Tag: usa
-
Why Video Game Anti-Cheat Systems Are a Cybersecurity Goldmine
Sam Collins and Marius Muench of the University of Birmingham, UK, join the Black Hat USA 2025 News Desk to explain how anti-cheat systems in video games provide valuable lessons on defending against threat actors’ techniques and strategies. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/video-game-anti-cheat-systems-cybersecurity-goldmine
-
MuddyWater APT Targets CFOs via OpenSSH; Enables RDP and Scheduled Tasks
A sophisticated spear-phishing campaign attributed to the Iranian-linked APT group MuddyWater is actively compromising CFOs and finance executives across Europe, North America, South America, Africa, and Asia. The attackers impersonate recruiters from Rothschild & Co, deploying Firebase-hosted phishing pages that incorporate custom math-based CAPTCHA challenges to evade detection and lend legitimacy. These lures lead victims…
-
How Outer Space Became the Next Big Attack Surface
VisionSpace Technologies’ Andrzej Olchawa and Milenko Starcik discussed a set of vulnerabilities capable of ending space missions at the Black Hat USA 2025 News Desk. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/outer-space-next-attack-surface
-
Video Convos: Agentic AI, Apple, EV Chargers; Cybersecurity Peril Abounds
Cybersecurity risks can come from everywhere, as these riveting Dark Reading News Desk videos detail. Check out Part 1 of our broadcast coverage of the top research presented at Black Hat USA 2025. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/agentic-ai-apple-intelligence-ev-chargers
-
Video Convos: Agentic AI, Apple, EV Chargers; Cybersecurity Peril Abounds
Cybersecurity risks can come from everywhere, as these riveting Dark Reading News Desk videos detail. Check out Part 1 of our broadcast coverage of the top research presented at Black Hat USA 2025. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/agentic-ai-apple-intelligence-ev-chargers
-
Microsoft investigates outage impacting Copilot, Office.com
Microsoft is investigating an ongoing issue preventing users across North America from accessing Office.com and the company’s Copilot AI-powered assistant. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-investigates-outage-impacting-copilot-officecom/
-
CodeRabbit RCE Flaw Gives Attackers Write Access to 1M Repositories
A critical remote code execution vulnerability in CodeRabbit, one of GitHub’s most popular AI-powered code review tools, could have allowed attackers to gain read and write access to over one million code repositories, including private ones, according to security researchers from Kudelski Security who disclosed the flaw at Black Hat USA 2024. The security flaw…
-
Datenschutzstreit: USA stoppen britische Apple-Hintertür
Die USA haben Großbritannien erfolgreich dazu gedrängt, die Forderung nach einem Zugang zu verschlüsselten Apple-Nutzerdaten aufzugeben. First seen on golem.de Jump to article: www.golem.de/news/datenschutzstreit-usa-stoppen-britische-apple-hintertuer-2508-199341.html
-
Agentic AI, Apple Intelligence, EV Chargers: Everyday Cybersecurity Peril Abounds for Businesses
Cybersecurity risks can come from everywhere, as these riveting Dark Reading News Desk videos detail. Check out Part 1 of our broadcast coverage of the top research presented at Black Hat USA 2025. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/agentic-ai-apple-intelligence-ev-chargers
-
AI Agents Access Everything, Fall to Zero-Click Exploit
Zenity CTO Michael Bargury joins the Black Hat USA 2025 News Desk to discuss research on a dangerous exploit, how generative AI technology has grown arms and legs, and what that means for cyber risk. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/ai-agents-access-everything-zero-click-exploit
-
By gutting its cyber staff, State Department ignores congressional directives
Without strong cyber capabilities at State, America’s partners will turn to unreliable associates in China for infrastructure investment and succumb to cyberattacks that place U.S. forces overseas at risk. First seen on cyberscoop.com Jump to article: cyberscoop.com/state-department-cyber-diplomacy-setback-congress-action-op-ed/
-
Russian APT28’s LameHug, a Pilot for Future AI Cyber-Attacks
While “fairly primitive”, APT28’s LameHug was a testbed for future AI-powered attacks, said two MITRE experts during Black Hat USA 2025 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mitre-russian-apt28-lamehug/
-
SOCRadar Launches Agentic Threat Intelligence Platform
At Black Hat USA, which took place last week, SOCRadar launched SOCRadar Agentic Threat Intelligence. The new platform automates threat intelligence through the deployment of autonomous AI agents that proactively detect, analyse, and respond to external threats with minimal human intervention and unmatched speed and accuracy. SOCRadar Agentic Threat Intelligence is a proactive approach to…
-
SOCRadar Launches Agentic Threat Intelligence Platform
At Black Hat USA, which took place last week, SOCRadar launched SOCRadar Agentic Threat Intelligence. The new platform automates threat intelligence through the deployment of autonomous AI agents that proactively detect, analyse, and respond to external threats with minimal human intervention and unmatched speed and accuracy. SOCRadar Agentic Threat Intelligence is a proactive approach to…
-
Digitale Souveränität für Deutschland vorerst unerreichbar
Tags: access, ai, bsi, chatgpt, china, cloud, computer, cyersecurity, encryption, germany, google, governance, government, hacker, injection, Internet, risk, strategy, update, usaBSI-Präsidentin Plattner: “Wir haben technologische Abhängigkeiten an ganz vielen Stellen.” Jan WaßmuthSeine Abhängigkeit von Cloud-Lösungen, KI-Modellen und anderen Tech-Produkten aus dem Ausland wird Deutschland nach Einschätzung des Bundesamtes für Sicherheit in der Informationstechnik (BSI) so bald nicht überwinden. Da der Staat seine digitalen Systeme und Daten bis auf weiteres nicht ohne Input aus dem außereuropäischen…
-
5 key takeaways from Black Hat USA 2025
Tags: access, api, attack, authentication, botnet, business, cisco, cloud, container, control, credentials, data, endpoint, exploit, firmware, flaw, framework, Hardware, iam, login, malicious, malware, network, password, programming, rce, remote-code-execution, service, software, technology, tool, update, usa, vulnerability, windowsVaults can be cracked open: Critical vulnerabilities in popular enterprise credential vaults were unveiled by security researchers from Cyata during Black Hat.The flaws in various components of HashiCorp Vault and CyberArk Conjur, responsibly disclosed to the vendors and patched before their disclosure, stemmed from subtle logic flaws in authentication, validation, and policy enforcement mechanisms, as…
-
So verwundbar sind KI-Agenten
KI-Agenten sind nützlich und gefährlich, wie aktuelle Untersuchungserkenntnisse von Sicherheitsexperten demonstrieren.Large Language Models (LLMs) werden mit immer mehr Tools und Datenquellen verbunden. Das bringt Vorteile, vergrößert aber auch die Angriffsfläche und schafft für Cyberkriminelle neue Prompt-Injection-Möglichkeiten. Das ist bekanntermaßen keine neue Angriffstechnik, erreicht aber mit Agentic AI ein völlig neues Level. Das demonstrierten Research-Spezialisten des…
-
Cyber-Zwischenfall beim Generalstaatsanwalt von Pennsylvania, USA
Pennsylvania AG’s systems down after ‘cyber incident’ First seen on statescoop.com Jump to article: statescoop.com/pennsylvania-ag-dave-sunday-cyber-incident/
-
So verwundbar sind KI-Agenten
KI-Agenten sind nützlich und gefährlich, wie aktuelle Untersuchungserkenntnisse von Sicherheitsexperten demonstrieren.Large Language Models (LLMs) werden mit immer mehr Tools und Datenquellen verbunden. Das bringt Vorteile, vergrößert aber auch die Angriffsfläche und schafft für Cyberkriminelle neue Prompt-Injection-Möglichkeiten. Das ist bekanntermaßen keine neue Angriffstechnik, erreicht aber mit Agentic AI ein völlig neues Level. Das demonstrierten Research-Spezialisten des…
-
Hacker Reveals New Authentication Bypass in Active Directory and Entra ID Environments
At Black Hat USA 2025, Dirk-jan Mollema showed how low-privilege cloud accounts can be turned into hybrid admins, bypassing API controls undetected. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-black-hat-2025-authentication-bypass-active-directory-entra-id/
-
New TETRA Radio Encryption Flaws Expose Law Enforcement Communications
Cybersecurity researchers have discovered a fresh set of security issues in the Terrestrial Trunked Radio (TETRA) communications protocol, including in its proprietary end-to-end encryption (E2EE) mechanism that exposes the system to replay and brute-force attacks, and even decrypt encrypted traffic.Details of the vulnerabilities dubbed 2TETRA:2BURST were presented at the Black Hat USA First seen on…
-
Week in review: SonicWall firewalls targeted in ransomware attacks, Black Hat USA 2025
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Black Hat USA 2025 Black Hat USA 2025 took place at the Mandalay Bay … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/10/week-in-review-sonicwall-firewalls-targeted-in-ransomware-attacks-black-hat-usa-2025/
-
Prime Security Wins Black Hat’s Startup Spotlight Competition
Security startups of all stripes submitted applications for Black Hat USA’s Startup Spotlight. Prime Security won with its AI security architect platform. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/prime-security-black-hat-spotlight-competition
-
NSFOCUS Monthly APT Insights June 2025
Regional APT Threat Situation In June 2025, the global threat hunting system of Fuying Lab detected a total of 33 APT attack activities. These activities were mainly distributed in regions such as South Asia, East Asia, West Asia, Eastern Europe, and South America, as shown in the figure below. In terms of organizational activity, the…The…
-
NSFOCUS Monthly APT Insights June 2025
Regional APT Threat Situation In June 2025, the global threat hunting system of Fuying Lab detected a total of 33 APT attack activities. These activities were mainly distributed in regions such as South Asia, East Asia, West Asia, Eastern Europe, and South America, as shown in the figure below. In terms of organizational activity, the…The…
-
NSFOCUS Monthly APT Insights June 2025
Regional APT Threat Situation In June 2025, the global threat hunting system of Fuying Lab detected a total of 33 APT attack activities. These activities were mainly distributed in regions such as South Asia, East Asia, West Asia, Eastern Europe, and South America, as shown in the figure below. In terms of organizational activity, the…The…
-
13 Produkt-Highlights der Black Hat USA
Tags: access, ai, api, application-security, business, chatgpt, cisco, cloud, compliance, credentials, crowdstrike, cybersecurity, data, detection, google, governance, Hardware, identity, leak, LLM, malware, marketplace, microsoft, monitoring, network, openai, phishing, risk, saas, service, soc, threat, tool, usa, vulnerability, zero-trustDas Mandalay Bay Convention Center wird zur Black Hat USA zum Cybersecurity-Hub 2025 lag der Fokus dabei insbesondere auf Agentic und Generative AI.Zur Black-Hat-Konferenz haben sich auch 2025 Tausende von Sicherheitsexperten in Las Vegas zusammengefunden, um sich über die neuesten Entwicklungen im Bereich Cybersecurity zu informieren und auszutauschen. Der thematische Fokus lag dabei in erster…
-
Cyberangriff auf eine Stadtverwaltung in Maine, USA
Network Outage Update First seen on barharbormaine.gov Jump to article: www.barharbormaine.gov/CivicAlerts.aspx