Tag: RedTeam

KI greift erstmals autonom an

Aug 29, 2025 3:23 PM

Tags: ai, business, ciso, cyberattack, cybercrime, dns, group, injection, intelligence, malware, openai, ransomware, RedTeam, sans, strategy, threat, tool

Das KI-gestützte Entwickler-Tool Claude Code hat einem Cyberkriminellen dabei geholfen, in Netzwerke einzudringen.CISOs und Sicherheitsentscheider rechnen schon seit längerem damit, dass Cyberangriffe nicht mehr von Menschen mit KI-Tools, sondern von KI-Systemen selbst ausgehen. Diese Befürchtung hat sich nun mit neuen Forschungserkenntnissen bestätigt. So offenbart Anthropics aktueller Threat Intelligence Report , dass das KI-gestützte Entwickler-Tool Claude…
Anthropic detects the inevitable: genAI-only attacks, no humans involved

Aug 28, 2025 5:23 AM

Tags: ai, attack, business, ciso, control, cybercrime, cybersecurity, defense, dns, infrastructure, injection, intelligence, malicious, malware, open-source, openai, RedTeam, threat, tool, warfare

not find.”There is potentially a lot of this activity we’re not seeing. Anthropic being open about their platform being used for malicious activities is significant, and OpenAI has recently shared the same as well. But will others open up about what is already likely happening?” Brunkard asked. “Or maybe they haven’t shared because they don’t…
Securden Unified PAM Flaw Allows Attackers to Bypass Authentication

Aug 26, 2025 8:23 PM

Tags: access, ai, authentication, credentials, cyber, flaw, RedTeam, vulnerability

Securden Unified PAM is a comprehensive privileged access management platform that is used to store, manage, and monitor credentials across human, machine, and AI identities in a variety of environments. Security researchers discovered four critical vulnerabilities in this platform during a series of ongoing red teaming operations using Rapid7’s Vector Command service. These flaws, spanning…
Behind the Coinbase breach: Bribery emerges as enterprise threat

Aug 26, 2025 9:54 AM

Tags: access, attack, breach, control, corporate, country, crypto, cybersecurity, data, defense, finance, group, hacker, incident response, india, insurance, intelligence, jobs, malicious, network, password, ransom, ransomware, RedTeam, risk, russia, tactics, threat, training

Coinbase’s widely praised incident response: Coinbase’s transparency, firm stance against the ransom, quick remediation, and willingness to compensate its customers earned wide praise from cybersecurity professionals.According to Coinbase’s Martin, the hackers resorted to paying help desk workers in India precisely because the company had built such a robust security program. Bribery, according to Martin, was…
Warum das SOC in der Krise steckt und wie Sie das ändern

Aug 26, 2025 6:54 AM

Tags: access, ai, authentication, breach, ciso, cloud, cyberattack, dark-web, detection, edr, identity, mail, monitoring, password, RedTeam, saas, service, siem, soc, social-engineering, strategy, threat, tool, update, vulnerability, vulnerability-management

669226129Trotz Millioneninvestitionen in Security Operations Center (SOCs) und modernsten Detection-Technologien sind Breaches weiterhin an der Tagesordnung Tendenz weiterhin steigend.In meiner Erfahrung reagiert nur etwa jedes zwanzigste SOC effektiv auf die ausgeklügelten identitätsbasierten Angriffe, mit denen wir heute konfrontiert sind. Das ist allerdings kein technologisches, sondern ein Paradigmenproblem. Und es ist an der Zeit, zu erkennen,…
New security features beef up Google Cloud Platform

Aug 19, 2025 6:54 PM

Tags: access, ai, attack, authentication, cloud, compliance, computing, control, credentials, data, defense, detection, encryption, finance, google, governance, group, iam, incident response, intelligence, least-privilege, monitoring, network, privacy, RedTeam, risk, service, soar, soc, technology, threat, tool, unauthorized, update, vulnerability, waf, zero-trust

CSO in an email.”One of the biggest security improvements that we’re announcing is within our AI Protection solution [part of a customer’s GCP Security Command Center]. As organizations rapidly adopt AI, we’re developing new capabilities to help them keep their initiatives secure.”These include new capabilities for automated discovery of AI agents and Model Context Protocol…
Why AI Security Needs Continuous Red Teaming

Aug 11, 2025 11:12 PM

Tags: ai, cyber, nist, RedTeam

NIST’s Apostol Vassilev Explains Need for Dynamic Response, Not Static Testing. As AI models grow in scale and power, leading to even more unpredictable outcomes, security teams are grappling with how to defend technologies that some experts can’t begin to fully comprehend. Cyber response teams are exploring the practice of continuous red teaming, said NIST’s…
UK Red Teamers “Deeply Skeptical” of AI

Aug 11, 2025 11:12 AM

Tags: ai, cyber, RedTeam

Commercial red team experts believe AI’s current impact on cyber is overstated First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-red-teamers-deeply-skeptical-of/
OMEN Improvements

Aug 10, 2025 5:12 AM

Tags: attack, control, data, linkedin, password, RedTeam, tool, training

“If I had an hour to solve a problem, I would spend 55 minutes thinking about the problem and five minutes finding the solution.” – Albert Einstein Introduction: I’m a big fan of graphing password cracking sessions. It’s a good way to figure out what’s working and what isn’t by highlighting trends that get lost in…
What is a CISO? The top IT security leader role explained

Aug 8, 2025 9:12 AM

Tags: access, authentication, breach, business, ceo, cio, cisa, ciso, compliance, computer, container, control, corporate, credentials, cyber, cybersecurity, data, ddos, defense, dns, encryption, exploit, finance, firewall, framework, fraud, guide, Hardware, healthcare, infosec, infrastructure, intelligence, international, jobs, kubernetes, mitigation, msp, mssp, network, nist, programming, RedTeam, regulation, risk, risk-management, security-incident, service, skills, software, strategy, technology, threat, training, vpn, zero-day, zero-trust

. You’ll often hear people say the difference between the two is that CISOs focus entirely on information security issues, while a CSOs remit is wider, also taking in physical security as well as risk management.But reality is messier. Many companies, especially smaller ones, have only one C-level security officer, called a CSO, with IT…
10 Best Red Teaming Companies for Advanced Attack Simulation in 2025

Aug 7, 2025 10:11 PM

Tags: attack, cyber, cybersecurity, defense, penetration-testing, RedTeam, tactics, threat, vulnerability

Red teaming companies are specialized cybersecurity firms that use a proactive, adversarial approach to test an organization’s defenses by simulating a real-world cyberattack. Unlike traditional penetration testing, which typically focuses on finding specific vulnerabilities, red teaming emulates the tactics, techniques, and procedures (TTPs) of an advanced persistent threat (APT) actor. The goal is to evaluate…
6 ways hackers hide their tracks

Aug 7, 2025 10:11 AM

Tags: access, ai, antivirus, api, attack, backdoor, breach, captcha, ceo, computer, control, credentials, crypto, cybersecurity, data, data-breach, defense, detection, email, endpoint, exploit, github, hacker, injection, intelligence, jobs, law, linux, LLM, login, malicious, malware, monitoring, network, open-source, openai, phishing, programming, RedTeam, resilience, reverse-engineering, risk, rust, service, social-engineering, software, supply-chain, threat, tool, virus, windows

Backdoors in legitimate software libraries: In April 2024, it was revealed that the XZ Utils library had been covertly backdoored as part of years-long supply-chain compromise effort. The widely used data compression library that ships as a part of major Linux distributions had malicious code inserted into it by a trusted maintainer.Over the last decade,…
MCP: securing the backbone of Agentic AI

Aug 4, 2025 11:56 AM

Tags: access, ai, attack, authentication, business, ciso, control, credentials, cyber, data, detection, injection, least-privilege, mfa, monitoring, RedTeam, risk, security-incident, service, supply-chain, training

Four cornerstones for securing MCP servers: CISOs can largely rely on the proven basic principles of cyber security for MCP they just need to adapt them in a few places. Pure checklists fall short here. Instead, a clear, principles-based approach is required. Four central pillars have proven themselves in practice: Strong authentication and clean credential…
How AI red teams find hidden flaws before attackers do

Jul 29, 2025 9:28 AM

Tags: access, ai, api, attack, authentication, ceo, computer, control, cyber, data, data-breach, exploit, flaw, guide, hacker, identity, infrastructure, injection, LLM, malicious, microsoft, psychology, RedTeam, risk, service, skills, social-engineering, sql, technology, threat, tool, training, vulnerability

A red teaming sequence in action Connor Tumbleson, director of engineering at Sourcetoad, breaks down a common AI pen testing workflow: Prompt extraction: Use known tricks to reveal hidden prompts or system instructions. “That’s going to give you details to go further.”Endpoint targeting: Bypass frontend logic and directly access the model’s backend interface. “We’re hitting…
Cervantes: Open-source, collaborative platform for pentesters and red teams

Jul 23, 2025 9:12 PM

Tags: open-source, RedTeam, vulnerability

Cervantes is an open-source collaborative platform built for pentesters and red teams. It offers a centralized workspace to manage projects, clients, vulnerabilities, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/23/cervantes-open-source-collaborative-platform-pentesters-red-teams/
Red Teaming AI Systems: Why Traditional Security Testing Falls Short

Jul 16, 2025 9:40 PM

Tags: ai, data, data-breach, LLM, RedTeam, tool

What if your AI-powered application leaked sensitive data, generated harmful content, or revealed internal instructions and none of your security tools caught it? This isn’t hypothetical. It’s happening now and exposing critical gaps in how we secure modern AI systems. When AI systems like LLMs, agents, or AI-driven applications reach production, many security teams.. First…
Octalyn Stealer Harvests VPN Configs, Passwords, and Cookies in Organized Folder Structure

Jul 15, 2025 3:40 PM

Tags: credentials, cyber, github, organized, password, RedTeam, tool, vpn

The Octalyn Forensic Toolkit, which is openly accessible on GitHub, has been revealed as a powerful credential stealer that poses as a research tool for red teaming and digital forensics. This is a worrying development for cybersecurity. Developed with a C++-based payload module and a Delphi-built graphical user interface (GUI) builder, the toolkit lowers the…
AI poisoning and the CISO’s crisis of trust

Jul 15, 2025 10:40 AM

Tags: access, ai, breach, ceo, ciso, compliance, control, cybersecurity, data, defense, detection, disinformation, exploit, framework, healthcare, identity, infosec, injection, LLM, monitoring, network, privacy, RedTeam, resilience, risk, russia, saas, threat, tool, training

Foundation models began parroting Kremlin-aligned propaganda after ingesting material seeded by a large-scale Russian network known as the “Pravda Network.”A high-profile AI-generated reading list published by two American news outlets included 10 hallucinated book titles mistakenly attributed to real authors.Researchers showed that imperceptible perturbations in training images could trigger misclassification. Researchers in the healthcare domain demonstrated…
Why skipping security prompting on Grok’s newest model is a huge mistake

Jul 14, 2025 10:40 PM

Tags: ai, RedTeam

An AI red-teaming company found that xAI’s Grok 4 is “not suitable for enterprises” without substantial security prompting. First seen on cyberscoop.com Jump to article: cyberscoop.com/grok4-security-flaws-prompts-splxai-research/
MCP is fueling agentic AI, and introducing new security risks

Jul 10, 2025 9:40 AM

Tags: access, ai, api, attack, authentication, best-practice, ceo, cloud, corporate, cybersecurity, gartner, injection, LLM, malicious, monitoring, network, office, open-source, penetration-testing, RedTeam, risk, service, supply-chain, technology, threat, tool, vulnerability

Mitigating MCP server risks: When it comes to using MCP servers there’s a big difference between developers using it for personal productivity and enterprises putting them into production use cases.Derek Ashmore, application transformation principal at Asperitas Consulting, suggests that corporate customers don’t rush on MCP adoption until the technology is safer and more of the…
A Practical Guide to Building a Red Teaming Strategy for AI

Jul 9, 2025 6:39 PM

Tags: ai, guide, RedTeam, strategy

Start your red teaming journey with intent, not ambition. Designate a lead with both AI literacy and a security mindset. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/a-practical-guide-to-building-a-red-teaming-strategy-for-ai/
Hackers weaponize Shellter red teaming tool to spread infostealers

Jul 9, 2025 6:39 PM

Tags: hacker, malware, RedTeam, threat, tool

Hackers are abusing the legitimate red teaming tool Shellter to spread stealer malware after a licensed copy was leaked. Elastic Security Labs has identified several malware campaigns using the commercial AV/EDR evasion tool SHELLTER. The tool was originally built for legitimate red team operations, however, threat actors have now adopted it to bypass security measures…
Hackers ‘Shellter’ Various Stealers in Red-Team Tool to Evade Detection

Jul 8, 2025 8:34 PM

Tags: detection, hacker, malware, RedTeam, tool

Researchers have uncovered multiple campaigns spreading Lumma, Arechclient2, and Rhadamanthys malware by leveraging key features of the AV/EDR evasion framework. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/hackers-shellter-red-team-tool-evade-detection
Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware

Jul 8, 2025 8:34 PM

Tags: data-breach, exploit, hacker, malicious, malware, RedTeam, software, threat, tool

In yet another instance of threat actors repurposing legitimate tools for malicious purposes, it has been discovered that hackers are exploiting a popular red teaming tool called Shellter to distribute stealer malware.The company behind the software said a company that had recently purchased Shellter Elite licenses leaked their copy, prompting malicious actors to weaponize the…
Hackers ‘Shellter’ Various Stealers in Red Team Tool to Evade Detection

Jul 8, 2025 5:34 PM

Tags: detection, hacker, malware, RedTeam, tool

Researchers have uncovered multiple campaigns spreading Lumma, Arechclient2, and Rhadamanthys malware by leveraging key features of the AV/EDR evasion framework. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/hackers-shellter-red-team-tool-evade-detection
Red Team Tool Developer Shellter Admits ‘Misuse’ by Adversaries

Jul 8, 2025 12:34 PM

Tags: RedTeam, threat, tool

The company behind AV/EDR evasion tool Shellter has confirmed the product is being used by threat actors First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/red-team-tool-dev-shellter-misuse/
Hackers abuse leaked Shellter red team tool to deploy infostealers

Jul 7, 2025 5:34 PM

Tags: attack, data-breach, hacker, penetration-testing, RedTeam, tool

Shellter Project, the vendor of a commercial AV/EDR evasion loader for penetration testing, confirmed that hackers used its Shellter Elite product in attacks after a customer leaked a copy of the software. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-abuse-leaked-shellter-red-team-tool-to-deploy-infostealers/
How cybersecurity leaders can defend against the spur of AI-driven NHI

Jul 2, 2025 10:34 AM

Tags: access, ai, attack, automation, breach, business, ciso, cloud, credentials, cybersecurity, data, data-breach, email, exploit, framework, gartner, governance, group, guide, identity, infrastructure, least-privilege, LLM, login, monitoring, password, phishing, RedTeam, risk, sans, service, software, technology, tool, vulnerability

Visibility Yageo Group had so many problematic machine identities that information security operations manager Terrick Taylor says he is almost embarrassed to say this, even though the group has now automated the monitoring of both human and non-human identities and has a process for managing identity lifecycles. “Last time I looked at the portal, there…
OneClik Red Team Campaign Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors

Jul 1, 2025 1:34 PM

Tags: backdoor, china, cybersecurity, microsoft, RedTeam, software, technology, threat

Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft’s ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and gas sectors.”The campaign exhibits characteristics aligned with Chinese-affiliated threat actors, though attribution remains cautious,” Trellix researchers Nico Paulo First seen on thehackernews.com Jump to article: thehackernews.com/2025/06/oneclik-malware-targets-energy-sector.html
AI supply chain threats loom, as security practices lag

Jul 1, 2025 10:34 AM

Tags: access, ai, attack, breach, cloud, computing, data, defense, exploit, framework, group, guide, least-privilege, LLM, malicious, mitigation, monitoring, RedTeam, risk, software, supply-chain, threat, tool, unauthorized

Security tools still catching up to AI supply chain risks: “Most tools today aren’t fully equipped to scan AI models or prompts for malicious code, and attackers are already exploiting that gap,” Sonatype’s Fox says. “While some early solutions are emerging, organizations shouldn’t wait. They need to extend existing security policies to cover these new…