Tag: intelligence
-
CIO des Jahres 2025 jetzt mitmachen und bis Ende Mai bewerben
So sehen Siegerinnen und Sieger aus. Die Gewinnerinnen und Gewinner des vergangenen Jahres jubeln über ihre CIO-des-Jahres-Awards. Machen auch Sie mit und bewerben Sie sich dann stehen Sie vielleicht im Oktober 2025 auf der großen Gala-Bühne und dürfen sich über die renommierteste IT-Auszeichnung Deutschlands freuen. cio.de / Tobias TschepeDie heiße Phase für die Bewerbung um…
-
North Korea Targets Ukraine With Cyberespionage Operations
Tags: cyber, cyberespionage, cybersecurity, hacker, intelligence, korea, north-korea, phishing, risk, ukrainePhishing Campaigns Appear to Be Solely Intelligence-Gathering for DPRK Leadership. North Korea nation-state hackers appear to have entered the Ukrainian cyber operations fray, albeit solely for cyberespionage purposes for gathering intelligence to help North Korean leadership determine the current risk to its forces already in the theater, cybersecurity researchers report. First seen on govinfosecurity.com Jump…
-
Artificial Intelligence in Cybersecurity The Solutions You Need
Artificial Intelligence is something that we as organizations need to keep up with our technology-loving contemporaries. After all, it’s the goal of every organization to be its best version and become the king of the room. To do so, we need no setbacks, the most common being the cyberattacks that are driven by AI. Digital……
-
Attackers Leverage Unpatched Output”¯Messenger 0″‘Day to Deliver Malicious Payloads
A Türkiye-affiliated espionage threat actor, tracked by Microsoft Threat Intelligence as Marbled Dust (also known as Sea Turtle and UNC1326), has been exploiting a zero-day vulnerability in Output Messenger, a popular multiplatform chat software. Identified as CVE-2025-27920, this directory traversal flaw in the Output Messenger Server Manager application allows authenticated attackers to upload malicious files…
-
Russia’s ‘outsourced’ Bulgarian spy ring sentenced to more than 50 years in UK
Six Bulgarians tasked with spy operations in the U.K. on behalf of Russian intelligence each received multi-year prison sentences for their activities. First seen on therecord.media Jump to article: therecord.media/bulgarian-members-russian-spy-ring-sentenced-uk
-
Türkiye-Linked Hackers Exploit Output Messenger Zero-Day (CVE-2025-27920) in Espionage Campaign
Microsoft Threat Intelligence has linked a regional cyber-espionage campaign exploiting a zero-day vulnerability in Output Messenger to the First seen on securityonline.info Jump to article: securityonline.info/turkiye-linked-hackers-exploit-output-messenger-zero-day-cve-2025-27920-in-espionage-campaign/
-
Phishing Campaign Uses Blob URLs to Bypass Email Security and Avoid Detection
Cybersecurity researchers at Cofense Intelligence have identified a sophisticated phishing tactic leveraging Blob URIs (Uniform Resource Identifiers) to deliver credential phishing pages directly to users’ inboxes while evading traditional email security measures. Blob URIs, typically used by browsers to handle temporary data like images, audio, or video files, are now being weaponized by threat actors…
-
Security Gamechangers: CrowdStrike’s AI-Native SOC Next Gen SIEM Take Center Stage at RSAC 2025
CrowdStrike introduced several enhancements to its Falcon cybersecurity platform and Falcon Next-Gen SIEM at the RSA Conference 2025, highlighting artificial intelligence, managed threat hunting and operational efficiencies aimed at transforming modern Security Operations Centers (SOC). First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/security-gamechangers-crowdstrikes-ai-native-soc-next-gen-siem-take-center-stage-at-rsac-2025/
-
Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures
Threat actors have been observed leveraging fake artificial intelligence (AI)-powered tools as a lure to entice users into downloading an information stealer malware dubbed Noodlophile.”Instead of relying on traditional phishing or cracked software sites, they build convincing AI-themed platforms often advertised via legitimate-looking Facebook groups and viral social media campaigns,” First seen on thehackernews.com Jump…
-
Chrome 137 Integrates Gemini Nano AI to Combat Tech Support Scams
Google has unveiled a groundbreaking defense mechanism in Chrome 137, integrating its on-device Gemini Nano large language model (LLM) to detect and block these malicious campaigns in real time. This update marks a significant leap in combating evolving cyber threats by leveraging artificial intelligence directly within users’ browsers. Tech support scams exploit psychological manipulation, mimicking…
-
Google Chrome Uses Advanced AI to Combat Sophisticated Online Scams
Google has integrated artificial intelligence into its cybersecurity toolkit to shield users from financial and data theft scams. On Friday, May 09, 2025, the company unveiled a comprehensive report detailing its latest AI-driven initiatives across Search, Chrome, and Android, marking a significant leap in preemptive threat detection and user protection. These advancements aim to counteract…
-
FBI warns that end of life devices are being actively targeted by threat actors
Tags: access, antivirus, attack, authentication, botnet, china, cisco, control, credentials, cve, data-breach, exploit, firewall, firmware, Hardware, identity, infection, intelligence, Internet, malware, network, password, router, sans, service, software, technology, threat, tool, update, vulnerabilityLinksys E1200, E2500, E1000, E4200, E1500, E300, E3200, E1550, WRT320N, WRT310N, WRT610NCradlepoint E100Cisco M10Threat actors, notably Chinese state-sponsored actors, are successfully exploiting known vulnerabilities in routers exposed to the web through pre-installed remote management software, according to the FBI. They then install malware, set up a botnet, and sell proxy services or launch coordinated attacks.”The…
-
ISMG Editors: CISA Cuts and US Cyber Plan Raise Alarms
Also: Cyber IPOs and the Investment Climate, the Urgency of AI Explainability. In this week’s update, ISMG editors unpacked Trump’s teased grand cyber plan amid budget cuts to the Cybersecurity and Infrastructure Security Agency, key business takeaways from RSAC Conference 2025 and why explainability in artificial intelligence is becoming critical to trust and security. First…
-
Bringing Zero Trust Into the AI Era
University of Texas CISO George Finney on Zero Trust Challenges and His New Book. Enterprises need to mature their zero trust models to recognize how trust is inherently built into artificial intelligence and how to proactively identify vulnerabilities. George Finney, CISO at University of Texas Systems, says security teams need to be trained to spot…
-
Mistral AI Models Fail Key Safety Tests, Report Finds
Pixtral Models 60 Times More Likely to Generate Harmful Content Than Rivals. Publicly available artificial intelligence models made by Mistral produce child sexual abuse material and instructions for chemical weapons manufacturing at rates far exceeding those of competing systems, found researchers from Enkrypt AI. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/mistral-ai-models-fail-key-safety-tests-report-finds-a-28358
-
Phishing Attack Uses Blob URIs to Show Fake Login Pages in Your Browser
Cofense Intelligence reveals a novel phishing technique using blob URIs to create local fake login pages, bypassing email… First seen on hackread.com Jump to article: hackread.com/phishing-attack-blob-uri-fake-login-pages-browser/
-
Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
Tags: ai, api, apple, backdoor, credentials, cybersecurity, infrastructure, intelligence, macOS, malicious, threat, toolCybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial intelligence (AI)-powered source code editor.”Disguised as developer tools offering ‘the cheapest Cursor API,’ these packages steal user credentials, fetch an encrypted payload from threat actor-controlled infrastructure, overwrite Cursor’s First seen on thehackernews.com Jump…
-
CVE funding crisis offers chance for vulnerability remediation rethink
Tags: access, ai, awareness, best-practice, cisa, cve, cvss, cybersecurity, data, exploit, Hardware, healthcare, intelligence, iot, kev, least-privilege, metric, mfa, microsoft, network, open-source, penetration-testing, risk, software, threat, tool, training, update, vulnerability, vulnerability-managementAutomatic for the people: AI technologies could act as a temporary bridge for vulnerability triage, but not a replacement for a stable CVE system, according to experts consulted by CSO.”Automation and AI-based tools can also enable real-time discovery of new vulnerabilities without over-relying on standard CVE timelines,” said Haris Pylarinos, founder and chief executive of…
-
Russia-linked ColdRiver used LostKeys malware in recent attacks
Tags: apt, attack, cyberespionage, espionage, google, government, group, intelligence, malware, russia, threatSince early 2025, Russia-linked ColdRiver has used LostKeys malware to steal files in espionage attacks on Western governments and organizations. Google’s Threat Intelligence Group discovered LOSTKEYS, a new malware used by Russia-linked APT COLDRIVER, in recent attacks to steal files and gather system info. TheColdRiverAPT (aka “Seaborgium”, “Callisto”, “Star Blizzard”,”TA446″) is a Russian cyberespionage group…
-
Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android
Google on Thursday announced it’s rolling out new artificial intelligence (AI)-powered countermeasures to combat scams across Chrome, Search, and Android.The tech giant said it will begin using Gemini Nano, its on-device large language model (LLM), to improve Safe Browsing in Chrome 137 on desktops.”The on-device approach provides instant insight on risky websites and allows us…
-
38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases
Cybersecurity researchers have exposed what they say is an “industrial-scale, global cryptocurrency phishing operation” engineered to steal digital assets from cryptocurrency wallets for several years.The campaign has been codenamed FreeDrain by threat intelligence firms SentinelOne and Validin.”FreeDrain uses SEO manipulation, free-tier web services (like gitbook.io, webflow.io, and github.io First seen on thehackernews.com Jump to article:…
-
From Managing Vulnerabilities to Managing Exposure: The Critical Shift You Can’t Ignore
Tags: ai, attack, best-practice, breach, business, cloud, computing, control, cyber, cybersecurity, data, data-breach, endpoint, identity, infrastructure, intelligence, Internet, office, risk, service, software, strategy, technology, threat, tool, vulnerability, vulnerability-managementVulnerability management remains core to reducing cyber risk, but as the attack surface grows, teams need a risk-driven strategy that looks beyond vulnerabilities to see the bigger picture. Discover how exposure management unifies data and prioritizes real exposures, keeping teams proactive and ahead of cyber threats. The limits of siloed security Over the years, the…
-
CISA warns of cyberattacks targeting the US oil and gas infrastructure
Tags: advisory, cisa, control, cyberattack, cybersecurity, flaw, infrastructure, intelligence, Internet, network, open-source, password, risk, threatStronger passwords, segmentation, and manual operations are advised: CISA cited past analysis to emphasize that targeted systems use default or easily guessable (using open-source tools) passwords. Changing default passwords for strong and unique ones is important for public-facing internet devices that have the capability to control OT systems or processes, it added in the advisory.Segmenting…
-
Iranian Hackers Posing as Model Agency to Target Victims
Unit 42, the threat intelligence arm of Palo Alto Networks, has exposed a covert operation likely orchestrated by Iranian cyber actors. The campaign involves a fraudulent website, megamodelstudio[.]com, meticulously designed to impersonate the Hamburg-based Mega Model Agency. Cyberespionage Campaign Uncovered Registered on February 18, 2025, and hosted at IP address 64.72.205[.]32 since March 1, 2025,…
-
Russian COLDRIVER Hackers Deploy LOSTKEYS Malware to Steal Sensitive Information
The Google Threat Intelligence Group (GTIG) has uncovered a sophisticated new malware dubbed LOSTKEYS, attributed to the Russian government-backed threat actor COLDRIVER, also known as UNC4057, Star Blizzard, and Callisto. Active since at least December 2023, with significant campaigns observed in January, March, and April 2025, LOSTKEYS represents a notable evolution in COLDRIVER’s toolkit, which…
-
OpenCTI: Free Cyber Threat Intelligence Platform for Security Experts
OpenCTI (Open Cyber Threat Intelligence) stands out as a free, open source platform specifically designed to address this need-delivering robust capabilities for cyber threat intelligence (CTI) management and analysis. Created by Filigran, OpenCTI allows organizations to structure, store, and visualize both technical details (like Tactics, Techniques, and Procedures-TTPs-and observables) and non-technical information (such as attribution…
-
Why Identity Signals Are Replacing IOCs in Threat Intelligence
The CISO’s View: Too Many Alerts, Too Little Context Imagine a SOC analyst under pressure. Their screen is filled with IP addresses, malware hashes, geolocations, login alerts, and thousands of other signals. It’s a flood of noise. IOCs used to be the gold standard for cyber threat detection, but today? Attackers don’t need malware or……