Tag: tool
-
New GhostLock tool abuses Windows API to block file access
A security researcher has released a proof-of-concept tool named GhostLock that demonstrates how a legitimate Windows file API can be abused in attacks to block access to files stored locally or on SMB network shares. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-ghostlock-tool-abuses-windows-api-to-block-file-access/
-
Tables Turned: Gentlemen Ransomware Group Suffers Data Leak
Internal Communications Dumped Online, Revealing Fresh Victims, Repeat Tactics. Ransomware group The Gentlemen, a relative newcomer to the cybercrime scene, suffered a leak of its internal communications, revealing previously non-public victims, a variety of tactics, techniques and tools, and a relentless focus on popping backup and storage infrastructure. First seen on govinfosecurity.com Jump to article:…
-
Lyrie.ai Joins First Batch of Anthropic’s Cyber Verification Program
Tags: ai, attack, ceo, cyber, cybersecurity, exploit, framework, github, Hardware, identity, infrastructure, Internet, penetration-testing, RedTeam, risk, threat, tool, vulnerability, zero-dayIdentity, who the AI agent is.Scope, what it is authorized to do.Attestation, whether it or its instructions have been tampered with.Delegation, who delegated authority.Revocation, whether that authority has been revoked.”Every AI agent on the internet today is a stranger. You don’t know who it is, what it’s authorized to do, or whether it’s been tampered…
-
New ‘Dirty Frag’ exploit targets Linux kernel for root access
Tags: access, attack, control, cve, exploit, linux, malicious, microsoft, mitigation, monitoring, switch, tool, vulnerabilityAttackers are already exploiting Dirty Frag: Microsoft warned that Dirty Frag is already being actively exploited in the wild, primarily as a post-compromise privilege escalation tool. The company said attackers are using the vulnerability after obtaining an initial foothold on vulnerable Linux systems, allowing them to elevate privileges from a low-level user account to full…
-
AI security is repeating endpoint security’s biggest mistake
Tags: access, ai, api, automation, business, control, data, detection, edr, endpoint, governance, incident response, injection, LLM, monitoring, open-source, radius, risk, saas, sbom, soc, strategy, technology, threat, tool, updateMost AI security is still at the posture phase: Look at where most organizations are with AI security today. Model cards, AI-specific SBOMs, input and output filters, prompt injection guardrails and access controls around model APIs. These are valuable controls, but they reflect a posture-based approach. To truly enhance security, organizations must recognize the importance…
-
8 guiding principles for reskilling the SOC for agentic AI
Tags: ai, automation, business, ciso, cyber, cybersecurity, data, governance, incident response, jobs, penetration-testing, sans, skills, soc, technology, tool, training, update, vulnerability, vulnerability-managementSet the tone from the top: The second principle for reskilling security teams for agentic AI is all about leadership.As Baker says, CISOs must set the tone. That means building a culture of rapid experimentation, iteration, and innovation. “Fail fast and move forward,” he says.A key aspect of CISO leadership is understanding the needs of…
-
1,800+ MCP servers exposed without authentication: How zero trust can secure the AI agent revolution
Tags: ai, attack, authentication, breach, cloud, control, credentials, data, data-breach, defense, exploit, framework, governance, identity, infrastructure, Internet, LLM, malicious, monitoring, network, risk, service, supply-chain, threat, tool, vulnerability, zero-trustThe epistemological chasm: What renders MCP vulnerabilities particularly vexatious is the fundamental asymmetry they exploit between machine cognition and human oversight.Tool poisoning attacks insert malevolent instructions into tool metadata that LLMs process with complete fidelity but that remain utterly invisible to human operators. The machine perceives everything; its ostensible supervisors perceive nothing. We have unwittingly…
-
10 wichtige CloudTools für Unternehmenssicherheit und Audit-Bereitschaft
Cloud-Compliance im Jahr 2026 ist weit mehr ist als die Vorbereitung auf Audits: In hybriden und Multi-Cloud-Umgebungen wird sie zum zentralen Maßstab für operative Resilienz, Risikotransparenz und regulatorische Sicherheit. Unternehmen stehen unter wachsendem Druck, Anforderungen aus Frameworks wie NIST, ISO27001, SOC2, PC DSS, HIPAA, DSGVO, NIS2 und DORA kontinuierlich nachzuweisen und zwar in Echtzeit […]…
-
Hackerangriff auf Lernplattform Canvas
Am vergangenen Freitag wurde die bekannte Lernplattform Canvas zum Ziel eines Angriffs der Hackergruppe <>, die bereits mit ihrer Attacke auf den bekannten Spieleentwickler Rockstar Games auf sich aufmerksam machten. Zwei Sicherheitsexperten von Veeam Software ordnen diesen Vorfall ein und zeigen auf, wie Unternehmen SaaS-Tools wie Canvas absichern können und sollten. Dave Russell, SVP and…
-
Rustinel: Open-source endpoint detection for Windows and Linux
Open-source endpoint detection has long been split between Windows-focused tools built around Sysmon and Linux tools built around eBPF or auditd. Defenders running mixed … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/11/rustinel-open-source-endpoint-detection-windows-linux/
-
Hackers used AI to develop zero-day exploit for web admin tool
Researchers at Google Threat Intelligence Group (GTIG) say that a zero-day exploit targeting a popular open-source web administration tool was likely generated using AI. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-hackers-used-ai-to-develop-zero-day-exploit-for-web-admin-tool/
-
Legacy Security Tools Failing Data Protection, Capital One Software Report Finds
Traditional network security tools are undermining data protection, with Forrester and Capital One Software research warning AI adoption is impossible without rethinking data security First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/legacy-security-tools-are-failing/
-
AI-powered hacking has exploded into industrial-scale threat, Google says
Criminal groups and state-linked actors appear to be using commercial models to refine and scale up attacks<ul><li><a href=”https://viewer.gutools.co.uk/business/live/2026/may/11/uk-economy-job-losses-iran-war-oil-pound-bonds-politics-starmer-live-updates”>Business live latest updates</li></ul>In just three months, AI-powered hacking has gone from a nascent problem to an industrial-scale threat, according to a report from Google.The findings from Google’s threat intelligence group add to an intensifying, global discussion about…
-
New infosec products of the week: May 8, 2026
Here’s a look at the most interesting products from the past week LastPass, Operant AI, Sysdig, and VIAVI. Operant AI Endpoint Protector secures AI agents and MCP tools … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/08/new-infosec-products-of-the-week-may-8-2026/
-
The Privacy Risks of Embedded, Shadow AI in Healthcare
Artificial intelligence that is embedded in newer editions of software and other technology tools but is not explicitly revealed by vendors is a substantial risk on par with shadow AI, said regulatory attorney Elizabeth Hodge with the law firm Akerman LLP. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/privacy-risks-embedded-shadow-ai-in-healthcare-i-5546
-
Ollama vulnerability highlights danger of AI frameworks with unrestricted access
Tags: access, ai, api, authentication, credentials, framework, Internet, mitigation, network, tool, update, vulnerabilityMitigation: Users should update to Ollama version 0.17.1, which includes a patch for this vulnerability. More generally, they should deploy an authentication proxy or API gateway in front of all Ollama instances and never expose them to the internet without IP access filters and firewalls.”If your Ollama server was internet-accessible, assume environment variables and secrets…
-
Nation-state actors exploit Palo Alto PAN-OS zero-day for weeks
Palo Alto says hackers exploited PAN-OS zero-day CVE-2026-0300 for weeks, gaining root access to exposed firewalls and hiding traces. Palo Alto Networks warned that suspected state-sponsored hackers have been exploiting the critical PAN-OS zero-day CVE-2026-0300 for nearly a month. After exploiting the flaw, attackers deployed tunneling tools such as EarthWorm and ReverseSocks5, used stolen credentials…
-
European leaders unveil tentative deal for AI Act simplification, including a ban on nudification tools
The tentative deal responds to industry criticism by postponing enforcement of rules governing so-called “high-risk” AI tools involving biometrics and those used in employment, law enforcement and critical infrastructure to December 2027. First seen on therecord.media Jump to article: therecord.media/european-leaders-unveil-deal-ai-act-nudification
-
Hackers hack victims hacked by other hackers
An unknown group of hackers is breaking into systems previously breached by the cybercrime group TeamPCP. Once inside, the hackers immediately kick out TeamPCP and remove its hacking tools from the victims’ systems. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/07/hackers-hack-victims-hacked-by-other-hackers/
-
Was deutsche Unternehmen und Behörden aus dem Daemon-Tools-Supply-Chain-Angriff mitnehmen sollten
Ein monatelanger Lieferketten-Angriff auf Daemon-Tools, ein weit verbreitetes Disk-Imaging-Tool, verdeutlicht: Kompromittierungen sind nach wie vor sehr schwer aufzudecken. Der von Kaspersky aufgedeckte Angriff lief ab dem 8. April und infizierte heimlich, still und leise Systeme in über 100 Ländern. Dabei wurden zunächst Systemdaten gesammelt, bevor anschließend bei ausgewählten Opfern in Handel, Verwaltung, Industrie und Forschung…
-
Supply-Chain-Angriff auf DAEMON Tools zeigt Schwächen bei der Angriffserkennung in Unternehmen und Behörden
Wer Threat Intelligence weiterhin nur als Reporting- oder Compliance-Thema betrachtet, unterschätzt die operative Bedeutung moderner Cyberabwehr. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/supply-chain-angriff-auf-daemon-tools-zeigt-schwaechen-bei-der-angriffserkennung-in-unternehmen-und-behoerden/a45042/
-
Legacy Security Tools Are Failing Data Protection, Capital One Software Report Finds
Traditional network security tools are undermining data protection, with Forrester and Capital One Software research warning AI adoption is impossible without rethinking data security First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/legacy-security-tools-are-failing/
-
Herausforderungen der Cybersicherheit im Zeitalter der künstlichen Intelligenz
Check Point Software Technologies veranstaltet im Juni eine Serie von drei Veranstaltungen in Bern in der Schweiz, in Wien in Österreich und in Mainz. Erwartet werden Sicherheitsverantwortliche aus allen drei Regionen, um sich über die Herausforderungen der Cybersicherheit im Zeitalter der künstlichen Intelligenz auszutauschen. ‘Künstliche Intelligenz verändert nicht nur rapide die Unternehmensabläufe, von Tools zur…
-
One keypress is all it takes to compromise four AI coding tools
Developers clone unfamiliar repositories all the time. Open-source projects, work from teammates, sample code from a tutorial, a library someone recommended on a forum. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/07/trustfall-ai-coding-cli-vulnerability-research/
-
Meta führt Altersüberprüfung ohne Gesichtserkennung ein?
Meta führt KI-Tools zur Altersüberprüfung ein, um Minderjährige bei Facebook und Instagram zu überführen – angeblich ohne Gesichtserkennung. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/datenschutz/meta-fuehrt-altersueberpruefung-ohne-gesichtserkennung-ein-328835.html
-
Hackers Weaponize Claude AI in Attacks on Water and Drainage Utilities
Hackers have abused commercial Claude AI models to help compromise a Mexican water and drainage utility’s IT network and probe systems connected to critical infrastructure. The attackers used Claude as an operational “copilot” to discover industrial systems, build custom tools, and plan attacks against an internal SCADA/IIoT platform managing water and drainage processes. The investigation…
-
Daemon Tools Developer Confirms Software Was Trojanized
A China-linked threat actor backdoored a version of Daemon Tools to infect thousands First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/daemon-tools-confirms-software/
-
Entwickler bestätigt: Daemon Tools Lite mit Schadcode verseucht
Der Entwickler von Daemon Tools hat bestätigt, dass die Lite-Variante seiner Software zuletzt Malware enthielt. Eine neue Version korrigiert das. First seen on golem.de Jump to article: www.golem.de/news/entwickler-bestaetigt-daemon-tools-lite-mit-schadcode-verseucht-2605-208417.html
-
Operation Epic Fury Exposes Critical OT Security Gaps in U.S. Oil and Gas Sector
The cybersecurity posture of the U.S. oil and gas sector has come under renewed scrutiny following Operation Epic Fury, with a new independent survey revealing a disconnect between operator confidence and actual operational technology (OT) security capabilities. While companies across the upstream and midstream energy segments have accelerated cybersecurity investments since the February 28 launch…
-
UAT-8302 Targets Government Agencies With Custom Malware and Open-Source Tools
A new China-linked hacking group, tracked as UAT-8302, that is using custom malware and open-source tools to spy on government organizations in South America and southeastern Europe. The campaign focuses on long-term access and data theft, combining advanced backdoors like NetDraft and CloudSorcerer with aggressive network reconnaissance and credential theft. Researchers assess with high confidence…