IntroductionIn February 2026, Zscaler ThreatLabz discovered an attack chain where attackers used a fake Adobe Acrobat Reader download to lure victims into installing ConnectWise’s ScreenConnect. While ScreenConnect is a legitimate remote access tool, it can be leveraged for malicious purposes. In this blog post, ThreatLabz examines the various stages of this attack, from the download lure to the…
-
OpenAI Readies Rollout of New Cyber Model as Industry Shifts to Defense
OpenAI is finalizing a cybersecurity product slated for a restricted release to select partners. The new model, as reported by Axios, could signal growing anxiety among developers that their latest creations may be too dangerous for the public. The shift comes as artificial intelligence (AI) capabilities reach a critical threshold in autonomous hacking and reasoning……
-
The Most Important Cybersecurity Trends in 2026 So Far
In the first quarter of the year, cybersecurity trends have been much of the same, with some new twists. Cyber threats are always evolving, but often have much of the same foundation. The leading 2026 cybersecurity trends so far involve AI, the failure of perimeter defenses, ransomware, and nation-state attacks. Let’s talk about what’s happening…
-
The Cybersecurity Readiness Gap: Why 90% of Companies Are Still Unprepared in 2026
The Cybersecurity Readiness Gap: Why 90% of Companies Are Still Unprepared in 2026 The cybersecurity landscape of 2026 is defined by a staggering paradox: while organizations are investing more than ever in defense, the “readiness gap” continues to widen. Despite the availability of advanced tools, 90% of organizations still rely on passwords as their primary…The…
-
Don’t just fight fraud, hunt it
As traditional fraud markers become obsolete, we must treat digital identity as critical infrastructure and adopt a layered, real-time defense to neutralize sophisticated crime rings. First seen on cyberscoop.com Jump to article: cyberscoop.com/industrialized-fraud-ai-identity-theft-prevention-op-ed/
-
CMMC Non-Compliance: Violations of FCA
Key Takeaways For many defense contractors, CMMC treated as a security project. It is discussed in terms of controls, readiness work, outside assessors, documentation, and the cost of getting prepared. Of course, all of that is important. But beyond that, CMMC also affects what a contractor is saying about itself when it pursues, performs, and……
-
China’s Tianjin Supercomputer Center Allegedly Hit in 10-Petabyte Data Theft
A threat actor has allegedly executed one of the largest data heists in China’s history, siphoning an astounding 10 petabytes of highly classified information from the National Supercomputing Center (NSCC) in Tianjin. The stolen dataset reportedly includes sensitive defense documents, missile schematics, and advanced aerospace research. The Tianjin center serves as a centralized infrastructure hub…
-
RoningLoader Campaign Uses DLL Side-Loading, Code Injection to Slip Past Defenses
A sophisticated cyber-espionage group known as DragonBreath (APT-Q-27) has been linked to a new RoningLoader malware campaign that uses advanced evasion techniques such as DLL side-loading and code injection to bypass traditional security defenses. Active since at least 2022, DragonBreath has steadily evolved its capabilities. Earlier campaigns were documented by QianXin and Sophos, but recent…
-
Questions raised about how LinkedIn uses the petabytes of data it collects
CSOonline. “We do disclose that we scan for browser extensions in our privacy policy, in order to detect abuse and provide defense for site stability.” When asked whether it uses that data solely to do those things, LinkedIn did not reply. The key person behind the allegations calls himself Steven Morrell (not his legal name, which…
-
AI Is Accelerating Cyberattacks Faster Than Defenses
Okta’s Brett Winterford on Identity Threats and Agentic AI Risks. AI is accelerating cyberattacks, collapsing timelines and exposing new identity risks. Okta’s Brett Winterford explains how attackers are using AI to scale phishing, exploit credentials and infiltrate enterprises – and what CIOs must do to defend against this rapidly evolving threat landscape. First seen on…
-
The Expanding Role of Cyberattacks in Modern Conflicts
Defense of Democracies’ Mark Montgomery on Warfare Trends, Geopolitical Threats. Cyber operations now support military strategy rather than just acting alone. Mark Montgomery of the Foundation for Defense of Democracies warns that as militaries integrate cyber and kinetic action, private sector enterprises are facing greater exposure to geopolitical threats. First seen on govinfosecurity.com Jump to…
-
Arelion employs NETSCOUT Arbor DDoS protection products
Tags: ai, attack, automation, business, cyber, cyberattack, cybersecurity, ddos, defense, detection, government, infrastructure, intelligence, Internet, mitigation, monitoring, network, risk, router, service, strategy, tactics, technology, threat“As a Tier-1 Internet carrier supporting the majority of global Internet traffic, this continued collaboration reflects our ongoing investment in best-of-breed network security solutions to protect the technology ecosystem. Our partnership combines Arelion’s global network performance and NETSCOUT’s leading Arbor DDoS attack protection solutions to provide world-class experiences for our customers.” Scott Nichols, Chief Commercial…
-
6 Winter 2026 G2 Leader Badges prove this DDoS protection stands out
Leader Enterprise DDoS ProtectionMomentum Leader DDoS ProtectionRegional Leader (Asia) DDoS ProtectionLeader DDoS ProtectionLeader Web SecurityArbor Sightline was also recognized as a leader in enterprise network management. NETSCOUTWhat NETSCOUT Customers Are Saying About TMS“The Arbor Threat Mitigation System allows us to defend not only our internal systems, but our customers.”, Darren G.”“NETSCOUT delivers unmatched network visibility…
-
How botnet-driven DDoS attacks evolved in 2H 2025
Tags: ai, attack, botnet, dark-web, ddos, defense, dns, finance, government, group, infrastructure, intelligence, international, Internet, iot, jobs, law, LLM, mitigation, network, resilience, risk, service, strategy, tactics, threat, tool, usa, vulnerabilityMassive attack capacity: Demonstration attacks peaked at 30Tbps and 4 gigapackets per second, primarily launched by Internet of Things (IoT) botnets such as Aisuru and TurboMirai variants.AI integration: The use of AI, including dark-web large language models (LLMs), moved from emerging trend to operational reality, making sophisticated attacks accessible to a wider range of threat actors.Persistent threat…
-
Cyber Defense for Education & SLTTs: Doing More with Less Using MDR
e=4>Cyber threats are rising across SLTT and education environments, but most teams are already stretched thin. Learn how organizations are improving detection and response without adding staff or complexity. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cyber-defense-for-education-sltts-doing-more-less-using-mdr-a-31367
-
NWN Adds Managed Security Services With MDR Partnership, Penetration Testing, vCISO
NWN announced the launch Wednesday of a suite of managed security services with the debut of its new NWN Cybersecurity offering, which aims to boost cyber defense for staff-constrained customers with human expertise and AI-enabled assistance, NWN executives told CRN. First seen on crn.com Jump to article: www.crn.com/news/security/2026/nwn-adds-managed-security-services-with-mdr-partnership-penetration-testing-vciso
-
The zero-day timeline just collapsed. Here’s what security leaders do next
Tags: access, ai, api, attack, authentication, breach, cio, ciso, control, cyber, cybersecurity, data, data-breach, defense, endpoint, exploit, google, Internet, Intruder, leak, least-privilege, open-source, penetration-testing, resilience, service, strategy, tactics, update, vulnerability, zero-dayScaling vulnerability discovery to machine speed: Agentic AI is AI that can act, not just advise. Give it an objective, and it will plan steps, run them, learn from what happens and adjust until it succeeds or hits a hard stop. In cybersecurity, that looks like an automated operator. It can probe an application, test…
-
Defense in Depth ist keine Einkaufsliste – Mehr Security-Tools bedeuten nicht immer mehr Sicherheit
First seen on security-insider.de Jump to article: www.security-insider.de/defense-in-depth-integration-resilienz-security-architekturen-a-21c61d9d2fe7f7a10fc504d970587f5c/
-
What Anthropic Glasswing reveals about the future of vulnerability discovery
From backlog management to exposure-window risk: The issue, as Williams frames it, is not simply how many vulnerabilities exist, but how they are managed. “Mythos makes one thing painfully clear,” he says. “This is not a prioritization problem. It’s an exposure-window problem.”Traditional vulnerability management has been built around prioritization, ranking issues by severity, exploitability, and…
-
Simplify Your Approach to Securing OT Networks
Why OT Security Comes Down to Risk Tolerance, Not Perfect Defense Securing OT networks isn’t about eliminating risk. It’s about managing it strategically. Learn how a three-pillar framework of risk assessment, tolerance and acceptance, paired with a phased approach to microsegmentation, can turn an overwhelming challenge into a manageable journey. First seen on govinfosecurity.com Jump…
-
5 steps to strengthen supply chain security and improve cyber resilience
Tags: access, api, attack, authentication, automation, backup, breach, business, cloud, control, credentials, cyber, data, defense, detection, dns, edr, email, endpoint, exploit, framework, governance, identity, infrastructure, mfa, monitoring, msp, network, radius, resilience, risk, saas, service, siem, soc, software, strategy, supply-chain, threat, tool, update, vulnerability, zero-trustAll software vendors and SaaS platformsOpen”‘source components embedded in your applicationsMSP or IT service providersCloud infrastructure and authentication servicesAPI integrations and automation workflowsOnce documented, classify each supplier by the impact they would have if compromised. A remote monitoring tool or authentication platform represents far greater risk than a basic productivity app. This prioritization helps you…
-
5 steps to strengthen supply chain security and improve cyber resilience
Tags: access, api, attack, authentication, automation, backup, breach, business, cloud, control, credentials, cyber, data, defense, detection, dns, edr, email, endpoint, exploit, framework, governance, identity, infrastructure, mfa, monitoring, msp, network, radius, resilience, risk, saas, service, siem, soc, software, strategy, supply-chain, threat, tool, update, vulnerability, zero-trustAll software vendors and SaaS platformsOpen”‘source components embedded in your applicationsMSP or IT service providersCloud infrastructure and authentication servicesAPI integrations and automation workflowsOnce documented, classify each supplier by the impact they would have if compromised. A remote monitoring tool or authentication platform represents far greater risk than a basic productivity app. This prioritization helps you…
-
Trump’s Proposed CISA Cuts Spark Alarm Among Cybersecurity Experts
Trump’s proposed budget cuts to CISA raise concerns about U.S. cyber defense, as experts warn of reduced collaboration and threat intelligence sharing. The post Trump’s Proposed CISA Cuts Spark Alarm Among Cybersecurity Experts appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-trump-cisa-budget-cuts-2027/
-
‘GrafanaGhost’ bypasses Grafana’s AI defenses without leaving a trace
Noma Security researchers used indirect prompt injection to turn Grafana’s own AI into an unwitting courier for sensitive corporate data. First seen on cyberscoop.com Jump to article: cyberscoop.com/grafanaghost-grafana-prompt-injection-vulnerability-data-exfiltration/
-
FIRESIDE CHAT: Geopolitical turmoil, rising AI risk add a new layer to enterprise cyber defense
As if securing the enterprise against a tidal wave of AI tools wasn’t hard enough, it turns out the geopolitical instability of the moment is making things worse. That wasn’t the headline at RSAC 2026 last week, agentic AI… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/fireside-chat-geopolitical-turmoil-rising-ai-risk-add-a-new-layer-to-enterprise-cyber-defense/
-
The rise of proactive cyber: Why defense is no longer enough
Tags: attack, breach, ciso, control, country, cyber, cybersecurity, defense, framework, google, government, hacking, infrastructure, intelligence, korea, law, microsoft, network, north-korea, risk, threat, toolWhat ‘proactive cyber’ means: Despite the more aggressive language, this shift toward private-sector involvement doesn’t envision vigilante-style payback by aggrieved organizations. It instead embraces a more systematic effort to interfere with adversaries earlier in the attack chain using authorities and capabilities that already exist.”To be clear, this is not hacking back,” Joyce said. “This is…
-
The noisy tenants: Engineering fairness in multi-tenant SIEM solutions
Tags: ai, apache, api, cloud, compliance, control, crowdstrike, data, defense, detection, edr, endpoint, fedramp, finance, framework, incident response, infrastructure, intelligence, jobs, login, microsoft, monitoring, risk, saas, security-incident, service, siem, soc, software, strategy, threat, tool, update, vulnerability24/7/365 SOC monitoring: Round-the-clock coverage backed by global experts to validate and prioritize alerts.Proactive threat hunting: Active searches for hidden threats rather than just waiting for automated triggers.AI and machine learning integration: Leveraging everything from basic anomaly detection to “Agentic AI” to reduce noise and accelerate investigations.Active incident response and containment: Capabilities to isolate endpoints…
-
Trump’s Budget Proposal Would Slash CISA After Bruising Year
White House Criticizes Cyber Defense Agency – and Proposes a Steep $700 Million Cut. The FY2027 proposal would cut roughly $707 million from CISA, reducing staffing, contractor support and coordination programs while shifting the agency toward a narrower focus on federal networks and critical infrastructure amid rising nation-state cyberthreats. First seen on govinfosecurity.com Jump to…