Tag: intelligence
-
AI Kills Fictional Executive in Scenario Probing Red Lines
Anthropic Says Top AI Models may Deceive or Coerce to Survive. Artificial intelligence models will choose harm over failure when their goals are threatened and no ethical alternatives are available, say researchers who tested 16 popular large language models. The goal was to evaluate how systems behave. The result: blackmail and deception. First seen on…
-
Okta Introduces Cross App Access to Secure AI Agents in Enterprise
Okta Inc. on Monday said it has created a new protocol to secure artificial intelligence (AI) agents to bring visibility, control and governance to agent-driven and app-to-app interactions. The Cross App Access platform is especially important as more AI tools use protocols like Model Context Protocol (MCP) to connect their AI learning models to important..…
-
Google Adds Multi-Layered Defenses to Secure GenAI from Prompt Injection Attacks
Google has revealed the various safety measures that are being incorporated into its generative artificial intelligence (AI) systems to mitigate emerging attack vectors like indirect prompt injections and improve the overall security posture for agentic AI systems.”Unlike direct prompt injections, where an attacker directly inputs malicious commands into a prompt, indirect prompt injections First seen…
-
ISMG Editors: Anubis Ransomware’s Puzzling New Tactic
Also: CISA’s Leadership Crisis; Why AI’s Confident Errors Demand Urgent Oversight. In this week’s update, four editors with ISMG discussed Anubis ransomware’s puzzling shift to data wiping malware, the leadership vacuum and budget uncertainty at CISA and growing concerns about how artificial intelligence tools are making confident mistakes that demand human oversight. First seen on…
-
Hackers Target 700+ ComfyUI AI Image Generation Servers to Spread Malware
Tags: ai, backdoor, china, cyber, cybersecurity, exploit, flaw, framework, group, hacker, intelligence, malware, threat, vulnerabilityChina’s National Cybersecurity Notification Center has issued an urgent warning about critical vulnerabilities in ComfyUI, a widely used image-generation framework for large AI models. These flaws, already under active exploitation by hacker groups, have compromised at least 695 servers worldwide, according to threat intelligence from XLab. The attackers are deploying a sophisticated backdoor named >>Pickai,
-
A New Identity Playbook for AI Agents: Securing the Agentic User Flow
Artificial intelligence has reached an inflection point. AI agents are no longer just service accounts or background processes. They’re decision-makers, workflow executors, and digital delegates”, acting autonomously across APIs, clouds, and systems. Unlike traditional non-human identities (NHI), like service accounts or static API keys, agentic identities are dynamic, ephemeral, and often self-directed. Gartner highlights that…
-
Why AI Agents Deserve 1st Class Identity Management
Artificial intelligence is no longer just about passive assistants or chatbots that wait for human instructions. We’re in the agentic era”, where AI agents reason, plan, take initiative, and act autonomously. These agents don’t just help humans; they become actors on behalf of humans, systems, and even other agents. Gartner predicts that by 2026, 30%…
-
Over 100,000 WordPress Sites Exposed to Privilege Escalation via MCP AI Engine
The Wordfence Threat Intelligence team identified a severe security flaw in the AI Engine plugin, a widely used tool installed on over 100,000 WordPress websites. This vulnerability, classified as an Insufficient Authorization to Privilege Escalation via Model Context Protocol (MCP), has a CVSS score of 8.8 (High) and has been assigned the identifier CVE-2025-5071. Affecting…
-
Sophisticated Phishing Attack Uses ASP Pages to Target Prominent Russia Critics Google
Google Threat Intelligence Group (GTIG), in collaboration with external partners, has uncovered a sophisticated phishing campaign orchestrated by a Russia state-sponsored cyber threat actor, tracked as UNC6293. Active from at least April through early June 2025, this campaign specifically targeted prominent academics and critics of Russia. GTIG assesses with low confidence that UNC6293 is associated…
-
How JustTime Provisioning Creates Artificial Agent Identities on Demand
Artificial intelligence is entering its agentic era”, where AI systems don’t just assist humans, they act autonomously to accomplish complex tasks. These agents can reason, delegate, and interact with APIs and systems across clouds, all at machine speed. Gartner predicts that by 2026, 30% of enterprises will deploy AI agents capable of acting on behalf…
-
The highest-paying jobs in cybersecurity today
Tags: access, ai, application-security, cisco, cloud, compliance, control, corporate, cybersecurity, data, defense, detection, firewall, governance, grc, hacker, identity, incident response, infrastructure, intelligence, jobs, network, penetration-testing, privacy, risk, risk-assessment, risk-management, skills, soc, threat, tool, training, vulnerability, vulnerability-managementSee “Top 12 cloud security certifications”See “CISSP certification: Requirements, training, exam, and cost”See “CCSP certification: Exam, cost, requirements, training, salary” Security engineer: After security architects, security engineers receive the second-highest annual cash compensation ($191,000), with a base salary of $168,000. Nearly a third (31%) of security engineers surveyed also received annual equity grants.Like their architect…
-
Ex-CIA Analyst Sentenced to 37 Months for Leaking Top Secret National Defense Documents
A former U.S. Central Intelligence Agency (CIA) analyst has been sentenced to little more than three years in prison for unlawfully retaining and transmitting top secret National Defense Information (NDI) to people who were not entitled to receive them and for attempting to cover up the malicious activity.Asif William Rahman, 34, of Vienna, has been…
-
$5.48M Lawsuit Settlement Reached in Software Vendor Hack
Several Affected HealthEC Healthcare Clients Are Chipping in to Fund Settlement. A provider of artificial intelligence-enabled hospital cost-cutting software and several of its healthcare clients agreed to $5.48 million to settle proposed class action litigation involving a 2023 hacking incident affecting 4.6 million individuals. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/548m-lawsuit-settlement-reached-in-software-vendor-hack-a-28724
-
Scattered Spider hackers targeting insurance industry following retail hits, Google warns
Security analysts at Google’s Threat Intelligence Group published a warning this week to insurance companies, writing that it is “now aware of multiple intrusions in the US which bear all the hallmarks of Scattered Spider activity.” First seen on therecord.media Jump to article: therecord.media/scattered-spider-targeting-insurance-sector-following-retail-attacks
-
Beware: Weaponized Research Papers Delivering Malware Through Password-Protected Documents
The AhnLab Security Intelligence Center (ASEC) recently made the concerning revelation that the infamous Kimsuky hacking organization was connected to a crafty phishing email campaign that targeted unwary people. Disguised as a seemingly legitimate request for a paper review from a professor, these emails lure recipients into opening a password-protected HWP document embedded with a…
-
Schwachstellen proaktiv mit Threat-Hunting in Echtzeit erkennen
Censys, einer der führenden Anbieter von Tools für Threat-Intelligence, Threat-Hunting und Attack-Surface-Management, hat sein neues Threat-Hunting-Module gelauncht. Das neue Modul unterstützt Security-Teams dabei, Schwachstellen proaktiv zu erkennen und aus den Daten Gegenmaßnahmen zur Behebung abzuleiten, bevor es zu Cyberangriffen und einem Exploit von Sicherheitslücken kommen kann. Als Teil der kürzlich vorgestellten Censys-Platform ermöglicht das neue…
-
Google Warns of Scattered Spider Attacks Targeting IT Support Teams at U.S. Insurance Firms
The notorious cybercrime group known as Scattered Spider (aka UNC3944) that recently targeted various U.K. and U.S. retailers has begun to target major insurance companies, according to Google Threat Intelligence Group (GTIG).”Google Threat Intelligence Group is now aware of multiple intrusions in the U.S. which bear all the hallmarks of Scattered Spider activity,” John Hultquist,…
-
GCHQ Intern Sentenced to 7 Years for Illegally Copying Secret Files to Smartphone
A former intern at the UK’s intelligence agency GCHQ has been sentenced to seven and a half years in prison after admitting to smuggling top secret data out of a secure facility using his mobile phone, in a breach described by prosecutors as a “flagrant violation” of national security protocols. Hasaan Arshad, 25, a computer…
-
8 tips for mastering multicloud security
Tags: access, attack, automation, business, ciso, cloud, compliance, conference, control, cybersecurity, data, detection, framework, google, governance, identity, intelligence, least-privilege, malware, microsoft, monitoring, okta, resilience, risk, service, siem, skills, software, strategy, technology, threat, tool, training, vulnerability2. Create unified security governance: A unified security governance model should be established, spanning all cloud environments and supported by centralized identity management, visibility, automation, and policy enforcement, advises Nigel Gibbons, director and senior advisor at security services firm NCC Group.This approach, Gibbons says, minimizes complexity and silos by creating consistent security controls across cloud…
-
Hackers switch to targeting U.S. insurance companies
Threat intelligence researchers are warning of hackers breaching multiple U.S. companies in the insurance industry using all the tactics observed with Scattered Spider activity. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-warns-scattered-spider-hackers-now-target-us-insurance-companies/
-
‘Multiple Intrusions’ In US Likely Linked To Infamous Hacker Group
Recent cyberattacks targeting the insurance industry have the hallmarks of the threat group Scattered Spider, according to Google’s threat intelligence chief. First seen on crn.com Jump to article: www.crn.com/news/security/2025/google-multiple-intrusions-in-us-likely-linked-to-infamous-hacker-group
-
Intelligence sharing key to cyber security in Europe, says EU Commission cyber expert
Cyber criminals choose not to attack Europe due to its resilience and preparedness, says the EU Commission’s principal advisor for cyber security coordination, Despina Spanou First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366626234/Intelligence-sharing-key-to-cyber-security-in-Europe-says-EU-Commission-cyber-expert
-
History made as MI6 appoints first female Chief
The UK government has appointed Blaise Florence Metreweli as the next Chief of the Secret Intelligence Service (SIS), also known as MI6. Metreweli will take up the role, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/16/blaise-florence-metreweli-mi6-chief/
-
UK appoints first-ever female chief of foreign intelligence service MI6
Blaise Metreweli, previously the leader of MI6’s real-life “Q branch” responsible for technology and innovation, is now the spy agency’s chief. First seen on therecord.media Jump to article: therecord.media/blaise-metreweli-new-mi6-chief
-
GUEST ESSAY: The AI illusion: Don’t be fooled, innovation without guardrails is just riskat scale
Artificial intelligence is changing everything from how we search for answers to how we decide who gets hired, flagged, diagnosed, or denied. Related: Does AI take your data? It offers speed and precision at unprecedented scale. But without intention,… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/guest-essay-the-ai-illusion-dont-be-fooled-innovation-without-guardrails-is-just-risk-at-scale/