Tag: intelligence
-
Midsize firms universally behind in slog toward DORA compliance
Tags: ai, business, ciso, compliance, cybersecurity, dora, finance, germany, insurance, intelligence, monitoring, resilience, risk, service, skills, technology, toolBeginning Friday, Jan. 17, all EU financial institutions are now required to operate in compliance with the Digital Operational Resilience Act (DORA). The EU directive aims to increase cybersecurity in the financial industry. However, studies show that many companies are still struggling with implementation.According to a November 2024 survey from metafinanz, the average level of…
-
Star Blizzard Shifts Tactics: Spear-Phishing Campaign Targets WhatsApp Accounts
Microsoft Threat Intelligence has uncovered a new spear-phishing campaign orchestrated by the Russian threat actor known as Star First seen on securityonline.info Jump to article: securityonline.info/star-blizzard-shifts-tactics-spear-phishing-campaign-targets-whatsapp-accounts/
-
A Brief Guide for Dealing with ‘Humanless SOC’ Idiots
image by Meta.AI lampooning humanless SOC My former “colleagues” have written several serious pieces of research about why a SOC without humans will never happen (“Predict 2025: There Will Never Be an Autonomous SOC”, “The “Autonomous SOC” Is A Pipe Dream”, “Stop Trying To Take Humans Out Of Security Operations”). But I wanted to write…
-
US hits back against China’s Salt Typhoon group
Tags: attack, backdoor, china, cisa, ciso, communications, computer, control, crypto, cve, cyber, cyberattack, cybersecurity, defense, detection, disinformation, espionage, exploit, finance, government, group, infosec, infrastructure, intelligence, ivanti, law, malicious, mandiant, microsoft, network, north-korea, office, tactics, technology, theft, threat, tool, vpn, vulnerabilityThe US is hitting back against the threat group, dubbed Salt Typhoon by Microsoft, which is allegedly behind recent cyber attacks against American telecommunications providers, as part of a wider campaign against Chinese-based hacking.On Friday the Department of the Treasury’s Office of Foreign Assets Control (OFAC) said it is sanctioning Sichuan Juxinhe Network Technology, a…
-
US Export Control Rules on AI Chips Spark Backlash
Poland, Israel, Nvidia and Oracle Question Need for Restrictions. A decision by the Biden administration to limit international access to American-made advanced artificial intelligence chips is facing backlash from countries whose purchasing power the rule affects. New export controls seeks to choke the supply of advanced chips to China. First seen on govinfosecurity.com Jump to…
-
Cisco Unveils AI Defense to Stand Against Model Safety Risks
Product Head Jeetu Patel on How AI Defense Ensures Secure LLM Operations at Runtime. Cisco’s AI Defense platform addresses emerging safety and security risks in AI. By leveraging insights from Robust Intelligence, it offers model validation, threat prevention and integrated guardrails to protect against evolving challenges such as hallucinations and prompt injection attacks. First seen…
-
Stop wasting money on ineffective threat intelligence: 5 mistakes to avoid
Tags: business, ciso, compliance, cyber, cybersecurity, data, detection, edr, finance, group, incident response, infrastructure, intelligence, jobs, malware, monitoring, risk, risk-management, siem, soc, strategy, tactics, technology, threat, tool, update, vulnerability, vulnerability-managementStrong capabilities in cyber threat intelligence (CTI) can help take a cybersecurity program to the next level on many different fronts. When organizations choose quality sources of threat intelligence that are relevant to their technology environments and their business context, these external sources can not only power swifter threat detection but also help leaders better…
-
Contextal Platform: Open-source threat detection and intelligence
Contextal Platform is an open-source cybersecurity solution for contextual threat detection and intelligence. Developed by the original authors of ClamAV, it offers advanced … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/15/contextal-platform-open-source-threat-detection/
-
The AI Revolution: Navigating Cybersecurity Challenges in 2025
As we stand on the threshold of 2025, the cybersecurity landscape is undergoing a dramatic transformation, largely driven by artificial intelligence and emerging threat vectors. Drawing from Nuspire’s recent cybersecurity outlook webinar, let’s explore the key trends and challenges that organizations will face in the coming year. Looking Back to Move Forward Before diving into…
-
New Federal Playbook Aims to Boost AI Cyber Incident Sharing
US CISA Releases Guidance to Streamline AI Cyber Incident Information Sharing. The Cybersecurity and Infrastructure Security Agency released a playbook Tuesday through its flagship public-private collaborative to help guide public-private information sharing around artificial intelligence cybersecurity incidents while detailing federal actions to strengthen shared defense. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/new-federal-playbook-aims-to-boost-ai-cyber-incident-sharing-a-27293
-
AI-Driven Ransomware Group Strikes 85 Victims
Amateurish Ransomware Group Doubles as Hackstivists. Cybersecurity researchers discovered an artificial intelligence-driven ransomware group that emerged at the end of last year and compromised more than 85 victims worldwide. The group uses double extortion, combining data theft with encryption. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ai-driven-ransomware-group-strikes-85-victims-a-27291
-
BforeAI Raises $10 Million for Predictive Attack Intelligence
BforeAI has raised $10 million in Series B funding, which brings the total raised by the security firm to more than $30 million. The post BforeAI Raises $10 Million for Predictive Attack Intelligence appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/bforeai-raises-10-million-for-predictive-attack-intelligence/
-
Russia-linked APT UAC-0063 target Kazakhstan in with HATVIBE malware
Russia-linked threat actor UAC-0063 targets Kazakhstan to gather economic and political intelligence in Central Asia. Russia-linked threat actors UAC-0063 is targeting Kazakhstan as part of a cyber espionage campaign to gather economic and political intelligence in Central Asia. The Computer Emergency Response Team of Ukraine (CERT-UA) first detailed the activity of UAC-0063 in early 2023.…
-
Companies Double Down on AI and Supply Chain Security, According to Black Duck’s BSIMM15 Report
Organisations worldwide are ramping up efforts to tackle emerging security risks in artificial intelligence (AI) and software supply chains, according to the newly released BSIMM15 report from Black Duck. The report, which examines software security practices across 121 companies, reveals a sharp increase in activities aimed at strengthening defenses against evolving threats. Key findings from…
-
This is the year CISOs unlock AI’s full potential
In 2025, CISOs will have powerful new capabilities as generative artificial intelligence (GenAI) continues to mature. Evolving beyond providing answers to questions, GenAI … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/14/genai-cisos/
-
Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection
Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass Apple’s System Integrity Protection (SIP). Known as CVE-2024-44243, this vulnerability could be exploited to load third-party kernel extensions, resulting in severe security implications for macOS users. Apple released a patch for this vulnerability as part of its December 11, 2024, security…
-
Poland uncovers Russia-linked disinformation campaign targeting upcoming presidential election
The group behind the operation is likely controlled by the Russian military intelligence service, GRU, which recruits individuals “from various backgrounds,” said Poland’s digital affairs minister.]]> First seen on therecord.media Jump to article: therecord.media/poland-uncovers-russia-linked-disinformation-campaign-presidential-election
-
What Enterprises Need to Know About Agentic AI Risks
Mitigating Cybersecurity, Privacy Risks for New Class of Autonomous Agents. Many organizations are looking to artificial intelligence agents to autonomously perform tasks that surpass traditional automation. Tech firms are rolling out agentic AI tools that can handle customer-facing interactions, IT operations and a variety of other processes without human intervention, but experts are cautioning security…
-
British Prime Minister Starmer Unveils New AI Plan
Proposals Calls for AI Growth Zones and National Data Library. British Prime Minister Keir Starmer unveiled a plan for converting the United Kingdom into an artificial intelligence world leader, allowing it to shape the next phase of the AI revolution. Key recommendations include creating multiple AI growth zones and a national data library. First seen…
-
Biden’s final push: Using AI to bolster cybersecurity standards
Tags: access, ai, attack, china, cisa, compliance, cyber, cyberattack, cybersecurity, data, defense, detection, email, exploit, finance, framework, government, hacker, incident, infrastructure, intelligence, office, privacy, programming, resilience, risk, software, strategy, technology, threat, vulnerabilityIn a decisive move to strengthen national cybersecurity, President Joe Biden is poised to sign an executive order imposing stringent security standards for federal agencies and contractors. Scheduled for publication in the coming days, the directive will emphasize integrating artificial intelligence (AI) into cyber defense strategies while addressing systemic vulnerabilities in software security, reported Reuters.This…
-
CISOs embrace rise in prominence, with broader business authority
Tags: ai, attack, business, ceo, cio, ciso, compliance, control, corporate, cyber, cyberattack, cybersecurity, data, governance, healthcare, infrastructure, intelligence, network, privacy, regulation, risk, risk-management, security-incident, strategy, technology, threat, updateIt’s a familiar refrain: As cybersecurity has become a core business priority, it is no longer a siloed operation, and the responsibilities of CISOs have grown, giving them greater prominence within the organization.According to CSO’s 2024 Security Priorities Study, 72% of security decision-makers say their role has grown to include additional responsibilities over the past…
-
13th January Threat Intelligence Report
The International Civil Aviation Organization (ICAO), that is part of the UN, confirmed a compromise of its recruitment database that exposed 42,000 recruitment applications. The data contains records from April 2016 to […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2025/13th-january-threat-intelligence-report/
-
The Vanity Press in Academia
I’ve never been a regular resident of the ivory halls of academia, but Mich Kabay recently made me aware of an article about legitimate scientific journals driven to distraction by being flooded with commentary apparently reflecting a surge in the use of artificial intelligence rather than legitimate research and analysis. The Science article claims that……
-
Wie KI den Nutzen der Threat-Intelligence verstärkt
Der weit verbreitete Einsatz generativer KI verändert auch den Nutzen von Threat-Intelligence, denn sie automatisiert die Datenanalyse, Bedrohungsvorhersage und automatisierte Reaktion erheblich. KI-gesteuerte Modelle zur Bedrohungsanalyse können riesige Datenmengen blitzschnell verarbeiten, unterschwellige Muster erkennen und Erkenntnisse generieren, die für menschliche Analysten schwierig oder zeitraubend wären. Diese Innovation spiegelt sich wirksam auf strategischer, operativer und taktischer…
-
Last-Minute Biden Rules on AI Chips Hits Industry Resistance
Nvidia, Semiconductor Trade Group Push Back Against Reported Chip Restrictions. The White House’s reported final push to impose tighter restrictions on global semiconductor exports, including artificial intelligence chips critical for data centers, has drawn strong criticism from Nvidia and the semiconductor industry in the last days of the administration. First seen on govinfosecurity.com Jump to…
-
Biden Administration Releases ‘AI Strategic Plan’ for HHS
Days Are Dwindling, But Biden White House Unveils New AI Roadmap for HHS. With 10 days left in office, the Biden administration released an artificial intelligence strategic plan for the U.S. Department of Health and Human Service. HHS called the plan a comprehensive roadmap outlining the department’s commitment to trustworthy, ethical and equitable AI use.…
-
Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation
Microsoft has revealed that it’s pursuing legal action against a “foreign-based threatactor group” for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence (AI) services and produce offensive and harmful content.The tech giant’s Digital Crimes Unit (DCU) said it has observed the threat actors “develop First seen on…
-
DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering
The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io.Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination with the Netherlands’ Financial Intelligence and Investigative Service, Finland’s National Bureau of First seen on thehackernews.com…