Tag: sans

How AI is reshaping cybersecurity operations

Aug 25, 2025 9:54 AM

Tags: access, ai, attack, business, ciso, cloud, control, cyber, cybersecurity, data, defense, detection, encryption, finance, gartner, governance, guide, hacker, infrastructure, intelligence, jobs, malware, microsoft, monitoring, phishing, regulation, resilience, risk, sans, service, skills, soc, strategy, supply-chain, technology, threat, tool, training, update

Because AI can perform tasks at speeds that supersede human capacity, it exponentially scales the amount of work that a cybersecurity function can do, says Rob T. Lee, chief of research for AI and emerging threats and head of faculty at SANS Institute.Moreover, AI excels at doing repetitive tasks near perfectly every time, so it…
Security Awareness Report des SANS Institut – Mit Strategie und KI zu wirksamer Security Awareness

Aug 21, 2025 4:54 PM

Tags: ai, awareness, sans, strategy

First seen on security-insider.de Jump to article: www.security-insider.de/social-engineering-groesste-cybergefahr-fuer-unternehmen-a-82732e47bc023377fbdaa8c1f2e06cc6/
SANS Security Awareness Report zeigt, Mensch bleibt wichtigster Angriffsvektor

Aug 18, 2025 1:54 PM

Tags: awareness, sans

Der Report basiert auf der bisher größten SANS-Umfrage mit Beiträgen von mehr als 2700 Security-Awareness-Praktikern aus über 70 Ländern. Damit liefert er die umfassendste und aufschlussreichste Analyse seit Bestehen der Studie. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sans-security-awareness-report-zeigt-mensch-bleibt-wichtigster-angriffsvektor/a41728/
Hybrid Exchange environment vulnerability needs fast action

Aug 7, 2025 10:11 PM

Tags: access, ai, attack, authentication, china, cloud, cve, exploit, malicious, mfa, microsoft, office, risk, sans, service, strategy, update, vulnerability, windows

if they haven’t already done so, install the Hot Fix released April 18, or any newer release, on their on-premises Exchange servers and follow the configuration instructions outlined in the document Deploy dedicated Exchange hybrid app. For additional details, they should refer to Exchange Server Security Changes for Hybrid Deployments;then reset the service principal’s keyCredentials. That reset should be…
How bright are AI agents? Not very, recent reports suggest

Aug 1, 2025 5:28 AM

Tags: access, ai, api, attack, authentication, awareness, business, control, data, exploit, flaw, framework, google, guide, identity, injection, lessons-learned, LLM, malicious, microsoft, sans, service, sql, tactics, technology, vulnerability, windows

CSOs should ‘skip the fluff’: Meghu’s advice to CSOs: Stop reading the marketing and betting too much of your business on AI/LLM technology as it exists today. Start small and always have a human operator to guide it.”If you skip the fluff and get to the practical application, we have a new technology that could…
SANS Institute startet Training für ICS/OT-Penetrationstests

Jul 17, 2025 10:40 AM

Tags: sans, tool, training

ICS613 vermittelt den Teilnehmern die Denkweise, Methoden und Tools, die sie benötigen, um Sicherheitsbewertungen in Umgebungen durchzuführen, in denen Verfügbarkeit, Sicherheit und Zuverlässigkeit unverzichtbar sind. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sans-institute-startet-training-fuer-ics-ot-penetrationstests/a41420/
Nvidia-GPUs anfällig für Rowhammer-Angriffe

Jul 16, 2025 4:40 PM

Tags: access, ai, cloud, cyberattack, data, exploit, injection, nvidia, sans, software, vulnerability

Cyberkriminelle könnten über einen Rowhammer-Angriff auf Nvidia-GPUs zugreifen.Nvidia hat kürzlich eine Sicherheitswarnung an Anwendungsentwickler, Computerhersteller und IT-Verantwortliche herausgegeben, dass moderne Speicherchips in Grafikprozessoren potenziell anfällig für sogenannte Rowhammer-Exploits sind. Bereits zuvor hatten kanadische Universitätsforscher nachgewiesen, dass eine Nvidia A6000 GPU mit einem ähnlichen Angriff erfolgreich kompromittiert werden kann.Bei einem Rowhammer-Angriff handelt es sich um eine…
Hunters International shuts ransomware operations, reportedly becomes an extortion-only gang

Jul 3, 2025 11:35 PM

Tags: extortion, group, international, ransomware, sans

This story has been updated with comments from the SANS Institute and KnowBe4.Next read this:The most notorious and damaging ransomware of all timeRansomware recovery: 8 steps to successfully restore from backupThe dirty dozen: 12 worst ransomware groups active todayThe state of ransomware: Faster, smarter, and meanerRansomware gangs extort victims 17 hours after intrusion on average>>…
How cybersecurity leaders can defend against the spur of AI-driven NHI

Jul 2, 2025 10:34 AM

Tags: access, ai, attack, automation, breach, business, ciso, cloud, credentials, cybersecurity, data, data-breach, email, exploit, framework, gartner, governance, group, guide, identity, infrastructure, least-privilege, LLM, login, monitoring, password, phishing, RedTeam, risk, sans, service, software, technology, tool, vulnerability

Visibility Yageo Group had so many problematic machine identities that information security operations manager Terrick Taylor says he is almost embarrassed to say this, even though the group has now automated the monitoring of both human and non-human identities and has a process for managing identity lifecycles. “Last time I looked at the portal, there…
Cisco warns of critical API vulnerabilities in ISE and ISE-PIC

Jun 27, 2025 5:36 AM

Tags: access, ai, api, application-security, attack, authentication, automation, best-practice, business, ceo, cisco, ciso, cloud, communications, control, credentials, data, defense, email, endpoint, exploit, firewall, flaw, framework, guide, Hardware, incident response, malicious, microsoft, mobile, network, penetration-testing, programming, risk, router, saas, sans, service, software, threat, update, vpn, vulnerability, waf

root user.The fault behind both vulnerabilities: Holes in application programming interfaces (APIs).”Take this vulnerability seriously,” said Moses Frost, senior course instructor on cloud penetration testing at the SANS Institute. “In my experience assessing networks, I have found through testing that many lack essential patches and security hardening on their core network devices. I have seen Cisco…
LLMs hype versus reality: What CISOs should focus on

Jun 25, 2025 9:35 AM

Tags: ai, attack, backdoor, breach, business, chatgpt, ciso, cloud, control, corporate, cyber, cybercrime, cybersecurity, data, finance, governance, LLM, malware, monitoring, network, open-source, risk, risk-management, sans, service, software, supply-chain, technology, threat, tool, vulnerability

not using AI even though there is a lot of over-hype and promise about its capability. That said, organizations that don’t use AI will get left behind. The risk of using AI is where all the FUD is.”In terms of applying controls, rinse, wash, and repeat the processes you followed when adopting cloud, BYOD, and…
Ungepatchte Lücken ermöglichen Übernahme von GitLab-Konten

Jun 13, 2025 11:54 AM

Tags: access, authentication, best-practice, bug, ceo, ciso, cve, cvss, cyberattack, dos, github, gitlab, incident response, injection, jobs, mfa, password, risk, sans, service, software, update, vulnerability

Experten warnen vor einem neuen Bug in GitLab.Eine neue Sicherheitslücke in der Ultimate Enterprise Edition von GitLab ist laut einem Experten ‘gefährlich” und muss schnell gepatcht werden.Die Schwachstelle mit der Bezeichnung CVE-2025-5121 ist eine von zehn, die GitLab am Mittwoch bei der Veröffentlichung von Bugfixes und Sicherheits-Updates für selbstverwaltete Installationen beschrieben hat.’Wir empfehlen dringend, alle…
Threat Actors Using Bat Files to Deploy Quasar RAT

Jun 12, 2025 6:54 PM

Tags: access, control, cyber, infection, rat, sans, threat

Remote Access Trojans (RATs)like Quasar have been a persistent threat for years, enabling attackers to control infected systems remotely. Recent SANS research has uncovered a new and particularly stealthy Quasar campaign, characterized by strong obfuscation and an innovative anti-sandbox technique. The infection begins with a batch (.bat) script attached to a seemingly harmless document. When…
2025 CSO Hall of Fame honorees

Jun 12, 2025 5:54 PM

Tags: ceo, cio, ciso, corporate, cybersecurity, finance, google, group, infrastructure, international, jobs, risk, risk-management, sans, technology

Meg Anderson, VP & CISO (retired), Principal Financial Group Bob Bruns, CISO, Avanade Jonathan Chow, CISO, Genesys Mignona Cote, CISO, Infor Laura Deaner, Managing Director, CISO, The Depository Trust & Clearing Corporation (DTCC) George Finney, CISO, University of Texas System Michael Gordon, SVP & CISO, McDonald’s Ron Green, Cybersecurity Fellow/Former CSO, Mastercard Shawn Henry, CSO, CrowdStrike Todd Lukens, SVP, Security & Infrastructure, Nationwide Rishi Tripathi,…
SANS Institute stärkt Präsenz in der DACH-Region: Ronald Mol wird neuer Director

Jun 11, 2025 10:55 AM

Tags: germany, sans

In dieser Rolle übernimmt er die Verantwortung für alle Geschäftsaktivitäten in Deutschland, Österreich und der Schweiz mit dem klaren Ziel, die Präsenz des Instituts weiter auszubauen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sans-institute-staerkt-praesenz-in-der-dach-region-ronald-mol-wird-neuer-director/a41112/
Die wertvollsten Security-Zertifizierungen

May 28, 2025 6:54 AM

Tags: access, ai, blockchain, china, cisa, cisco, cloud, compliance, control, cyberattack, cybersecurity, data, DSGVO, endpoint, framework, germany, governance, hacker, hacking, identity, incident response, injection, international, jobs, kali, linux, monitoring, network, password, penetration-testing, privacy, resilience, risk, risk-management, sans, security-incident, service, siem, skills, social-engineering, sql, threat, usa, vulnerability, windows

Zertifizierte IT-Sicherheitsprofis sind (unter anderem) gefragter und verdienen besser.(Cybersecurity-)Zertifizierungen können eine aktienähnliche Volatilität entfalten: Ihre Popularität kann steigen oder auch fallen und sie können an Relevanz verlieren, wenn sie nicht mit den aktuellen Branchenentwicklungen Schritt halten. Allerdings sind davon nicht alle Zertifizierungen gleichermaßen betroffen: Sogenannte “Blue Chips” haben sich über den Lauf der Zeit bewährt…
Top 5 der gefährlichsten neuen Angriffstechniken

May 20, 2025 6:54 PM

Tags: conference, cyersecurity, sans, technology

Das SANS Institute stellte im Rahmen der RSA-Conference die Top 5 der kritischen Angriffsvektoren im Bereich der Cybersicherheit vor. Unter der Moderation von Ed Skoudis, dem Präsidenten des SANS Technology Institute, beleuchteten führende SANS-Experten wie die Angreifer sowohl ihre technische Raffinesse als auch ihre Auswirkungen auf den Geschäftsbetrieb ausweiten. Die folgenden fünf Angriffstechniken, die in…
Ransomware scum have put a target on the no man’s land between IT and operations

May 14, 2025 9:38 AM

Tags: defense, ransomware, sans

Defenses are weaker, and victims are more likely to pay, SANS warns First seen on theregister.com Jump to article: www.theregister.com/2025/05/14/ransomware_targets_middle_systems_sans/
Patch Tuesday for May: Five zero day vulnerabilities CISOs should focus on

May 14, 2025 5:41 AM

Tags: access, ai, authentication, awareness, business, ciso, cloud, control, cve, cvss, data, deep-fake, detection, dns, docker, email, exploit, flaw, injection, intelligence, Internet, malicious, microsoft, monitoring, network, office, phishing, ransomware, remote-code-execution, resilience, risk, sans, sap, service, software, theft, unauthorized, update, virus, vulnerability, vulnerability-management, windows, zero-day

A scripting engine memory corruption vulnerability (CVE-2025-30397) is a zero day being actively exploited. It enables remote code execution via type confusion in the Microsoft Scripting Engine. It affects Internet Explorer mode in Microsoft Edge, which is still widely used for legacy compatibility.”While user interaction is required, delivery through phishing links or emails remains a…
4 critical leadership priorities for CISOs in the AI era

May 14, 2025 1:38 AM

Tags: access, ai, application-security, awareness, best-practice, business, ciso, cloud, corporate, cybersecurity, data, endpoint, guide, jobs, law, risk, sans, strategy, threat, tool, training, usa

1. Guide the C-suite As businesses rush to implement AI effectively, CISOs can play an important role in guiding the C-suite on a variety of matters, starting with vetting AI use cases, Alexander says. “These are conversations with technologists, security, and the business. You can’t just jump into the AI game without really understanding what…
SANS Institute benennt Top 5 der gefährlichsten neuen Angriffstechniken

May 11, 2025 1:10 AM

Tags: sans

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/sans-top-5-angriffstechnik
FBI warns that end of life devices are being actively targeted by threat actors

May 10, 2025 5:10 AM

Tags: access, antivirus, attack, authentication, botnet, china, cisco, control, credentials, cve, data-breach, exploit, firewall, firmware, Hardware, identity, infection, intelligence, Internet, malware, network, password, router, sans, service, software, technology, threat, tool, update, vulnerability

Linksys E1200, E2500, E1000, E4200, E1500, E300, E3200, E1550, WRT320N, WRT310N, WRT610NCradlepoint E100Cisco M10Threat actors, notably Chinese state-sponsored actors, are successfully exploiting known vulnerabilities in routers exposed to the web through pre-installed remote management software, according to the FBI. They then install malware, set up a botnet, and sell proxy services or launch coordinated attacks.”The…
10 Kennzahlen, die CISOs weiterbringen

May 6, 2025 6:53 AM

Tags: awareness, business, ciso, compliance, corporate, cyber, detection, firewall, governance, incident response, infrastructure, Internet, risk, sans, threat, vulnerability, vulnerability-management

Geht es um Security-Kennzahlen, sollten CISOs sich auf das Wesentliche fokussieren. Die Security-Performance zu messen, gehört vielleicht nicht zu den aufregendsten Aufgaben eines CISOs kann allerdings sehr nützlich sein, um eine ganze Reihe von Herausforderungen zu bewältigen. Neben der Erkenntnis darüber, wie effektiv ihre Security-Bemühungen sind, können Sicherheitsentscheider mit den richtigen Kennzahlen unter anderem auch…
Hackers Weaponize Go Modules to Deliver Disk”‘Wiping Malware, Causing Massive Data Loss

May 3, 2025 7:50 PM

Tags: attack, cyber, cybersecurity, data, exploit, github, hacker, malicious, malware, programming, sans, supply-chain

Cybersecurity researchers uncovered a sophisticated supply chain attack targeting the Go programming language ecosystem in April 2025. Hackers have weaponized three malicious Go modules-github[.]com/truthfulpharm/prototransform, github[.]com/blankloggia/go-mcp, and github[.]com/steelpoor/tlsproxy-to deploy devastating disk-wiping malware. Leveraging the decentralized nature of Go’s module system, where developers directly import dependencies from public repositories like GitHub sans centralized gatekeeping, attackers exploit namespace…
Enterprises Need to Beware of These 5 Threats

May 2, 2025 5:52 AM

Tags: sans, threat

A panelist of SANS Institute leaders detailed current threats and provided actionable steps for enterprises to consider. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/enterprises-need-beware-five-threats
SANS Top 5: Cyber Has Busted Out of the SOC

May 2, 2025 1:50 AM

Tags: ai, cloud, cyber, cyberattack, ransomware, sans, soc

This year’s top cyber challenges include cloud authorization sprawl, ICS cyberattacks and ransomware, a lack of cloud logging, and regulatory constraints keeping defenders from fully utilizing AI’s capabilities. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/sans-top5-cyber-broken-out-soc
Bei der Krise um Cybertalente fehlt es nicht an der Anzahl sondern an den Kompetenzen

Apr 29, 2025 2:52 PM

Tags: cybersecurity, sans

Die aktuelle globale Studie von SANS und GIAC zum Cybersecurity Workforce Research Report 2025 stellt gängige Annahmen zur Talente-Krise in der IT-Sicherheit infrage. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/bei-der-krise-um-cybertalente-fehlt-es-nicht-an-der-anzahl-sondern-an-den-kompetenzen/a40622/
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution

Apr 17, 2025 12:28 PM

Tags: access, authentication, cve, cvss, network, sans, vulnerability

A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans any authentication under certain conditions.The vulnerability, tracked as CVE-2025-32433, has been given the maximum CVSS score of 10.0.”The vulnerability allows an attacker with network access to an Erlang/OTP SSH First…
SANS Institute erweitert Cloud Sicherheits-Portfolio mit AWS Secure Builder

Apr 14, 2025 10:33 AM

Tags: cloud, sans

Eine einzigartige Komponente des Kurses ist die AWS Secure Builder Micro-Zertifizierung von GIAC, die die Fähigkeit eines Teilnehmers zur Implementierung bewährter Sicherheitsverfahren in AWS-Umgebungen bestätigt. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sans-institute-erweitert-cloud-sicherheits-portfolio-mit-aws-secure-builder/a40489/
Targeted phishing gets a new hook with real-time email validation

Apr 10, 2025 3:06 PM

Tags: api, authentication, awareness, ciso, credentials, data-breach, defense, email, infosec, mail, password, phishing, sans, service, spam, spear-phishing, threat, training

‘A little bit of hype’: David Shipley, head of Canadian-based security awareness training firm Beauceron Security, said “there’s a little bit of hype” in giving the tactic a fancy name for what is in fact spear phishing, although, he admitted, it’s “rapid-fire spear phishing.”The reason, he said, is that “spray-and-pray” mass phishing campaigns today are…