Tag: RedTeam
-
Zscaler Purchases SPLX to Strengthen GenAI Model Protection
Acquisition Boosts AI Defense from Red-Teaming, Risk Scoring to Compliance Tracking. The SPLX acquisition gives Zscaler new tools for red-teaming, AI governance and pre-deployment risk analysis. The deal will strengthen Zscaler’s push to provide comprehensive GenAI protection, from cloud model discovery to runtime guardrails and ongoing compliance reporting. First seen on govinfosecurity.com Jump to article:…
-
Threat Actors Weaponizing Open Source AdaptixC2 Tied to Russian Underworld
AdaptixC2, a legitimate and open red team tool used to assess an organization’s security, is being repurposed by threat actors for use in their malicious campaigns. Threat researchers with Silent Push have linked the abuse of the technology back to a Russian-speaking bad actor who calls himself “RalfHacker.” First seen on securityboulevard.com Jump to article:…
-
Threat Actors Weaponizing Open Source AdaptixC2 Tied to Russian Underworld
AdaptixC2, a legitimate and open red team tool used to assess an organization’s security, is being repurposed by threat actors for use in their malicious campaigns. Threat researchers with Silent Push have linked the abuse of the technology back to a Russian-speaking bad actor who calls himself “RalfHacker.” First seen on securityboulevard.com Jump to article:…
-
Data sovereignty proof: How to verify controls like ‘Project Texas’
“Verification regimes work best when they serve everyone’s interests. The reporting company wants a process that does not impose too many burdens or interrupt workflow while allowing it to demonstrate compliance. Oversight bodies want hard data that is difficult to fake and indicates adherence to the regime. Finally, these systems need to be simple enough…
-
Data sovereignty proof: How to verify controls like ‘Project Texas’
“Verification regimes work best when they serve everyone’s interests. The reporting company wants a process that does not impose too many burdens or interrupt workflow while allowing it to demonstrate compliance. Oversight bodies want hard data that is difficult to fake and indicates adherence to the regime. Finally, these systems need to be simple enough…
-
Hackers steal Discord accounts with RedTiger-based infostealer
Attackers are using the open-source red-team tool RedTiger to build an infostealer that collects Discord account data and payment information. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-steal-discord-accounts-with-redtiger-based-infostealer/
-
Hackers steal Discord accounts with RedTiger-based infostealer
Attackers are using the open-source red-team tool RedTiger to build an infostealer that collects Discord account data and payment information. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-steal-discord-accounts-with-redtiger-based-infostealer/
-
US NSA alleged to have launched a cyber attack on a Chinese agency
Tags: access, attack, authentication, breach, china, ciso, cloud, communications, control, country, cyber, cybersecurity, defense, finance, hacker, infrastructure, international, login, malicious, mfa, monitoring, network, RedTeam, resilience, sans, service, spy, supply-chain, technology“NSA does not confirm nor deny allegations in the media regarding its operations. Our core focus is countering foreign malign activities persistently targeting American interests, and we will continue to defend against adversaries wishing to threaten us.”The Chinese post says the country “shattered the US cyber attack plot of stealing secrets and infiltration and sabotage,…
-
US NSA alleged to have launched a cyber attack on a Chinese agency
Tags: access, attack, authentication, breach, china, ciso, cloud, communications, control, country, cyber, cybersecurity, defense, finance, hacker, infrastructure, international, login, malicious, mfa, monitoring, network, RedTeam, resilience, sans, service, spy, supply-chain, technology“NSA does not confirm nor deny allegations in the media regarding its operations. Our core focus is countering foreign malign activities persistently targeting American interests, and we will continue to defend against adversaries wishing to threaten us.”The Chinese post says the country “shattered the US cyber attack plot of stealing secrets and infiltration and sabotage,…
-
Penetration testing vs red teaming: What’s the difference?
In cyber security, two terms are often used interchangeably but mean very different things: penetration testing and red teaming. Both involve authorised simulations of cyber attacks designed to uncover weaknesses, yet they differ in scope, intent, and the insights they provide. A penetration test reveals where defences can be strengthened, while a red team exercise”¦…
-
Evilginx’s creator reckons with the dark side of red-team tools
Polish developer Kuba Gretzky wanted to prove that multi-factor authentication wasn’t foolproof. He succeeded, maybe too well. What happens when a cybersecurity warning becomes the threat itself? First seen on therecord.media Jump to article: therecord.media/evilginx-kuba-gretzky-interview-click-here-podcast
-
Evilginx’s creator reckons with the dark side of red-team tools
Polish developer Kuba Gretzky wanted to prove that multi-factor authentication wasn’t foolproof. He succeeded, maybe too well. What happens when a cybersecurity warning becomes the threat itself? First seen on therecord.media Jump to article: therecord.media/evilginx-kuba-gretzky-interview-click-here-podcast
-
TDL 007 – Cyber Warriors Digital Shadows: Insights from Canada’s Cybersecurity Leader
Tags: ai, awareness, backup, breach, browser, business, cio, ciso, communications, conference, control, corporate, country, cryptography, cyber, cybersecurity, dark-web, data, data-breach, defense, dns, email, encryption, finance, government, healthcare, identity, incident, infrastructure, intelligence, Internet, jobs, law, leak, linux, malicious, mfa, mitigation, network, organized, phone, privacy, ransom, ransomware, RedTeam, resilience, risk, risk-management, router, service, startup, strategy, supply-chain, switch, tactics, technology, theft, threat, tool, training, windowsSummary In this episode of The Defender’s Log, host David Redekop interviews Sami Khoury, the Senior Official for Cybersecurity for the Government of Canada. With a career spanning 33 years at the Communication Security Establishment (CSE), Khoury shares how a coincidental job application blossomed into a lifelong passion for national security. Khoury emphasizes that modern…
-
A View from the C-suite: Aligning AI security to the NIST RMF FireTail Blog
Tags: access, ai, attack, breach, csf, cybersecurity, data, data-breach, defense, detection, framework, governance, grc, guide, incident response, infrastructure, injection, jobs, LLM, malicious, nist, RedTeam, risk, risk-management, strategy, supply-chain, theft, tool, vulnerabilityOct 15, 2025 – Jeremy Snyder – In 2025, the AI race is surging ahead and the pressure to innovate is intense. For years, the NIST Cybersecurity Framework (CSF) has been our trusted guide for managing risk. It consists of five principles: identify, protect, detect, respond, and recover. But with the rise of AI revolutionizing…
-
Open-source monitor turns into an off-the-shelf attack beacon
Tags: api, apt, attack, china, control, hacker, malware, monitoring, open-source, powershell, ransomware, rat, RedTeam, russia, software, threat, tool, windowsRiding Nezha to Ghost RAT: With the web shell in place, the attackers used AntSword to download two components: “live.exe” (the Nezha agent) and a “config.yml” that pointed to the attacker-controlled domain. The Nezha agent connected back to a management server whose dashboard was running in Russian, presumably to throw off attribution.Once Nezha was active,…
-
Hackers Turn AWS X-Ray into Command-and-Control Platform
Tags: cloud, control, cyber, framework, hacker, infrastructure, monitoring, network, RedTeam, serviceRed team researchers have unveiled XRayC2, a sophisticated command-and-control framework that weaponizes Amazon Web Services’ X-Ray distributed application tracing service to establish covert communication channels. This innovative technique demonstrates how attackers can abuse legitimate cloud monitoring infrastructure to bypass traditional network security controls. Diagram explaining command and control (C2) servers used by attackers to control…
-
Agentic AI in IT security: Where expectations meet reality
Tags: ai, api, automation, cloud, compliance, control, credentials, crowdstrike, cybersecurity, data, detection, finance, framework, gartner, google, governance, infrastructure, injection, metric, phishing, RedTeam, risk, service, siem, skills, soar, soc, software, strategy, technology, threat, tool, trainingIntegration approaches: Add-on vs. standalone: The first decision regarding AI agents is whether to layer them onto existing platforms or to implement standalone frameworks. The add-on model treats agents as extensions to security information and event management (SIEM), security orchestration, automation and response (SOAR), or other security tools, providing quick wins with minimal disruption. Standalone…
-
Agentic AI in IT security: Where expectations meet reality
Tags: ai, api, automation, cloud, compliance, control, credentials, crowdstrike, cybersecurity, data, detection, finance, framework, gartner, google, governance, infrastructure, injection, metric, phishing, RedTeam, risk, service, siem, skills, soar, soc, software, strategy, technology, threat, tool, trainingIntegration approaches: Add-on vs. standalone: The first decision regarding AI agents is whether to layer them onto existing platforms or to implement standalone frameworks. The add-on model treats agents as extensions to security information and event management (SIEM), security orchestration, automation and response (SOAR), or other security tools, providing quick wins with minimal disruption. Standalone…
-
Offensive Security in Manufacturing: Are you Red Team Ready?
ManuSec Chicago Speaker Johnny Xmas on Value of Pentesting in OT Environments. ManuSec Summit speaker Johnny Xmas, global head of offensive security for a leading U.S. manufacturer, discusses pentesting in operational technology environments, overcoming the hurdles to offensive security programs and the evolving role of OT security. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/offensive-security-in-manufacturing-are-you-red-team-ready-a-29555
-
Anton’s Security Blog Quarterly Q3 2025
Tags: ai, automation, breach, ciso, cloud, cyber, defense, detection, edr, google, governance, guide, metric, office, RedTeam, risk, siem, soc, software, supply-chain, threat, vulnerability, vulnerability-management, zero-trustAmazingly, Medium has fixed the stats so my blog / podcast quarterly is back to life. As before, this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify). Gemini for docs based on this blog Top 10 posts with the most…
-
Meet ShadowLeak: ‘Impossible to detect’ data theft using AI
Tags: ai, attack, business, ciso, cybersecurity, data, data-breach, email, exploit, gartner, governance, injection, LLM, malicious, RedTeam, resilience, risk, sans, service, sql, supply-chain, technology, theft, tool, update, vulnerabilityWhat CSOs should do: To blunt this kind of attack, he said CSOs should:treat AI agents as privileged actors: apply the same governance used for a human with internal resource access;separate ‘read’ from ‘act’ scopes and service accounts, and where possible sanitize inputs before LLM (large language model) ingestion. Strip/neutralize hidden HTML, flatten to safe…
-
Where CISOs need to see Splunk go next
Tags: ai, api, automation, cisco, ciso, cloud, communications, compliance, conference, crowdstrike, cybersecurity, data, data-breach, detection, finance, framework, google, incident response, intelligence, jobs, metric, microsoft, open-source, RedTeam, resilience, risk, router, siem, soar, strategy, tactics, threat, tool, vulnerabilityResilience resides at the confluence of security and observability: There was also a clear message around resilience, the ability to maintain availability and recover quickly from any IT or security event.From a Cisco/Splunk perspective, this means a more tightly coupled relationship between security and observability.I’m reminded of a chat I had with the chief risk…
-
Check Point acquires Lakera to build a unified AI security stack
Tags: access, ai, api, attack, automation, cloud, compliance, control, cybersecurity, data, endpoint, government, infrastructure, injection, LLM, network, RedTeam, risk, saas, startup, supply-chain, tool, trainingClosing a critical gap: Experts call this acquisition significant and not merely adding just another tool to the stack. “This acquisition closes a real gap by adding AI-native runtime guardrails and continuous red teaming into Check Point’s stack,” said Amit Jaju, senior managing director at Ankura Consulting. “Customers can now secure LLMs and agents alongside…
-
5 steps for deploying agentic AI red teaming
Tags: access, ai, application-security, attack, automation, blizzard, business, cloud, control, data, defense, exploit, framework, gartner, governance, infrastructure, malicious, open-source, RedTeam, risk, risk-assessment, service, software, threat, tool, zero-trustFive steps to take towards implementing agentic red teaming: 1. Change your attitude Perhaps the biggest challenge for agentic red teaming is adjusting your perspective in how to defend your enterprise. “The days where database admins had full access to all data are over,” says Suer. “We need to have a fresh attitude towards data…
-
Chinese-Made Villager AI Pentest Tool Raises Cobalt Strike-Like Concerns
Villager is being pitched as a legitimate AI-powered pentest tool for red teams, but the platform, made by Chinese company Cyberspike, has been loaded almost 11,000 times on PyPI in two months, raising concerns that it is on the same path as Cobalt Strike, another red team tool that became a favorite of malicious actors.…
-
CobaltStrike’s AI-native successor, ‘Villager,’ makes hacking too easy
Tags: ai, attack, control, credentials, detection, exploit, framework, governance, hacking, identity, incident response, intelligence, network, pypi, RedTeam, risk, supply-chain, threat, update, vulnerability, windowsSupply chain and detection risks: Villager’s presence on a trusted public repository like PyPI, where it was downloaded over 10,000 times over the last two months, introduces a new vector for supply chain compromise. Jason Soroko, senior fellow at Sectigo, advised that organizations “focus first on package provenance by mirroring PyPI, enforcing allow lists for…
-
CobaltStrike’s AI-native successor, ‘Villager,’ makes hacking too easy
Tags: ai, attack, control, credentials, detection, exploit, framework, governance, hacking, identity, incident response, intelligence, network, pypi, RedTeam, risk, supply-chain, threat, update, vulnerability, windowsSupply chain and detection risks: Villager’s presence on a trusted public repository like PyPI, where it was downloaded over 10,000 times over the last two months, introduces a new vector for supply chain compromise. Jason Soroko, senior fellow at Sectigo, advised that organizations “focus first on package provenance by mirroring PyPI, enforcing allow lists for…
-
Red AI Range: Advanced AI Tool for Identifying and Mitigating Security Flaws
Red AI Range (RAR) offers a turnkey platform for AI red teaming and vulnerability assessment, enabling security professionals to simulate realistic attack scenarios, uncover weaknesses, and deploy fixes all within a controlled, containerized environment. By consolidating diverse AI vulnerabilities and testing tools under one roof, RAR streamlines security workflows and accelerates time-to-remediation. RAR eliminates the…