Tag: tool
-
Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers
Tags: ai, backdoor, blockchain, hacker, india, intelligence, korea, malware, north-korea, phishing, powershell, russia, threat, tool, ukraineThe North Korean threat actor known as Konni has been observed using PowerShell malware generated using artificial intelligence (AI) tools to target developers and engineering teams in the blockchain sector.The phishing campaign has targeted Japan, Australia, and India, highlighting the adversary’s expansion of the targeting scope beyond South Korea, Russia, Ukraine, and European nations, Check…
-
CISO’s predictions for 2026
Tags: access, ai, attack, authentication, automation, breach, business, ciso, cloud, control, credentials, cryptography, cyber, cyberattack, cybersecurity, data, data-breach, encryption, endpoint, extortion, finance, governance, government, healthcare, identity, infrastructure, malicious, mobile, mssp, network, password, penetration-testing, ransomware, risk, router, saas, soc, strategy, supply-chain, technology, threat, tool, vulnerability, warfareAI agents to reshape the threat landscape: But those same AI technologies are also changing the threat landscape. Toal points to a recent Anthropic report that documented the first large-scale AI-enabled cyberattack as an early warning sign. “I guarantee attackers will be more focused on using AI agents for what they want than a lot…
-
Brakeman: Open-source vulnerability scanner for Ruby on Rails applications
Brakeman is an open-source security scanner used by teams that build applications with Ruby on Rails. The tool focuses on application code and configuration, giving developers … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/26/brakeman-open-source-vulnerability-scanner-ruby-on-rails/
-
Security Affairs newsletter Round 560 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Osiris ransomware emerges, leveraging BYOVD technique to kill security tools U.S. CISA adds a flaw in…
-
ICE Asks Companies About ‘Ad Tech and Big Data’ Tools It Could Use in Investigations
A new federal filing from ICE demonstrates how commercial tools are increasingly being considered by the government for law enforcement and surveillance. First seen on wired.com Jump to article: www.wired.com/story/ice-asks-companies-about-ad-tech-and-big-data-tools/
-
[Webinar] Doing More With Less: How Security Teams Escape Manual Work with Efficient Workflows
Tags: toolSecurity teams are under constant pressure to do more with the same resources. Manual processes, fragmented tools, and inefficient workflows can slow teams down and pull focus away from what matters most. In this live webinar, experienced security practitioners share how they’ve escaped the constraints of limited First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/webinar-doing-more-with-less-how-security-teams-escape-manual-work-with-efficient-workflows/
-
Osiris ransomware emerges, leveraging BYOVD technique to kill security tools
Researchers identified a new Osiris ransomware used in a November 2025 attack, abusing the POORTRY driver via BYOVD to disable security tools. Symantec and Carbon Black researchers uncovered a new ransomware strain named Osiris, used in a November 2025 attack against a major Southeast Asian food service franchise operator. The attackers deployed a malicious driver,…
-
Microsoft Open-Sources winapp, a New CLI Tool for Streamlined Windows App Development
Microsoft has announced the public preview of the Windows App Development CLI (winapp), a new open-source command-line tool designed to simplify Windows application development across multiple frameworks and toolchains. The tool is now available on GitHub for developers working outside traditional Visual Studio or MSBuild environments. The winapp CLI targets developers using cross-platform frameworks including…
-
Audio Accessory Flaw Converts Headphones Into Spy Tool
‘WhisperPair’ Flaw Likely to Endure for Years. A hacker could secretly record phone conversations, track users’ locations and blast music through headphones due to a flaw in implementations of a Google-developed low-energy technology for discovering nearby Bluetooth devices. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/audio-accessory-flaw-converts-headphones-into-spy-tool-a-30595
-
NETSCOUT recognized for leadership in network detection and response
Tags: attack, cloud, cyber, data, detection, infrastructure, intelligence, Internet, network, risk, service, technology, threat, toolThis is where visibility breaks down.This is where attacks hide.This is where risk grows quietly.NETSCOUT’s Omnis Cyber Intelligence closes this critical gap with a simple yet powerful idea: If you can’t see every signal, you can’t trust any conclusion. Turning packets into understanding: Our proprietary Adaptive Service Intelligence (ASI) technology doesn’t just collect packets; it…
-
AI-powered cyberattack kits are ‘just a matter of time,’ warns Google exec
Security chief says criminals are already automating workflows, with full end-to-end tools likely within years First seen on theregister.com Jump to article: www.theregister.com/2026/01/23/ai_cyberattack_google_security/
-
Anthropic, Microsoft MCP Server Flaws Shine a Light on AI Security Risks
Researchers with Cyata and BlueRock uncovered vulnerabilities in MCP servers from Anthropic and Microsoft, feeding ongoing security worries about MCP and other agentic AI tools and their dual natures as both key parts of the evolving AI world and easy targets for threat actors. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/anthropic-microsoft-mcp-server-flaws-shine-a-light-on-ai-security-risks/
-
Angreifer missbrauchen Tools für Remote-Monitoring und Management als Backdoor
Die KnowBe4 Threat Labs informieren über eine ausgeklügelte Dual-Vektor-Kampagne, die die Bedrohungskette nach der Kompromittierung von Anmeldedaten demonstriert. Anstatt maßgeschneiderte Malware einzusetzen, umgehen die Angreifer die Sicherheitsperimeter, indem sie IT-Tools missbrauchen, denen von IT-Administratoren vertraut wird. Indem sie sich einen ‘Generalschlüssel” für das System verschaffen, verwandeln sie legitime Remote-Monitoring and Management (RMM)-Software in eine dauerhafte…
-
AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities
Really interesting blog post from Anthropic: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates how barriers to the use of AI in relatively…
-
10 Questions Enterprise Leaders Should Ask Before Running a Red Teaming Exercise
Red Teaming has become one of the most discussed and misunderstood practices in modern cybersecurity. Many organizations invest heavily in vulnerability scanners and penetration tests, yet breaches continue to happen through paths those tools never simulate. Enterprise leaders now ask a deeper question: “Does our security testing completely reflect how attackers will break in?” This……
-
Unterschätztes Risiko: Insider-Bedrohungen endlich ernst nehmen
Tags: access, ai, compliance, cyberattack, cybersecurity, data, fraud, governance, identity, infrastructure, mail, nis-2, phishing, resilience, risk, risk-analysis, risk-management, security-incident, threat, tool, vulnerability48 Prozent der Fälle von Datendiebstahl, Industriespionage oder Sabotage in Unternehmen gehen laut einer Studie auf Mitarbeiter zurück.Was wäre, wenn das größte Sicherheitsrisiko Ihrer Organisation bereits einen Mitarbeitendenausweis besitzt, legitim angemeldet ist und genau weiß, wie interne Prozesse funktionieren? Diese Frage ist unbequem, aber sie markiert den Ausgangspunkt für eine längst überfällige Auseinandersetzung mit Insider-Bedrohungen.…
-
Phishing Attack Uses Stolen Credentials to Install LogMeIn RMM for Persistent Access
Tags: access, attack, breach, credentials, cybersecurity, monitoring, phishing, software, threat, toolCybersecurity researchers have disclosed details of a new dual-vector campaign that leverages stolen credentials to deploy legitimate Remote Monitoring and Management (RMM) software for persistent remote access to compromised hosts.”Instead of deploying custom viruses, attackers are bypassing security perimeters by weaponizing the necessary IT tools that administrators trust,” KnowBe4 Threat First seen on thehackernews.com Jump…
-
Angreifer missbrauchen RMM-Tools als Backdoor
Um das Risiko von RMM-basierten Angriffen zu mindern, sollten Sicherheitsteams eine Reihe von Sofortmaßnahmen priorisieren, dazu zählen die Suche nach bereitgestellten IOCs, die Blockierung identifizierter C2-Domänen und die Überwachung nicht autorisierter RMM-Installationen und Nutzungsmuster. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/angreifer-missbrauchen-rmm-tools-als-backdoor/a43443/
-
More employees get AI tools, fewer rely on them at work
People across many organizations now have access to AI tools, and usage keeps spreading. Some groups rely on AI during regular work, others treat it as an occasional helper. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/23/deloitte-enterprise-ai-adoption/
-
Microsoft introduces winapp, an open-source CLI for building Windows apps
Microsoft has released winapp, a new command line interface aimed at simplifying the process of building Windows applications. The open-source tool targets developers who rely … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/23/microsoft-introduces-winapp-an-open-source-cli-for-building-windows-apps/
-
Ransomware gang’s slip-up led to data recovery for 12 US firms
Tags: access, attack, backup, breach, business, citrix, cloud, corporate, cyber, data, data-breach, detection, encryption, endpoint, exploit, finance, group, incident response, infosec, infrastructure, law, linux, network, phishing, powershell, ransom, ransomware, risk, software, spear-phishing, sql, threat, tool, veeam, vulnerabilityscrutinize and audit your backups. If you have a regular backup schedule, is there unexpected or unexplained activity? Von Ramin Mapp notes that crooks are known to time data exfiltration to match corporate off-site backups as a way to hide their work;monitor for encrypted data leaving your environments and see where it goes. Does this…
-
SmarterMail auth bypass flaw now exploited to hijack admin accounts
Hackers began exploiting an authentication bypass vulnerability in SmarterTools’ SmarterMail email server and collaboration tool that allows resetting admin passwords. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/smartermail-auth-bypass-flaw-now-exploited-to-hijack-admin-accounts/
-
From the Data Lake to the Edge: Why Universal Visibility is the Future of API Security
If you look at an enterprise architecture diagram from five years ago, it looks relatively tidy. You had a data center, maybe a cloud provider, and a few gateways. Today, that diagram looks like a constellation. Data is living in AI platforms like Databricks. Frontend applications are pushed to the edge on Netlify. Logic is…
-
Hackers Are Using LinkedIn DMs and PDF Tools to Deploy Trojans
That LinkedIn message pretending to be job offer could just be malwre. First seen on hackread.com Jump to article: hackread.com/hackers-linkedin-dms-pdf-tools-trojan/
-
New Osiris Ransomware Leverages Living Off the Land and Dual-Use Tools in Attacks
A newly discovered ransomware family, Osiris, targeted a major foodservice franchisee in Southeast Asia in November 2025. Despite sharing a name with a 2016 Locky ransomware variant, security researchers confirm this represents an entirely new threat with no connection to its predecessor. However, evidence suggests potential links to threat actors previously associated with Inc ransomware…
-
NVIDIA CUDA Toolkit Flaw Allows Command Injection, Arbitrary Code Execution
NVIDIA has patched critical vulnerabilities in its CUDA Toolkit that expose developers and GPU-accelerated systems to command injection and arbitrary code execution risks. Released on January 20, 2026, the update addresses four flaws in Nsight Systems and related tools, all tied to the CUDA Toolkit ecosystem. Attackers could exploit these via malicious inputs during manual…
-
JA3 Fingerprinting Tool Exposes Attackers’ Infrastructure
JA3 fingerprinting, long dismissed as outdated technology, is experiencing a resurgence as security teams discover its practical value in identifying and tracking malicious infrastructure with surprising precision. Despite widespread skepticism about JA3’s relevance fueled by frozen public databases and inconsistent threat intelligence updates the indicator remains a powerful asset for SOC and threat hunting teams.…