Tag: sans

Poisoned truth: The quiet security threat inside enterprise AI

May 6, 2026 11:48 AM

Tags: access, ai, attack, breach, ciso, control, crowdstrike, data, finance, github, governance, ibm, infrastructure, leak, LLM, risk, sans, service, supply-chain, threat, training

It takes surprisingly little poison to corrupt: Bad internal data is the immediate problem. But the external supply chain may be even harder to control.Research by Anthropic, the UK AI Security Institute, and the Alan Turing Institute discovered that as few as 250 maliciously crafted documents can poison LLMs of any size.That creates a massive…
Skills Gap Top CISO Concern, Says New SANS Survey

May 5, 2026 11:47 PM

Tags: ciso, cybersecurity, sans, skills

Security Leaders Face Gaps, Not in Their Org Charts, But in Their Team’s Skills. Concerns about the skills and capabilities of cybersecurity teams have for the first time overtaken worries about headcount and unfilled vacancies among CISOs, according to a new SANS survey. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/skills-gap-top-ciso-concern-says-new-sans-survey-a-31603
‘Trivial’ exploit can give attackers root access to Linux kernel

May 1, 2026 5:39 AM

Tags: access, ai, attack, business, cloud, container, cve, data, exploit, flaw, github, gitlab, Hardware, incident response, iot, korea, kubernetes, linux, malware, monitoring, remote-code-execution, risk, risk-assessment, saas, sans, software, supply-chain, theft, threat, unauthorized, update, vulnerability

), which lets users easily obtain root access, there isn’t much CSOs can do, says Johannes Ullrich, dean of research at the SANS Institute, as long as they have monitoring for privilege escalation already in place.With root access, a threat actor can do anything to a system, from data theft to data erasure.”The CopyFail vulnerability…
Gemeinsam gegen unsichtbare Angriffe: SANS Institute startet Hackathon

Apr 24, 2026 3:39 PM

Tags: cyberattack, sans

Dass der Ansatz funktioniert, zeigt sich bereits in ersten Tests. Doch es gibt ein Problem: Die Systeme produzieren noch zu viele Fehlalarme. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/gemeinsam-gegen-unsichtbare-angriffe-sans-institute-startet-hackathon/a44767/
Sans Institute preps live systems for Nato cyber exercise

Apr 21, 2026 9:39 PM

Tags: blueteam, cyber, sans, training

Cyber training body the Sans Institute is preparing live power generation IT and OT systems for Nato’s annual Locked Shields blue team exercise, which this year appears more relevant than ever First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642012/Sans-Institute-preps-live-systems-for-Nato-cyber-exercise
Claude Mythos ist der Hype gerechtfertigt?

Apr 20, 2026 12:38 PM

Tags: ai, bug, cve, cybersecurity, data, exploit, linux, openai, sans, technology, update, vulnerability

Claude Mythos wird derzeit von ausgesuchten Organisationen getestet in erster Linie großen Tech-Konzernen aus den USA.Anthropic | ScreenshotDer Hype um Anthropics Security-Modell Mythos bekommt erste Risse: Während KI-Konkurrent OpenAI plant, mit einem eigenen Cybersecurity-fokussierten KI-Modell ‘entgegenzuwirken”, stellen die Sicherheitsexperten von VulnCheck in einer aktuellen Untersuchung die praktischen Auswirkungen von Claude Mythos, respektive ‘Project Glasswing” in…
Behind the Mythos hype, Glasswing has just one confirmed CVE

Apr 17, 2026 12:48 AM

Tags: ai, control, cve, exploit, sans, technology, update

Why is Glasswing still a big deal: VulnCheck’s findings reframe Glasswing’s capabilities. The limited number of directly attributable CVEs is just one way of measuring its impact. Industry observers are interpreting Mythos much differently.Melissa Bischoping, a SANS Technology Institute board member and senior Director of security and product research at Tanium, thinks Mythos potential lies…
Spontane Reaktion auf Mythos: SANS Institute veröffentlicht mit Partnern kostenloses Strategie-Briefing

Apr 15, 2026 12:52 AM

Tags: sans, strategy

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/reaktion-mythos-sans-institute-partner-strategie-briefing
prompted 2026 SIFT-FIND EVIL! I Gave Claude Code ROOt On DFIR SIFT Workstation

Apr 14, 2026 6:52 PM

Tags: ai, sans

Author, Creator & Presenter: Rob T. Lee, Chief AI Officer (CAIO), Chief of Research, SANS Institute Our thanks to [un]prompted for publishing their Creators, Authors and Presenter’s outstanding [un]prompted 2026 AI Security Practitioner content on the Organizations’ YouTube Channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/unprompted-2026-sift-find-evil-i-gave-claude-code-root-on-dfir-sift-workstation/
Strategie-Briefing des SANS Institute Reaktion auf die Fähigkeiten von Anthropics Claude-Mythos

Apr 14, 2026 5:52 PM

Tags: ai, ciso, cloud, framework, sans, strategy, vulnerability

Das SANS Institute und die Cloud Security Alliance (CSA) veröffentlichen gemeinsam mit [un]prompted und dem OWASP GenAI Security Project den Report ‘The AI Vulnerability Storm: Building a Mythos-Ready Security Program”. Dieses kostenlose Strategie-Briefing gibt CISOs und Sicherheitsverantwortlichen ein umsetzbares Framework an die Hand, um auf das immer schneller werdende Tempo der Entdeckung und Ausnutzung von…
Hackers have been exploiting an unpatched Adobe Reader vulnerability for months

Apr 10, 2026 1:52 AM

Tags: access, adobe, attack, ciso, control, data, email, exploit, hacker, incident response, malicious, malware, monitoring, resilience, risk, sans, software, technology, threat, tool, update, vulnerability

A high risk exploit: Kellman Meghu, chief technology officer at Canadian incident response firm DeepCove Security, called the exploit “a very high risk.”So far it looks as though this particular malware just exfiltrates data, he said. But it implies there is an ability or capability to turn it into a vehicle for remote code execution.…
Qualifikationslücken in der Cybersicherheit haben stärkere Auswirkungen als der Fachkräftemangel

Apr 10, 2026 12:52 AM

Tags: cyersecurity, sans

Das SANS Institute stellt die Ergebnisse des <> vor. Die Cybersicherheitsbranche hat ein größeres Problem als nur den Personalmangel: Die bestehenden Mitarbeiter verfügen nicht über die erforderlichen Kompetenzen, um den heutigen Bedrohungen zu begegnen. Auf der Grundlage von Antworten von fast 1.000 Fachleuten, Führungskräften und Personalverantwortlichen aus sechs Regionen weltweit zeigt […] First seen on…
Governance Gaps Emerge as AI Agents Drive 76% Increase in NHIs

Apr 9, 2026 12:52 PM

Tags: ai, governance, sans

SANS Institute reveals that AI agents are behind a 76% surge in non-human identities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/governance-gaps-agents-76-increase/
Die fünf gefährlichsten Angriffstechniken 2026

Apr 1, 2026 11:29 AM

Tags: sans

Seit mehr als einem Jahrzehnt gilt die Keynote des SANS Institutes als ein zuverlässiges Frühwarnsystem der Sicherheitsbranche. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/5-gefaehrlichste-angriffstechniken-2026
2026 SANS Identity Threats Report: Why Attacks Still Work

Mar 31, 2026 8:30 PM

Tags: access, attack, control, credentials, identity, sans, threat

SANS findings highlight the real issue, compromised credentials enable access long before traditional security controls detect a problem. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/2026-sans-identity-threats-report-why-attacks-still-work/
Download: 2026 SANS Identity Threats Defenses Survey

Mar 31, 2026 3:29 PM

Tags: defense, identity, sans, threat

New research from the 2026 SANS Identity Threats Defenses Survey shows that 55% of organizations experienced an identity-related compromise last year, while 26% … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/31/enzoic-2026-sans-identity-threats-defenses-survey/
Die fünf gefährlichsten Angriffstechniken in 2026 basieren allesamt auf künstlicher Intelligenz

Mar 25, 2026 4:47 PM

Tags: conference, sans, technology

Seit mehr als einem Jahrzehnt gilt die Keynote des SANS Institutes auf der RSA Conference als das zuverlässigste Frühwarnsystem der Sicherheitsbranche. Sie deckt Angriffstechniken auf, die die Bedrohungslandschaft prägen, noch bevor die meisten Unternehmen damit konfrontiert werden. Die diesjährige Veranstaltung, moderiert von Ed Skoudis, Präsident des SANS Technology Institute, sendet ein wichtiges Signal aus: Zum ersten…
Top 5 Most Dangerous New Attack Techniques to Watch

Mar 25, 2026 4:47 PM

Tags: attack, sans

For the first time, SANS Institute’s five top attack techniques all have one thing in common AI. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/sans-most-dangerous-attack-techniques
Announcing the 2026 CSO Hall of Fame honorees

Mar 11, 2026 11:46 AM

Tags: ai, ceo, cio, ciso, corporate, cyber, cybersecurity, finance, google, group, infrastructure, international, jobs, resilience, risk, risk-management, sans, technology

Selim Aissi, CEO & CSO, AGARobert S. Allen, Global CISO & Responsible AI Officer, GallagherMohit Chanana, CISO, Chevron Phillips ChemicalEdna Conway, Chief Operations & Risk Officer, TPO GroupJuan Gomez-Sanchez, VP, Cyber Resilience, McLane Company, Inc.Gary Harbison, Global CISO, Johnson & JohnsonMalcolm Harkins, Chief Security & Trust Officer, HiddenLayerBarry Hensley, CSO, Brown & BrownShaun Khalfan, SVP,…
13 Fragen gegen Drittanbieterrisiken

Feb 18, 2026 5:58 AM

Tags: access, api, ceo, ciso, cloud, cyberattack, cyersecurity, detection, firewall, identity, incident response, infrastructure, ISO-27001, mfa, monitoring, password, PCI, risk, saas, sans, service, social-engineering, software, threat, update, vulnerability

Drum prüfe”¦Die zunehmende Abhängigkeit von IT-Dienstleistern und Software von Drittanbietern vergrößert die Angriffsfläche von Unternehmen erheblich. Das wird auch durch zahlreiche Cyberattacken immer wieder unterstrichen. Zwar lassen sich die Risiken in Zusammenhang mit Third-Party-Anbietern nicht gänzlich beseitigen, aber durchaus reduzieren. Dabei sollten Sicherheitsentscheider eine zentrale Rolle spielen, wie Randy Gross, CISO bei CompTIA, erklärt: “CISOs…
Hackers turn bossware against the bosses

Feb 13, 2026 5:58 AM

Tags: access, advisory, attack, awareness, computer, control, corporate, cybersecurity, data, email, endpoint, hacker, identity, infosec, infrastructure, malicious, mfa, monitoring, network, phishing, ransomware, risk, sans, software, tool, training, unauthorized, vulnerability

Ensure these risks are catalogued: Johannes Ullrich, dean of research at the SANS Institute, said this report is an example of how corporate IT teams build infrastructure that attackers then abuse. It’s known that employee monitoring software and security software have been misused like this in the past, he said. He pointed out that software…
EU Envisions Military Data Sharing Sans US Tech

Feb 6, 2026 11:13 PM

Tags: data, infrastructure, military, sans, switch

‘Kill Switch’ Fears Drive EU Tech Sovereignty Push. Europe is quietly planning to set up a secure military data-sharing platform – without U.S.-made technology. Discussions about the need for more European tech infrastructure have heavily accelerated in recent months, although there’s debate about whether the EU can really replace U.S. hyperscalers. First seen on govinfosecurity.com…
4 issues holding back CISOs’ security agendas

Jan 27, 2026 9:21 AM

Tags: access, ai, application-security, attack, business, ciso, cloud, compliance, control, cyber, cybersecurity, data, endpoint, framework, governance, intelligence, jobs, monitoring, network, resilience, risk, risk-assessment, risk-management, sans, service, skills, strategy, technology, threat, tool, training, vulnerability, vulnerability-management

2. Inability to keep pace with AI innovation and adoption: Executives and employees alike have been rushing to adopt artificial intelligence, enticed by expectations that AI will transform workflows and save time, money, and effort.But CISOs for the most part have not kept pace with their business colleagues’ rate of AI adoption.According to a survey…
13 cyber questions to better vet IT vendors and reduce third-party risk

Jan 21, 2026 9:13 AM

Tags: access, api, attack, authentication, automation, best-practice, breach, business, ceo, ciso, cloud, compliance, control, credentials, credit-card, cyber, cyberattack, cybercrime, cybersecurity, data, detection, endpoint, exploit, extortion, firewall, healthcare, identity, incident response, infrastructure, insurance, international, ISO-27001, jobs, least-privilege, mfa, monitoring, network, nist, password, PCI, penetration-testing, radius, ransomware, risk, saas, sans, security-incident, service, supply-chain, threat, update, vpn, vulnerability

Vital vendor questions CISOs should ask: To gain that critical information, security leaders and experts recommend CSOs ask IT partners the following cyber-specific questions. 1. What attestation will you provide to prove proper security controls are in place? These are essential, says Juan Pablo Perez-Etchegoyen, CTO for cybersecurity and compliance platform Onapsis. Some of the…
13 cyber questions to better vet IT vendors and reduce third-party risk

Jan 21, 2026 9:13 AM

Tags: access, api, attack, authentication, automation, best-practice, breach, business, ceo, ciso, cloud, compliance, control, credentials, credit-card, cyber, cyberattack, cybercrime, cybersecurity, data, detection, endpoint, exploit, extortion, firewall, healthcare, identity, incident response, infrastructure, insurance, international, ISO-27001, jobs, least-privilege, mfa, monitoring, network, nist, password, PCI, penetration-testing, radius, ransomware, risk, saas, sans, security-incident, service, supply-chain, threat, update, vpn, vulnerability

Vital vendor questions CISOs should ask: To gain that critical information, security leaders and experts recommend CSOs ask IT partners the following cyber-specific questions. 1. What attestation will you provide to prove proper security controls are in place? These are essential, says Juan Pablo Perez-Etchegoyen, CTO for cybersecurity and compliance platform Onapsis. Some of the…
Three vulnerabilities in Anthropic Git MCP Server could let attackers tamper with LLMs

Jan 21, 2026 6:16 AM

Tags: access, ai, api, attack, ciso, control, data, defense, infosec, injection, least-privilege, LLM, malicious, sans, service, threat, tool, vulnerability

mcp-server-git versions prior to 2025-12.18.The three vulnerabilities are·CVE-2025-68143, an unrestricted git_init.·CVE-2025-68145, a path validation bypass.·CVE-2025-68144, an argument injection in git_diff.Unlike other vulnerabilities in MCP servers that required specific configurations, these work on any configuration of Anthropic’s official server, out of the box, Cyata says.Model Context Protocol (MCP) is an open standard introduced by Anthropic in 2024 to…
SANS Institute sieht 2026 als Jahr der Vertrauenskrise in digitale Services

Jan 9, 2026 11:01 AM

Tags: ai, sans, service, tool

KI-Systeme werden schon bald automatisch Einkäufe tätigen, Nachrichten versenden, Logistik koordinieren und Teile des digitalen Lebens verwalten können. Wenn jedoch ein KI-Tool fehlschlägt oder eine schädliche Entscheidung trifft, liegt die Verantwortung möglicherweise nicht beim Unternehmen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sans-institute-sieht-2026-als-jahr-der-vertrauenskrise-in-digitale-services/a43305/
Cisco identifies vulnerability in ISE network access control devices

Jan 9, 2026 5:01 AM

Tags: access, advisory, breach, cisco, control, credentials, cvss, data, exploit, firewall, google, identity, malicious, network, sans, theft, vulnerability

rotate ISE credentials for those with existing and approved access;ensure only those who need access have credentials;reduce the number of devices that can access the ISE server;patch as soon as it’s possible to take the server offline.In its notice to customers, Cisco says a vulnerability [CVE-2026-20029] in the licensing features of ISE and Cisco ISE…
Top cyber threats to your AI systems and infrastructure

Jan 8, 2026 9:01 AM

Tags: ai, api, attack, best-practice, business, chatgpt, ciso, cloud, cyber, cybersecurity, data, defense, detection, exploit, framework, governance, hacker, infrastructure, injection, intelligence, LLM, malicious, mitre, monitoring, open-source, RedTeam, risk, sans, service, skills, software, strategy, supply-chain, tactics, theft, threat, tool, training, unauthorized, usa, vulnerability

Data poisoning Data poisoning is a type of attack in which bad actorsmanipulate, tamper with, and pollute the data used to develop or train AI systems, including machine learning models. By corrupting the data or introducing faulty data, attackers can alter, bias, or otherwise render inaccurate a model’s performance.Imagine an attack that tells a model…
Holes in Veeam Backup suite allow remote code execution, creation of malicious backup config files

Jan 8, 2026 5:01 AM

Tags: access, backup, credentials, cve, cvss, cybersecurity, data, exploit, jobs, malicious, monitoring, password, ransomware, remote-code-execution, risk, risk-management, sans, threat, update, veeam, vulnerability

CVE-2025-59470 (with a CVSS score of 9) allows a Backup or Tape Operator to perform remote code execution (RCE) as the Postgres user by sending a malicious interval or order parameter;CVE-2025-59469 (with a severity score of 7.2) allows a Backup or Tape Operator to write files as root;CVE-2025-55125 (with a severity score of 7.2) allows a Backup…