Tag: network
-
Cargo theft malware actor spent a month inside a decoy network before researchers pulled the plug
Proofpoint researchers executed a malicious payload from a threat actor known to target trucking and logistics companies in late February 2026, doing so inside a decoy … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/16/cargo-theft-malware-actor-decoy-network/
-
How the enterprise supply chain has created a global attack surface
For years, organisations have treated cyber security as something that happens within their own walls. Protect the network, secure the endpoints, monitor the environment. Job done. Security was architected like a moat and castle, but today the model is no longer effective. Today, the real exposure sits outside the organisation. It sits in third parties,…
-
How the enterprise supply chain has created a global attack surface
For years, organisations have treated cyber security as something that happens within their own walls. Protect the network, secure the endpoints, monitor the environment. Job done. Security was architected like a moat and castle, but today the model is no longer effective. Today, the real exposure sits outside the organisation. It sits in third parties,…
-
Only 16% of Businesses are Fully Compliant with NIS2 Despite 2024 Compliance Deadline
New research from CyberSmart has revealed that, despite a compliance deadline that has now passed, only 16% of businesses required to comply with the EU’s Network and Information Security Directive 2 (NIS2) are confident that they are fully compliant. Worryingly, 11% of respondents were unsure what NIS2 is, despite falling within its scope. The CyberSmart…
-
Beating the Mythos clock: Using Tenable Hexa AI custom agents for automated patching
Tags: ai, business, cvss, cyberattack, data, exploit, LLM, mitigation, network, remote-code-execution, risk, strategy, supply-chain, threat, tool, update, vulnerability, vulnerability-managementSee how Tenable Hexa AI custom agents empower you to counter machine-speed threats by automating vulnerability remediation. Learn how the Model Context Protocol (MCP) automates execution of risk-driven patching workflows, shifting your strategy from reactive tracking to continuous exposure management. Key takeaways Even in previews, powerful AI models like Claude Mythos show us how quickly…
-
Critical Cisco ISE Flaws Let Remote Attackers Execute Malicious Code
Networking giant Cisco has issued an urgent security advisory warning of two newly discovered vulnerabilities impacting its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC). Cisco Identity Services Engine (ISE) is a widely deployed security policy management platform that provides secure access to enterprise network resources. The most severe of these new flaws…
-
RCE by design: MCP architectural choice haunts AI agent ecosystem
sh, bash, powershell, curl, rm, and other high-risk binaries, they added.The core issue is that there’s currently no check in place to verify that a STDIO command is intended to initialize an MCP server rather than perform a malicious task. Furthermore, the researchers observed that even if the sent command fails to start the server,…
-
Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic
Cybersecurity researchers have warned of an active malicious campaign that’s targeting the workforce in the Czech Republic with a previously undocumented botnet dubbed PowMix since at least December 2025.”PowMix employs randomized command-and-control (C2) beaconing intervals, rather than persistent connection to the C2 server, to evade the network signature detections,” Cisco Talos First seen on thehackernews.com…
-
The endless CISO reporting line debate, and what it says about cybersecurity leadership
Tags: access, business, ceo, cio, ciso, cloud, control, corporate, cyber, cybersecurity, firewall, governance, infrastructure, jobs, monitoring, network, resilience, risk, strategy, technology, vulnerabilityThe governance gap behind the debate: The persistence of this debate reflects a broader governance gap.Historically, information security emerged as a technical discipline embedded within IT departments. Early security teams focused primarily on protecting infrastructure: Firewalls, access controls, network monitoring and vulnerability management. In that environment, it was natural for the security function to sit…
-
We’re only seeing the tip of the chip-smuggling iceberg
A string of federal indictments has exposed a pervasive shadow network of data centers and fake products spanning Southeast Asia. To secure national security, the U.S. must move enforcement from the airport gate to the factory floor. First seen on cyberscoop.com Jump to article: cyberscoop.com/ai-chip-smuggling-china-export-controls-enforcement-op-ed/
-
Claude Mythos: Prepare for your board’s cybersecurity questions about the latest AI model from Anthropic
Tags: ai, api, application-security, attack, authentication, automation, best-practice, business, ceo, cisa, cloud, compliance, container, control, cve, cvss, cyber, cybersecurity, data, data-breach, endpoint, exploit, fedramp, finance, flaw, framework, governance, group, HIPAA, identity, injection, insurance, kev, law, linkedin, linux, LLM, macOS, network, PCI, risk, service, soc, software, strategy, technology, threat, update, vulnerability, vulnerability-management, windows, zero-day, zero-trustWith the Federal Reserve Chairman meeting with bank CEOs to discuss the security implications of Claude Mythos, you can bet that your board of directors will ask you about the impact of the AI model on your cybersecurity strategy. Here’s how to prepare. Key takeaways Anthropic announced Claude Mythos Preview, its most powerful general-purpose frontier…
-
Why Orgs Need to Test Networks to Withstand DDoS Attacks During Peak Loads
Security teams can’t test distributed denial-of-service defenses in a vacuum. They need to test during periods of high demand, such as tax filing deadlines. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/test-networks-withstand-ddos-attacks-peak-loads
-
4 questions to ask before outsourcing MDR
2. Can your team separate real threats from noise?: Alert fatigue is one of the biggest barriers to effective security. Tools generate volumes of signals, but not all alerts represent real risk. When everything looks critical, teams either burn out or miss the alerts that matter most.MDR helps by applying human expertise and threat intelligence…
-
Major Scam Network Triad Nexus Adapts Operations to Avoid U.S. Scrutiny
After the U.S. Treasury last year sanctioned the Funnull CDN it used, the Triad Nexus scam network changed up its operations and began using major cloud services providers, creating front companies, and shifting away from targeting U.S. victims, instead is focusing on those in Asia, according to Silent Push researchers. First seen on securityboulevard.com Jump…
-
Taming Network Policy Sprawl with AI
Zero-trust and micro-segmentation have become the default direction for enterprise network security, and for good reason. But the shift has introduced an operational problem that few organizations were ready for: an explosion of fragmented rules, overlapping policies and billions of complex access paths that no human team can realistically manage on its own. Alan Shimel..…
-
Palo Alto Networks übernimmt Koi und definiert neue Sicherheitskategorie ‘Agentic Endpoint Security”
Palo Alto Networks hat den Abschluss der Übernahme von Koi bekannt gegeben. Mit der Akquisition adressiert Palo Alto Networks eine wachsende Sicherheitslücke, die durch den zunehmenden Einsatz von KI”‘Agenten auf Endgeräten entsteht: Zwar bieten agentische Tools Unternehmen Produktivitätssteigerungen, sie schaffen aber gleichzeitig eine neue Angriffsfläche, die herkömmliche Sicherheitstools nicht entdecken. Durch den Zugriff auf kritische…
-
China-linked cloud credential heist runs on typos and SMTP
Typosquatting for cloud-native espionage: The campaign relies heavily on deception, the researchers pointed out, using C2 domains closely resembling legitimate Alibaba Cloud services. The typosquatting approach allows malicious traffic to blend into routine cloud operations, specifically in environments where outbound filtering is absent.The implant used is an obfuscated ELF binary, with an executable designed for…
-
Janela RAT Spreads via Fake MSI Installers, Malicious Extensions
Janela Remote Access Trojan (RAT) campaign using fake Windows MSI installers and malicious browser extensions to infiltrate financial networks and exfiltrate sensitive data. The latest Janela RAT samples are being distributed through public GitLab repositories, where attackers host MSI installation files disguised as legitimate software installers. Unsuspecting users in Chile, Colombia, and Mexico the campaign’s primary targets are lured into downloading these…
-
The AI inflection point: What security leaders must do now
The questions have matured: The AI discussion in security has evolved in phases.First came skepticism from security leaders, asking whether AI actually works in security operations. Given years of overpromised technology, the caution was warranted.Experimentation followed, with questions centering on what types of work AI should handle and where it introduces risk.Now, the dominant questions…
-
The AI inflection point: What security leaders must do now
The questions have matured: The AI discussion in security has evolved in phases.First came skepticism from security leaders, asking whether AI actually works in security operations. Given years of overpromised technology, the caution was warranted.Experimentation followed, with questions centering on what types of work AI should handle and where it introduces risk.Now, the dominant questions…
-
How AI is transforming threat detection
Tags: ai, attack, automation, best-practice, business, ceo, cisa, cve, cyber, data, detection, email, endpoint, framework, google, governance, group, incident response, intelligence, international, jobs, kev, malware, network, nist, organized, phishing, risk, skills, soc, switch, technology, threat, toolReducing alert fatigue: In alert triage, AI agents are reducing alert fatigue by clustering alert patterns and enabling risk-based prioritization, adds Dipto Chakravarty, chief product and technology officer at Black Duck.For example, natural language processing agents can summarize threat alerts at scale and correlate them with threat intel feeds such as CVE.org and the CISA KEV Catalog,…
-
Synology SSL VPN Client Vulnerability Enabled Remote Access to Sensitive Files
Synology has recently released a crucial security update to fix two notable vulnerabilities in its SSL VPN Client utility. Tracked under the security advisory Synology-SA-26:05, these flaws could allow remote attackers to access sensitive system files and intercept secure network traffic. The Synology SSL VPN Client is a popular tool used to establish encrypted connections…
-
Rockstar’s GTA Game Hacked, 78.6 Million Records Published Online
Rockstar Games has suffered a significant data breach after the infamous threat group ShinyHunters leaked over 78.6 million internal records on April 14, 2026. The incident did not involve a direct attack on Rockstar’s primary network infrastructure. Instead, the hackers executed a supply-chain attack through a third-party analytics platform, highlighting the escalating risk of integrated…
-
NSFOCUS Threat Intelligence Interviewed in The Top Trends Shaping Threat Intelligence in Asia Pacific Report by International Authority
Forrester, an international authoritative consulting firm, released “The Top Trends Shaping Threat Intelligence in Asia Pacific”. With its deep technical accumulation, product system and mature solutions in the field of threat intelligence, NSFOCUS was interviewed for the report. As enterprises cope with the rapidly changing cybersecurity and regulatory environment in the Asia-Pacific region, threat intelligence…The…
-
Anthropic’s Mythos signals a structural cybersecurity shift
Tags: access, ai, attack, business, ciso, control, corporate, cyber, cybersecurity, defense, exploit, governance, network, offense, risk, supply-chain, technology, updateClaude Mythos Preview is a step up: A separate analysis from the UK’s AI Security Institute (AISI) evaluated Mythos Preview itself.The evaluations involved both capture-the-flag (CTF) challenges and more complex ranges designed to simulate multi-step attack scenarios, where the model outperformed other AI systems.Mythos Preview came out on top in a 32-step corporate network attack…
-
Why Network Monitoring Alone Misses Application Attacks
Tags: application-security, attack, defense, detection, exploit, monitoring, network, tool, vulnerability, waf<div cla TL;DR Network security monitoring excels at traffic analysis and perimeter defense, yet research shows WAF alerts generate overwhelming noise with minimal correlation to actual exploit attempts. The gap exists because network tools operate at the packet level or network edge, while application attacks exploit vulnerabilities during code execution. Runtime application security through Application…
-
When AI Finds a Way Out: The Alibaba Incident and Why Zero Trust Matters More Than Ever
Tags: access, ai, control, cybersecurity, data-breach, detection, firewall, flaw, identity, malware, network, software, threat, training, zero-trustThe incidentIn cybersecurity, the most important lessons rarely come from theory, but reality.A recent incident involving an experimental AI agent in the Alibaba ecosystem is one of those moments that forces us to pause and rethink some of our core assumptions. During what should have been just model training, the Alibaba AI agent began behaving…
-
Banks Must Act Like Interpol to Fight Fraud Networks
Joël Winteregg of Vyntra on How AI Is Industrializing Fraud at Unprecedented Scale. Gen AI has created a paradise for fraudsters, said Joel Winteregg, CEO of Vyntra. Just as Interpol coordinates across borders to dismantle criminal networks, Winteregg said banks must operate as a unified intelligence network, because the fraud operations targeting them already do.…