Tag: intelligence
-
Who Owns Threat and Exposure Management in Your Organization?
A study conducted by Enterprise Strategy Group, now part of Omdia, in partnership with Tenable shows responsibility for exposure management scattered across multiple teams with conflicting priorities. It’s time to build the team of the future, discover what ‘good’ looks like and how to get there. Key takeaways Teams are fragmented, with most organizations lacking…
-
Italy first in EU to pass comprehensive law regulating use of AI
Legislation limits child access and imposes prison terms for damaging use of artificial intelligenceItaly has become the first country in the EU to approve a comprehensive law regulating the use of artificial intelligence, including imposing prison terms on those who use the technology to cause harm, such as generating deepfakes, and limiting child access.Giorgia Meloni’s…
-
Where CISOs need to see Splunk go next
Tags: ai, api, automation, cisco, ciso, cloud, communications, compliance, conference, crowdstrike, cybersecurity, data, data-breach, detection, finance, framework, google, incident response, intelligence, jobs, metric, microsoft, open-source, RedTeam, resilience, risk, router, siem, soar, strategy, tactics, threat, tool, vulnerabilityResilience resides at the confluence of security and observability: There was also a clear message around resilience, the ability to maintain availability and recover quickly from any IT or security event.From a Cisco/Splunk perspective, this means a more tightly coupled relationship between security and observability.I’m reminded of a chat I had with the chief risk…
-
Let AI Do the Shopping, Says Google
AP2 Protocol Introduces ‘Mandates’ to Keep Agent-Led Spending Accountable. Artificial intelligence agents can now shop so consumers don’t have to – but the non-human shoppers will need a signed permission slip first. Google on Wednesday announced the launch of an agent payments protocol, which creates a framework for AI-driven purchases. First seen on govinfosecurity.com Jump…
-
Hackers steal hotel guests’ payment data in new AI-driven campaign
A hacker group known as RevengeHotels is using artificial intelligence to boost its attacks on hotels in Brazil and elsewhere, researchers found. First seen on therecord.media Jump to article: therecord.media/hackers-payment-data-guests-steal
-
BeaverTail Malware Delivered Through Malicious Repositories Targets Retailers
Tech Note BeaverTail variant distributed via malicious repositories and ClickFix lure17 September 2025 Oliver Smith, GitLab Threat Intelligence We have identified infrastructure distributing BeaverTail and InvisibleFerret malware since at least May 2025, operated by North Korean actors tracked as Contagious Interview and Famous Chollima. The campaign uses ClickFix lures to target marketing and […] The…
-
China-Aligned TA415 Exploits Google Sheets Calendar for C2
China-aligned TA415 hackers have adopted Google Sheets and Google Calendar as covert command-and-control (C2) channels in a sustained espionage campaign targeting U.S. government, academic, and think tank entities. By blending malicious operations into trusted cloud services, TA415 aims to evade detection and harvest intelligence on evolving U.S.China economic policy discussions. Throughout July and August 2025,…
-
China-Aligned TA415 Exploits Google Sheets Calendar for C2
China-aligned TA415 hackers have adopted Google Sheets and Google Calendar as covert command-and-control (C2) channels in a sustained espionage campaign targeting U.S. government, academic, and think tank entities. By blending malicious operations into trusted cloud services, TA415 aims to evade detection and harvest intelligence on evolving U.S.China economic policy discussions. Throughout July and August 2025,…
-
Palo Alto Networks and Microsoft Featured in MITRE ATTCK Evaluations 2026
Two cybersecurity industry leaders have made significant announcements regarding their participation in the upcoming MITRE ATT&CK Evaluations, marking a notable shift in how major security vendors approach independent testing validation. Diagram illustrating core features of Palo Alto Networks’ Cortex XDR cybersecurity platform, including threat intelligence, endpoint protection, and automation Palo Alto Networks Steps Back After…
-
Scattered Spider Resurfaces With Financial Sector Attacks Despite Retirement Claims
Cybersecurity researchers have tied a fresh round of cyber attacks targeting financial services to the notorious cybercrime group known as Scattered Spider, casting doubt on their claims of going “dark.”Threat intelligence firm ReliaQuest said it has observed indications that the threat actor has shifted their focus to the financial sector. This is supported by an…
-
Survey Surfaces Rising Number of AI Security Incidents
A global survey of 1,025 IT and security professionals finds that while organizations experienced an average of 2.17 cloud breaches over the past 18 months, only 8% were categorized as severe. At the same time, however, with the rise of artificial intelligence (AI) there may be more significant challenges ahead. More than half of respondents..…
-
CrowdStrike Extends AI Security Ambitions Beyond Operations to Include Workloads
CrowdStrike at its Fal.Con event today expanded its effort to embed artificial intelligence (AI) agents into security operations center (SOC) workflows and while simultaneously extending its ability to secure AI applications by acquiring Pangea for $260 million. Additionally, CrowdStrike also revealed the Fall 2025 update to its core platform adds a graph capability to track..…
-
SlopAds Fraud Ring Exploits 224 Android Apps to Drive 2.3 Billion Daily Ad Bids
A massive ad fraud and click fraud operation dubbed SlopAds ran a cluster of 224 apps, collectively attracting 38 million downloads across 228 countries and territories.”These apps deliver their fraud payload using steganography and create hidden WebViews to navigate to threat actor-owned cashout sites, generating fraudulent ad impressions and clicks,” HUMAN’s Satori Threat Intelligence and…
-
Windows Users Hit by VenomRAT in AI-Driven RevengeHotels Attack
RevengeHotels, also known as TA558, has escalated its long-standing cybercrime campaign by incorporating artificial intelligence into its infection chains, deploying the potent VenomRAT malware against Windows users. Active since 2015, this threat actor has traditionally targeted hotel guests and travelers, stealing payment card data through phishing emails. Recent campaigns, however, demonstrate a marked shift: AI-generated…
-
Eve Security Launches AI Platform to Secure AI Agent Interactions
Eve Security today made available an observability and policy enforcement platform that is designed to use artificial intelligence (AI) agents to ensure that other AI agents are not accessing IT resources without permission. Fresh off raising $3 million in seed funding, Eve Security CEO Nadav Cornberg said instead of requiring a person to be in..…
-
Eve Security Launches AI Platform to Secure AI Agent Interactions
Eve Security today made available an observability and policy enforcement platform that is designed to use artificial intelligence (AI) agents to ensure that other AI agents are not accessing IT resources without permission. Fresh off raising $3 million in seed funding, Eve Security CEO Nadav Cornberg said instead of requiring a person to be in..…
-
CobaltStrike’s AI-native successor, ‘Villager,’ makes hacking too easy
Tags: ai, attack, control, credentials, detection, exploit, framework, governance, hacking, identity, incident response, intelligence, network, pypi, RedTeam, risk, supply-chain, threat, update, vulnerability, windowsSupply chain and detection risks: Villager’s presence on a trusted public repository like PyPI, where it was downloaded over 10,000 times over the last two months, introduces a new vector for supply chain compromise. Jason Soroko, senior fellow at Sectigo, advised that organizations “focus first on package provenance by mirroring PyPI, enforcing allow lists for…
-
CobaltStrike’s AI-native successor, ‘Villager,’ makes hacking too easy
Tags: ai, attack, control, credentials, detection, exploit, framework, governance, hacking, identity, incident response, intelligence, network, pypi, RedTeam, risk, supply-chain, threat, update, vulnerability, windowsSupply chain and detection risks: Villager’s presence on a trusted public repository like PyPI, where it was downloaded over 10,000 times over the last two months, introduces a new vector for supply chain compromise. Jason Soroko, senior fellow at Sectigo, advised that organizations “focus first on package provenance by mirroring PyPI, enforcing allow lists for…
-
Eve Security Launches AI Platform to Secure AI Agent Interactions
Eve Security today made available an observability and policy enforcement platform that is designed to use artificial intelligence (AI) agents to ensure that other AI agents are not accessing IT resources without permission. Fresh off raising $3 million in seed funding, Eve Security CEO Nadav Cornberg said instead of requiring a person to be in..…
-
WordPress Plugin Vulnerability Let Attackers Bypass Authentication via Social Login
A critical vulnerability in the Case Theme User plugin for WordPress allows unauthenticated attackers to hijack any account on vulnerable sites, including administrative accounts, by exploiting the social login feature. Site owners are urged to update immediately. On May 31, 2025, Wordfence Intelligence received a report of an Authentication Bypass via Social Login vulnerability in…
-
The Impact of Google’s JavaScript SERPs and AI Search on eCommerce Businesses
Google’s search engine results pages now require JavaScript, effectively “hiding” the listings from organic rank trackers, artificial intelligence models, and o First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/the-impact-of-googles-javascript-serps-and-ai-search-on-ecommerce-businesses/
-
CISOs grapple with the realities of applying AI to security functions
Tags: ai, automation, breach, business, ceo, ciso, compliance, cybersecurity, data, detection, email, endpoint, finance, governance, incident response, intelligence, law, malicious, malware, microsoft, risk, service, soc, threat, toolThe agentic edge: The financial services is often an early adopter of cutting-edge security technologies.Erin Rogers, SVP and director of cybersecurity risk and compliance at BOK Financial, tells CSO that AI-based upgrades are helping threat detection and response systems to autonomously analyze threats, make real-time decisions, and adapt responses, significantly improving early detection and mitigation.While…
-
CISOs grapple with the realities of applying AI to security functions
Tags: ai, automation, breach, business, ceo, ciso, compliance, cybersecurity, data, detection, email, endpoint, finance, governance, incident response, intelligence, law, malicious, malware, microsoft, risk, service, soc, threat, toolThe agentic edge: The financial services is often an early adopter of cutting-edge security technologies.Erin Rogers, SVP and director of cybersecurity risk and compliance at BOK Financial, tells CSO that AI-based upgrades are helping threat detection and response systems to autonomously analyze threats, make real-time decisions, and adapt responses, significantly improving early detection and mitigation.While…
-
Open Source CyberSOCEval Sets New Benchmark for AI in Malware Analysis and Threat Intelligence
Open Source CyberSOCEval, a newly launched evaluation platform, is making waves in the cybersecurity community by demonstrating how artificial intelligence can transform malware analysis and threat intelligence. Developed by a group of independent security researchers, CyberSOCEval combines advanced machine learning models with real-world malware samples to offer organizations a clear view of how AI tools…
-
New Zealand sanctions Russian military hackers over cyberattacks on Ukraine
New Zealand has imposed sanctions on Russian military intelligence hackers accused of cyberattacks on Ukraine, including members of a notorious hacking unit previously tied to destructive malware campaigns. First seen on therecord.media Jump to article: therecord.media/new-zealand-russia-gru-ukraine
-
Checkmarx Surfaces Liesthe-Middle Attack to Compromise AI Tools
Checkmarx today published a technique it has uncovered that poisons artificial intelligence (AI) agents models in a way that convinces them to tell end users that certain activities and behaviors are safe when in fact they are high risk. Darren Meyer, security research advocate at Checkmarx Zero, a research arm of the company, said this..…
-
New ransomware Yurei adopts open-source tools for double-extortion campaigns
Tags: access, attack, authentication, backup, breach, ciso, cloud, control, data, edr, extortion, flaw, intelligence, Internet, mfa, network, open-source, phishing, powershell, ransomware, resilience, risk, service, switch, threat, tool, windowsBigger risks beyond downtime: The double-extortion ransomware appears to be an early version, as it has loopholes. Ransomware often targets and deletes shadow copies to block victims from using Windows’ built-in recovery options. But Yurei did not delete the shadow copies, which, if enabled, can allow the victim to restore their files to a previous…