Tag: detection
-
NDSS 2025 NDSS 2025 BARBIE: Robust Backdoor Detection Based On Latent Separability
Session 12D: ML Backdoors Authors, Creators & Presenters: Hanlei Zhang (Zhejiang University), Yijie Bai (Zhejiang University), Yanjiao Chen (Zhejiang University), Zhongming Ma (Zhejiang University), Wenyuan Xu (Zhejiang University) PAPER BARBIE: Robust Backdoor Detection Based On Latent Separability Backdoor attacks are an essential risk to deep learning model sharing. Fundamentally, backdoored models are different from benign…
-
NDSS 2025 NDSS 2025 BARBIE: Robust Backdoor Detection Based On Latent Separability
Session 12D: ML Backdoors Authors, Creators & Presenters: Hanlei Zhang (Zhejiang University), Yijie Bai (Zhejiang University), Yanjiao Chen (Zhejiang University), Zhongming Ma (Zhejiang University), Wenyuan Xu (Zhejiang University) PAPER BARBIE: Robust Backdoor Detection Based On Latent Separability Backdoor attacks are an essential risk to deep learning model sharing. Fundamentally, backdoored models are different from benign…
-
What to Look For in Bot Agent Trust Management Software: 7 Key Capabilities
Evaluate bot & agent trust management software with this 7-capability checklist: visibility, trust scoring, intent detection, MCP protection, and more. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/what-to-look-for-in-bot-agent-trust-management-software-7-key-capabilities/
-
How AI Agents Are Transforming Identity Verification and Authentication Systems
Explore how AI agents enhance identity verification and authentication systems with smarter fraud detection and seamless user security. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/how-ai-agents-are-transforming-identity-verification-and-authentication-systems/
-
CredShields Leads OWASP Smart Contract Top 10 2026 as Governance and Access Failures Drive Onchain Risk
srcset=”https://b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?quality=50&strip=all 1200w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=300%2C200&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=768%2C512&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=1024%2C683&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=150%2C100&quality=50&strip=all 150w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=1046%2C697&quality=50&strip=all 1046w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=252%2C168&quality=50&strip=all 252w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=126%2C84&quality=50&strip=all 126w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=720%2C480&quality=50&strip=all 720w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=540%2C360&quality=50&strip=all 540w, b2b-contenthub.com/wp-content/uploads/2026/02/OWASP1.png?resize=375%2C250&quality=50&strip=all 375w” width=”1024″ height=”683″ sizes=”auto, (max-width: 1024px) 100vw, 1024px”> Cyber NewsWireGovernance and Privilege Failures DominateThe highest-ranked risks for 2026 include:Access Control VulnerabilitiesBusiness Logic VulnerabilitiesPrice Oracle ManipulationFlash LoanFacilitated AttacksProxy & Upgradeability VulnerabilitiesAnalysis of 2025 incidents shows…
-
Hackers can turn Grok, Copilot into covert commandcontrol channels, researchers warn
Tags: ai, automation, awareness, cloud, control, detection, framework, governance, hacker, identity, monitoring, network, risk, saas, toolSteps to take: Security leaders should not respond by blocking AI outright, analysts said, but by applying the same governance discipline used for other high-risk SaaS platforms.Varkey recommended starting with a comprehensive inventory of all AI tools in use and establishing a clear policy framework for approving and enabling them.Organizations should also implement AI-specific traffic…
-
Chinese hackers exploited zero-day Dell RecoverPoint flaw for 1.5 years
Pivot techniques: In addition to the payloads themselves, the investigation also revealed new techniques. For example, the legitimate shell script convert_hosts.sh that exists on these appliances has been modified to include the path of the backdoors to achieve persistence.The SLAYSTYLE web shell, which is designed to receive commands over HTTP and execute them on the…
-
NDSS 2025 Try to Poison My Deep Learning Data? Nowhere To Hide Your Trajectory Spectrum!
Session 12D: ML Backdoors Authors, Creators & Presenters: Yansong Gao (The University of Western Australia), Huaibing Peng (Nanjing University of Science and Technology), Hua Ma (CSIRO’s Data61), Zhi Zhang (The University of Western Australia), Shuo Wang (Shanghai Jiao Tong University), Rayne Holland (CSIRO’s Data61), Anmin Fu (Nanjing University of Science and Technology), Minhui Xue (CSIRO’s…
-
Engineering for the Inevitable: Managing Downstream Failures in Security Data Pipelines
Learn how to prevent 50% of detection failures caused by log delivery chain issues. Master persistent queuing, schema drift mitigation, and automated recovery for zero data loss SOC operations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/engineering-for-the-inevitable-managing-downstream-failures-in-security-data-pipelines/
-
NDSS 2025 CLIBE: Detecting Dynamic Backdoors In Transformer-based NLP Models
Session 12D: ML Backdoors Authors, Creators & Presenters: Rui Zeng (Zhejiang University), Xi Chen (Zhejiang University), Yuwen Pu (Zhejiang University), Xuhong Zhang (Zhejiang University), Tianyu Du (Zhejiang University), Shouling Ji (Zhejiang University) PAPER CLIBE: Detecting Dynamic Backdoors in Transformer-based NLP Models Backdoors can be injected into NLP models to induce misbehavior when the input text…
-
Anti-phishing rules mistakenly blocked emails, Teams messages
Microsoft says an Exchange Online issue that mistakenly quarantined legitimate emails last week was triggered by faulty heuristic detection rules designed to block credential phishing campaigns. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-anti-phishing-rules-mistakenly-blocked-emails-teams-messages/
-
A new approach for GenAI risk protection
Solution 1: GenAI enterprise model: Implement enterprise licenses for approved GenAI solutions (such as ChatGPT Enterprise or Microsoft CoPilot 365, which is integrated into existing O365 tenants). Enterprise GenAI solutions typically include a robust set of built-in security tools that allow organizations to secure their data and implement DLP controls within the enterprise GenAI solution…
-
Foxveil Malware Loader Uses Cloudflare, Netlify, and Discord to Bypass Detection
A new malware loader, dubbed Foxveil, that abuses trusted platforms such as Cloudflare Pages, Netlify, and Discord to stage and deliver malicious payloads while evading traditional detection methods. Active since at least August 2025, the loader is used as an initial-stage component, establishing a foothold on victim machines, executing shellcode in memory, and preparing the…
-
AI-Driven Threat Detection for Quantum-Enabled Side-Channel Attacks
Learn how to protect your AI infrastructure from quantum-enabled side-channel attacks using post-quantum cryptography and ai-driven threat detection for MCP. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/ai-driven-threat-detection-for-quantum-enabled-side-channel-attacks/
-
China-linked snoops have been exploiting Dell 0-day since mid-2024, using ‘ghost NICs’ to avoid detection
Full scale of infections remains ‘unknown’ First seen on theregister.com Jump to article: www.theregister.com/2026/02/18/dell_0day_brickstorm_campaign/
-
GitGuardian Doubles Down on AI Agent Defense With $50M Raise
Series C Funding Round Focuses on Secrets Remediation, Agent Governance Expansion. Backed by a $50 million Series C, GitGuardian plans to accelerate U.S. expansion and enhance secrets detection remediation and non-human identity controls as AI agents multiply across enterprises, increasing exposure to credential abuse and lateral movement. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/gitguardian-doubles-down-on-ai-agent-defense-50m-raise-a-30778
-
Scam Guard for desktop: A second set of eyes for suspicious moments
Malwarebytes Scam Guard is now on Windows and Mac, bringing AI-powered scam detection to your desktop. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/scam-guard-for-desktop-a-second-set-of-eyes-for-suspicious-moments/
-
Scam Guard for desktop: A second set of eyes for suspicious moments
Malwarebytes Scam Guard is now on Windows and Mac, bringing AI-powered scam detection to your desktop. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/scam-guard-for-desktop-a-second-set-of-eyes-for-suspicious-moments/
-
What 5 Million Apps Revealed About Secrets in JavaScript
Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery – until now. Intruder’s research team built a new secrets detection method and scanned 5 million applications specifically looking for secrets hidden in JavaScript bundles. Here’s what we learned. First seen on bleepingcomputer.com Jump to…
-
My Day Getting My Hands Dirty with an NDR System
My objectiveThe role of NDR in SOC workflowsStarting up the NDR systemHow AI complements the human responseWhat else did I try out?What could I see with NDR that I wouldn’t otherwise?Am I ready to be a network security analyst now?My objectiveAs someone relatively inexperienced with network threat hunting, I wanted to get some hands-on experience…
-
New ‘ClickFix’ Malware Payload Targets Browser Cache, Warns Cybersecurity Experts
Threat actors on underground forums are now promoting a new “ClickFix” payload-delivery technique that hides malware in the browser cache to evade endpoint detection and response (EDR) tools. The seller pitches the method as an evolution of existing ClickFix/FileFix social”‘engineering chains, claiming it can execute malicious code via Windows File Explorer without generating obvious network…
-
Contrast ADR for Google Security Operations
<div cla Contrast Security has announced the availability of a new integration between Contrast ADR and Google Security Operations. This collaboration provides security operations centers (SOCs) with high-fidelity runtime application intelligence to accelerate detection and response to sophisticated application-layer threats. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/contrast-adr-for-google-security-operations/
-
Leaky Chrome extensions with 37M installs caught divulging your browsing history
Encrypted exfiltration made detection difficult: The researcher said in a blog post that several of these extensions attempted to hide the nature of transmitted data. Outbound payloads were frequently encrypted or encoded before transmission, preventing automated inspection.”Manual inspection of the captured traffic revealed a variety of obfuscation schemes: base64, ROT47, LZ-String compression, and full AES-256…
-
Leaky Chrome extensions with 37M installs caught shipping your browsing history
Encrypted exfiltration made detection difficult: The researcher said in a blog post that several of these extensions attempted to hide the nature of transmitted data. Outbound payloads were frequently encrypted or encoded before transmission, preventing automated inspection.”Manual inspection of the captured traffic revealed a variety of obfuscation schemes: base64, ROT47, LZ-String compression, and full AES-256…
-
10 years later, Bangladesh Bank cyberheist still offers cyber-resiliency lessons
Tags: access, ai, application-security, attack, automation, backdoor, banking, ceo, cisco, ciso, compliance, control, credentials, crypto, cyber, cybercrime, cybersecurity, data-breach, defense, detection, endpoint, exploit, finance, fintech, firewall, framework, infrastructure, intelligence, international, malware, monitoring, network, north-korea, oracle, password, risk, service, software, theft, threat, tool, vulnerabilitySecurity shortcomings: Adrian Cheek, senior cybercrime researcher at threat exposure management firm Flare, said the Bangladesh Bank heist was possible because of a number of security shortcomings, including a failure to air gap critical infrastructure.”The Bank of Bangladesh had four servers and the same number of desktops connected to SWIFT,” Cheek says. “This infrastructure, however,…