Vendors' News

Vendor announcements

Sindoor Dropper: New Phishing Campaign 
  

Sindoor Dropper: New Phishing Campaign 

The post Sindoor Dropper: New Phishing Campaign appeared first on Nextron Systems.Nextron SystemsRead More

The Good, the Bad and the Ugly in Cybersecurity – Week 35 
  

The Good, the Bad and the Ugly in Cybersecurity – Week 35 

Interpol arrests 1200 cybercrime suspects, UpCrypter spreads via fake voicemails to drop RATs, and Salt Typhoon exploits routers for global

WordPress: vulnerabilities in plugins and themes | Kaspersky official blog 
  

WordPress: vulnerabilities in plugins and themes | Kaspersky official blog 

Fresh vulnerabilities in WordPress plugins and themes, plus tips to reduce compromise risk.Kaspersky official blogRead More

Building Up to Code: Cybersecurity Risks to the UK Construction Sector 
  

Building Up to Code: Cybersecurity Risks to the UK Construction Sector 

A new report from PinnacleOne reveals the rise of cyber risks in UK construction and offers guidance for CISOs in

Automating threat analysis and response with Cloudy 
  

Automating threat analysis and response with Cloudy 

Cloudy now supercharges analytics investigations and Cloudforce One threat intelligence! Get instant insights from threat events and APIs on APTs,

Cloudy Summarizations of Email Detections: Beta Announcement 
  

Cloudy Summarizations of Email Detections: Beta Announcement 

We’re now leveraging our internal LLM, Cloudy, to generate automated summaries within our Email Security product, helping SOC teams better

Cloudflare is the best place to build realtime voice agents 
  

Cloudflare is the best place to build realtime voice agents 

Today, we’re excited to announce new capabilities that make it easier than ever to build real-time, voice-enabled AI applications on

Troubleshooting network connectivity and performance with Cloudflare AI 
  

Troubleshooting network connectivity and performance with Cloudflare AI 

Troubleshoot network connectivity issues by using Cloudflare AI-Power to quickly self diagnose and resolve WARP client and network issues.The Cloudflare

The crawl-to-click gap: Cloudflare data on AI bots, training, and referrals 
  

The crawl-to-click gap: Cloudflare data on AI bots, training, and referrals 

By mid-2025, training drives nearly 80% of AI crawling, while referrals to publishers (especially from Google) are falling and crawl-to-refer

How attackers adapt to built-in macOS protection 
  

How attackers adapt to built-in macOS protection 

We analyze the built-in protection mechanisms in macOS: how they work, how threat actors can attack them or deceive users,

  

Operation Serengeti 2.0: Trend Micro Helps Law Enforcement Fight Cybercrime in Africa 

Operation Serengeti 2.0: With Trend Micro’s support, INTERPOL led a major crackdown across Africa, arresting cybercriminals, dismantling infrastructures, recovering illicit

Securing the AI “Before Times” 
  

Securing the AI “Before Times” 

The cybersecurity landscape is being reshaped by AI, requiring a fundamental rethinking of our approach to cyber resilience and a

Here’s what you missed on Office Hours: August 2025 
  

Here’s what you missed on Office Hours: August 2025 

OAuth application abuse, emerging cloud tradecraft and the AI threat landscape: Catch up on last month’s episodes of Red Canary

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 18, 2025 to August 24, 2025) 
  

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 18, 2025 to August 24, 2025) 

📢 Calling all Vulnerability Researchers and Bug Bounty Hunters! 📢 🌞 Spring into Summer with Wordfence! Now through September 4,

Advancing Detection Together: Nextron and Arctic Wolf Join Forces on Sigma 
  

Advancing Detection Together: Nextron and Arctic Wolf Join Forces on Sigma 

The post Advancing Detection Together: Nextron and Arctic Wolf Join Forces on Sigma appeared first on Nextron Systems.Nextron SystemsRead More

  

Security Roundup August 2025 

Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. Fraudsters trade on fake lawyers’

Latest

 

An Online Group Claims It’s Behind Campus Swatting Wave

Members of the group offered on Telegram to draw armed officers to schools, malls and airports, though their claims are

An Online Group Claims It’s Behind Campus Swatting Wave

Members of the group offered on Telegram to draw armed officers to schools, malls and airports, though their claims are

TamperedChef infostealer delivered through fraudulent PDF Editor

TamperedChef infostealer delivered through fraudulent PDF Editor

Threat actors have been using multiple websites promoted through Google ads to distribute a convincing PDF editing app that delivers

No, a Windows update probably didn’t brick your SSD

No, a Windows update probably didn’t brick your SSD

For the last week or two, reports have been circulating that recent Windows 11 updates (specifically KB5063878 and KB5062660) were

My favorite affordable phone cases are BOGO free (including for the new Google Pixel 10 series)

My favorite affordable phone cases are BOGO free (including for the new Google Pixel 10 series)

Casely’s Labor Day sale is here with cases starting at 2 for $30, thanks to a sweet BOGO offer. Plus,

CVE-2012-10062 | Apache Friends XAMPP up to 1.7.3 WebDAV Service /webdav/ unrestricted upload (EDB-18367)

A vulnerability labeled as critical has been found in Apache Friends XAMPP up to 1.7.3. Affected is an unknown function

A deeper look at AI crawlers: breaking down traffic by purpose and industry 
  

A deeper look at AI crawlers: breaking down traffic by purpose and industry 

We are extending AI-related insights on Cloudflare Radar with new industry-focused data and a breakdown of bot traffic by purpose,

Make Your Website Conversational for People and Agents with NLWeb and AutoRAG 
  

Make Your Website Conversational for People and Agents with NLWeb and AutoRAG 

With NLWeb, an open project by Microsoft, and Cloudflare AutoRAG, conversational search is now a one-click setup for your website.The

The next step for content creators in working with AI bots: Introducing AI Crawl Control 
  

The next step for content creators in working with AI bots: Introducing AI Crawl Control 

Cloudflare launches AI Crawl Control (formerly AI Audit) and introduces easily customizable 402 HTTP responses.The Cloudflare BlogRead More

Evaluating image segmentation models for background removal for Images 
  

Evaluating image segmentation models for background removal for Images 

An inside look at how the Images team compared dichotomous image segmentation models to identify and isolate subjects in an

The age of agents: cryptographically recognizing agent traffic 
  

The age of agents: cryptographically recognizing agent traffic 

Cloudflare now lets websites and bot creators use Web Bot Auth to segment agents from verified bots, making it easier

Chasing the Silver Fox: Cat & Mouse in Kernel Shadows 
  

Chasing the Silver Fox: Cat & Mouse in Kernel Shadows 

Highlights: Introduction While Microsoft Windows has steadily strengthened its security model—through features like Protected Processes (PP/PPL) and enhanced driver verification—threat

  

When Best Practices Aren’t Enough: UK Breaches Underscore the Importance of Compromise Assessments 

The post When Best Practices Aren’t Enough: UK Breaches Underscore the Importance of Compromise Assessments appeared first on Nextron Systems.Nextron

NX build compromise detection and response | Kaspersky official blog 
  

NX build compromise detection and response | Kaspersky official blog 

Signs and features of s1ngularity attack, detection and response measuresKaspersky official blogRead More

  

TAOTH Campaign Exploits End-of-Support Software to Target Traditional Chinese Users and Dissidents 

The TAOTH campaign exploited abandoned software and spear-phishing to deploy multiple malware families, targeting dissidents and other high-value individuals across

Storm-0501’s evolving techniques lead to cloud-based ransomware 
  

Storm-0501’s evolving techniques lead to cloud-based ransomware 

Financially motivated threat actor Storm-0501 has continuously evolved their campaigns to achieve sharpened focus on cloud-based tactics, techniques, and procedures

BadCam attack: malicious firmware in “clean” webcams 
  

BadCam attack: malicious firmware in “clean” webcams 

Examining the BadCam attack (version of BadUSB) and the risks it poses to organizations.Kaspersky official blogRead More

Magic Quadrant for Hybrid Mesh Firewall 
  

Magic Quadrant for Hybrid Mesh Firewall 

Palo Alto Networks named a Leader in the 2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall in its inaugural report

Microsoft ranked number one in modern endpoint security market share third year in a row 
  

Microsoft ranked number one in modern endpoint security market share third year in a row 

For a third year a row, Microsoft has been named the number one leader for endpoint security market share, as

AI Gateway now gives you access to your favorite AI models, dynamic routing and more — through just one endpoint 
  

AI Gateway now gives you access to your favorite AI models, dynamic routing and more — through just one endpoint 

AI Gateway now gives you access to your favorite AI models, dynamic routing and more — through just one endpoint.The

How we built the most efficient inference engine for Cloudflare’s network 
  

How we built the most efficient inference engine for Cloudflare’s network 

Infire is an LLM inference engine that employs a range of techniques to maximize resource utilization, allowing us to serve

How Cloudflare runs more AI models on fewer GPUs: A technical deep-dive 
  

How Cloudflare runs more AI models on fewer GPUs: A technical deep-dive 

Cloudflare built an internal platform called Omni. This platform uses lightweight isolation and memory over-commitment to run multiple AI models

State-of-the-art image generation Leonardo models and text-to-speech Deepgram models now available in Workers AI 
  

State-of-the-art image generation Leonardo models and text-to-speech Deepgram models now available in Workers AI 

We’re expanding Workers AI with new partner models from Leonardo.Ai and Deepgram. Start using state-of-the-art image generation models from Leonardo

AT&T and Cisco Deliver Comprehensive Secure Access Service Edge (SASE) Solution 
  

AT&T and Cisco Deliver Comprehensive Secure Access Service Edge (SASE) Solution 

AT&T SASE with Cisco combines AT&T’s network expertise with Cisco’s advanced security and networking technologies.More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.htmlCisco Newsroom: SecurityRead

MSSP Growth Guide: Scaling Threat Detection for Expanding Client Base  
  

MSSP Growth Guide: Scaling Threat Detection for Expanding Client Base  

 An MSSP leader is no stranger to the relentless pressure of growth. With an expanding client base comes the daunting

Exploits and vulnerabilities in Q2 2025 
  

Exploits and vulnerabilities in Q2 2025 

This report provides statistical data on published vulnerabilities and exploits we researched in Q2 2025. It also includes summary data

  

Mitigating Security Risks in Low-Code Development Environments 

I still remember the soft whir of the server room fans and that faint smell of ozone when we, a

Data Is the New Diamond: Heists in the Digital Age 
  

Data Is the New Diamond: Heists in the Digital Age 

Unit 42 explores the similarities between the social engineering and reconnaissance tactics used by financially motivated criminals. The post Data

  

Securing and governing the rise of autonomous agents​​ 

​In this blog you will hear directly from Corporate Vice President and Deputy Chief Information Security Officer (CISO) for Identity,

How to remove your information from personal data brokers’ databases | Kaspersky official blog 
  

How to remove your information from personal data brokers’ databases | Kaspersky official blog 

Data brokers build detailed dossiers on you. Where do they get the data, and how can you delete it?Kaspersky official

  

MITRE Introduces AADAPT Framework to Combat Crypto-Focused Cyber Threats 

Amid a surge in cryptocurrency-related cybercrime, MITRE has unveiled AADAPT (Adversarial Actions in Digital Asset Payment Technologies), a brand-new framework

Cisco Delivers Critical AI Infrastructure for Top NFL Franchises 
  

Cisco Delivers Critical AI Infrastructure for Top NFL Franchises 

Expands use of Cisco’s industry-leading enterprise networking and cybersecurity solutions to six additional NFL franchises venuesMore RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.htmlCisco Newsroom:

Are you ready for some football? Cisco triples NFL franchise and stadium partnerships ahead of 2025-2026 season 
  

Are you ready for some football? Cisco triples NFL franchise and stadium partnerships ahead of 2025-2026 season 

As the new NFL season kicks off, Cisco is proud to be playing an even bigger role in one of

ZipLine Campaign: A Sophisticated Phishing Attack Targeting US Companies 
  

ZipLine Campaign: A Sophisticated Phishing Attack Targeting US Companies 

Key findings: Introduction Check Point Research (CPR) has been closely monitoring the activity of a highly persistent and sophisticated threat

Block unsafe prompts targeting your LLM endpoints with Firewall for AI 
  

Block unsafe prompts targeting your LLM endpoints with Firewall for AI 

Cloudflare’s AI security suite now includes unsafe content moderation, integrated into the Application Security Suite via Firewall for AI.The Cloudflare

Best Practices for Securing Generative AI with SASE 
  

Best Practices for Securing Generative AI with SASE 

This guide provides best practices for Security and IT leaders to securely adopt generative AI using Cloudflare’s SASE architecture as

ChatGPT, Claude, & Gemini security scanning with Cloudflare CASB 
  

ChatGPT, Claude, & Gemini security scanning with Cloudflare CASB 

Cloudflare CASB now scans ChatGPT, Claude, and Gemini for misconfigurations, sensitive data exposure, and compliance issues, helping organizations adopt AI

  

Introducing Cloudflare Application Confidence Score For AI Applications 

Cloudflare will provide confidence scores within our application library for Gen AI applications, allowing customers to assess their risk for

Securing the AI Revolution: Introducing Cloudflare MCP Server Portals 
  

Securing the AI Revolution: Introducing Cloudflare MCP Server Portals 

Cloudflare MCP Server Portals are now available in Open Beta. MCP Server Portals are a new capability that enable you

Research insights: 4 trends reshaping identity security in 2025 
  

Research insights: 4 trends reshaping identity security in 2025 

As security threats surge in the AI era, Duo and Cisco Identity Intelligence help security leaders overcome hurdles to adopt

Major Cyber Attacks in August 2025: 7-Stage Tycoon2FA Phishing, New ClickFix Campaign, and Salty2FA 
  

Major Cyber Attacks in August 2025: 7-Stage Tycoon2FA Phishing, New ClickFix Campaign, and Salty2FA 

Phishing kits and stealers didn’t slow down this August, and neither did we. ANY.RUN analysts tracked some of the month’s

Detection Engineering: Practicing Detection-as-Code – Documentation – Part 4 
  

Detection Engineering: Practicing Detection-as-Code – Documentation – Part 4 

Sufficiently documenting our detections is essential in detection engineering as it provides context around the the purpose, detection logic, and

  

Advancing RPKI: NRO RPKI Program in 2025 for Trust, Transparency and User Experience 

The NRO RPKI Program aims to enhance the transparency, robustness and security of the RPKI system while also increasing the

Palo Alto Networks Named a Leader in WW Incident Response Services 
  

Palo Alto Networks Named a Leader in WW Incident Response Services 

IDC recognizes Unit 42’s ability to integrate threat intelligence, technology and rapid response to deliver cyber resilience at a global

  

Marginal Emissions Rates: See Carbon Emissions with Clarity in Real Time 

Learn how Akamai is using marginal emissions rates to improve the transparency and accuracy of our emissions accounting.BlogRead More

  

Fueling the AI-Enabled SOC with High-Fidelity Threat Intelligence 

Executive Summary VMRay strengthens the AI-enabled SOC by delivering high-fidelity, fact-based threat intelligence that powers accurate, explainable, and actionable AI outcomes. Better

GodRAT – New RAT targeting financial institutions 
  

GodRAT – New RAT targeting financial institutions 

Kaspersky experts analyze GodRAT, a new Gh0st RAT-based tool attacking financial firms. It is likely a successor of the AwesomePuppet

Protecting your car against the PerfektBlue vulnerability in Bluetooth | Kaspersky official blog 
  

Protecting your car against the PerfektBlue vulnerability in Bluetooth | Kaspersky official blog 

What the PerfektBlue vulnerability is, how dangerous it is, and how to protect your car from Bluetooth attacksKaspersky official blogRead

The Challenge of Cybersecurity Frenemies and Collaboration 
  

The Challenge of Cybersecurity Frenemies and Collaboration 

Michael Sikorski discusses how cybersecurity relies on “frenemies” building cultural bridges to collaborate against shared threats, as attackers already do.

Retbleed exploitation in realistic setting | Kaspersky official blog 
  

Retbleed exploitation in realistic setting | Kaspersky official blog 

Google experts have demonstrated how the complex Retbleed hardware vulnerability in AMD CPUs can be effectively exploited.Kaspersky official blogRead More

  

NATO’s Cybersecurity Spending Proposals’ Impact on the Industry 

NATO has fundamentally redefined what it means to defend the alliance. At the 2025 NATO Summit in The Hague, allies

  

Warlock: From SharePoint Vulnerability Exploit to Enterprise Ransomware 

Warlock ransomware exploits unpatched Microsoft SharePoint vulnerabilities to gain access, escalate privileges, steal credentials, move laterally, and deploy ransomware with

Respond faster and empower users with Red Canary Managed Phishing Response 
  

Respond faster and empower users with Red Canary Managed Phishing Response 

Managed Phishing Response offers AI-powered triage, rapid expert analysis, and tailored feedback for every user-reported phishing emailRed CanaryRead More

Salty 2FA: Undetected PhaaS from Storm-1575 Hitting US and EU Industries  
  

Salty 2FA: Undetected PhaaS from Storm-1575 Hitting US and EU Industries  

Today, phishing accounts for the majority of all cyberattacks. The availability of low-cost, easy-to-use Phishing-as-a-Service (PhaaS) platforms like Tycoon2FA, EvilProxy,

Patching for persistence: How DripDropper Linux malware moves through the cloud 
  

Patching for persistence: How DripDropper Linux malware moves through the cloud 

DripDropper is a Red Canary-named Linux malware variant that uses an encrypted PyInstaller ELF file to communicate with a Dropbox

Hidden in plain sight: How threat actors abuse SVGs for phishing 
  

Hidden in plain sight: How threat actors abuse SVGs for phishing 

Introduction Scalable Vector Graphics (SVG) files are increasingly being abused as initial phishing vectors. By embedding scriptable content directly in standalone

Value Exchange in Cybersecurity 
  

Value Exchange in Cybersecurity 

Working with our partners, we’re on a shared mission to deliver better security outcomes. Consider the strength of a vendor’s

Logit-Gap Steering: A New Frontier in Understanding and Probing LLM Safety 
  

Logit-Gap Steering: A New Frontier in Understanding and Probing LLM Safety 

New research from Unit 42 on logit-gap steering reveals how internal alignment measures can be bypassed, making external AI security

  

Cybercriminals Abuse AI Website Creation App For Phishing 

Key findings  Threat actors are increasingly using an AI website generation platform to create fraudulent websites for credential phishing and

Quantum-safe security: Progress towards next-generation cryptography 
  

Quantum-safe security: Progress towards next-generation cryptography 

Microsoft is proactively leading the transition to quantum-safe security by advancing post-quantum cryptography, collaborating with global standards bodies, and helping

How we built AI face cropping for Images 
  

How we built AI face cropping for Images 

AI face cropping for Images automatically crops around faces in an image. Here’s how we built this feature on Workers

How to Enrich IOCs with Actionable Threat Context: Tips for SOC Analysts  
  

How to Enrich IOCs with Actionable Threat Context: Tips for SOC Analysts  

One solution can change everything. ANY.RUN’s Threat Intelligence Lookup is living proof of that.  By delivering a browsable source of

  

Define Protocol from Traffic (XenoRAT) 

This video shows how to define a protocol in CapLoader just by providing examples of what the protocol looks like.

A phishing scam targeting Ledger users | Kaspersky official blog 
  

A phishing scam targeting Ledger users | Kaspersky official blog 

Scammers are exploiting fake firmware update warnings for Ledger hardware wallets to lure users to phishing websites.Kaspersky official blogRead More

Your Connection, Their Cash: Threat Actors Misuse SDKs to Sell Your Bandwidth 
  

Your Connection, Their Cash: Threat Actors Misuse SDKs to Sell Your Bandwidth 

A campaign leverages CVE-2024-36401 to stealthily monetize victims’ bandwidth where legitimate software development kits (SDKs) are deployed for passive income.

Cloudflare incident on August 21, 2025 
  

Cloudflare incident on August 21, 2025 

On August 21, 2025, an influx of traffic directed toward clients hosted in AWS us-east-1 caused severe congestion on links

  

Leadership, Innovation, and the Future of AI: Lessons from Trend Micro CEO & Co-Founder Eva Chen 

Discover how AI is reshaping cybersecurity through our CEO, Eva Chen’s industry briefing series. Gain practical strategies, real-world insights, and

How a volunteer-run wildfire site in Portugal stayed online during DDoS attacks 
  

How a volunteer-run wildfire site in Portugal stayed online during DDoS attacks 

Fogos.pt, a volunteer-run wildfire tracker in Portugal, grew from a side project into a critical national resource used by citizens,

Intelligence Insights: August 2025 
  

Intelligence Insights: August 2025 

Precursors get preempted and NetSupport Manager gets promoted in this month’s edition of Intelligence InsightsRed CanaryRead More

Think before you Click(Fix): Analyzing the ClickFix social engineering technique 
  

Think before you Click(Fix): Analyzing the ClickFix social engineering technique 

The ClickFix social engineering technique has been growing in popularity, with campaigns targeting thousands of enterprise and end-user devices daily.

  

Threat Level – GUARDED 

On August 20, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to a vulnerability

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 11, 2025 to August 17, 2025) 
  

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 11, 2025 to August 17, 2025) 

📢 Calling all Vulnerability Researchers and Bug Bounty Hunters! 📢 🌞 Spring into Summer with Wordfence! Now through September 4,

  

Stop LLM Attacks: How Security Helps AI Apps Achieve Their ROI 

AI security is a business problem. Protect your LLM application investment and ROI by connecting your security team with business

Wordfence Bug Bounty Program Monthly Report – July 2025 
  

Wordfence Bug Bounty Program Monthly Report – July 2025 

Last month in July 2025, the Wordfence Bug Bounty Program received 325 vulnerability submissions from our growing community of security

MoQ: Refactoring the Internet’s real-time media stack 
  

MoQ: Refactoring the Internet’s real-time media stack 

Media over QUIC (MoQ) is a new IETF standard that resolves this conflict, creating a single foundation for sub-second, interactive

The Good, the Bad and the Ugly in Cybersecurity – Week 34 
  

The Good, the Bad and the Ugly in Cybersecurity – Week 34 

Courts jail hackers and PyPI boosts defenses, Noodlophile evolves with Telegram staging, and DPRK actors abuse GitHub in diplomat attacks.SentinelOneRead

Modern vehicle cybersecurity trends 
  

Modern vehicle cybersecurity trends 

Modern vehicles, their current and future threats, and approaches to automotive cybersecurity.SecurelistRead More

  

25th August – Threat Intelligence Report 

For the latest discoveries in cyber research for the week of 25th August, please download our Threat Intelligence Bulletin. TOP

Welcome to AI Week 2025 
  

Welcome to AI Week 2025 

We’re seeing AI fundamentally change how people work across every industry. Customer support agents can respond to ten times the

Messaging apps that work without an internet connection or cell service | Kaspersky official blog 
  

Messaging apps that work without an internet connection or cell service | Kaspersky official blog 

There might be times when your mobile internet stops working but you still need to stay connected. We look at

Insights: Telling You What We Really Think 
  

Insights: Telling You What We Really Think 

Unit 42 introduces Insights, a new space for fresh thinking and varied content built on trusted expertise. The post Insights:

15,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Dokan Pro WordPress Plugin 
  

15,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Dokan Pro WordPress Plugin 

On June 5th, 2025, we received a submission for a Privilege Escalation vulnerability in Dokan Pro, a WordPress plugin with

What Is a Hybrid Mesh Firewall and Why It Matters 
  

What Is a Hybrid Mesh Firewall and Why It Matters 

Palo Alto Networks Strata Network Security Platform delivers AI-powered, unified hybrid mesh firewall protection with consistent enforcement everywhere. The post

Unmasking the Unseen: Your Guide to Taming Shadow AI with Cloudflare One 
  

Unmasking the Unseen: Your Guide to Taming Shadow AI with Cloudflare One 

Don’t let “Shadow AI” silently leak your data to unsanctioned AI. This new threat requires a new defense. Learn how

Cloudflare Launching AI Miniseries for Developers (and Everyone Else They Know) 
  

Cloudflare Launching AI Miniseries for Developers (and Everyone Else They Know) 

AI Avenue tackles fears, showcases AI’s potential, and highlights positive human augmentation stories, even allowing hands-on interaction.The Cloudflare BlogRead More

  

Bringing Cloudflare’s AI to FedRAMP High 

Cloudflare is announcing its commitment to bring the AI Developer suite, including Workers AI, AI Gateway and Vectorize, into its

Beyond the ban: A better way to secure generative AI applications 
  

Beyond the ban: A better way to secure generative AI applications 

Generative AI tools present a trade-off of productivity and data risk. Cloudflare One’s new AI prompt protection feature provides the

  

Keep Your Tech Flame Alive: Trailblazer Rachel Bayley 

In this Akamai FLAME Trailblazer blog post, Rachel Bayley encourages women to step into the unknown and to be their

  

Threats Making WAVs – Incident Response to a Cryptomining Attack 

Guardicore security researchers describe and uncover a full analysis of a cryptomining attack, which hid a cryptominer inside WAV files.

  

The Oracle of Delphi Will Steal Your Credentials 

Our deception technology is able to reroute attackers into honeypots, where they believe that they found their real target. The

  

The Nansh0u Campaign ? Hackers Arsenal Grows Stronger 

In the beginning of April, three attacks detected in the Guardicore Global Sensor Network (GGSN) caught our attention. All three

  

PLEASE_READ_ME: The Opportunistic Ransomware Devastating MySQL Servers 

Guardicore Labs uncovers a Ransomware detection campaign targeting MySQL servers. Attackers use Double Extortion and publish data to pressure victims.BlogRead

  

Strategy for the Office Anywhere 

Organizations must deploy a remote working strategy that suits the office anywhere model CIOs need to demonstrate leadership as we

   

A Stargazer Goblin GitHub fiókokat gyűjt rosszindulatú programok terjesztésére

A CheckPoint kutatóinak jelentése egy kifinomult kártevő terjesztési rendszert ír le, amelyet a “Stargazer Goblin” nevű fenyegető csoport követett el.

   

A Proton elindította a Google Dokumentumok adatvédelmi fókuszú alternatíváját

A Proton elindította a Proton Docs-t, a magánélet-központú munkaeszköz-csomagjának legújabb alkalmazását, amely a Google Docs-hoz hasonló, a Google-hoz nem kötődő

   

Kaspersky NIS2 Solution Map

A NIS 2 irányelv az Európai Unió (EU) szabályrendszere, amelynek célja a kulcsfontosságú iparágak kiberbiztonságának fokozása. Az Irányelv 2023. január

   

Anonymous Sudan – TIP

A dokumentum szerint azonban míg az Anonymous kollektíva egy sokszínű és kiterjedt csoport, amely sok különböző eszméket karolnak fel, a megfigyelések arra utalnak, hogy a magát “Anonymous Sudan”-nak nevező csoportnak semmi köze nincs a nagyobb Anonymous kollektívához, vagy az eredeti Anonymous Sudan mögött álló felhasználókhoz, illetve a #OpSudan Anonymous akciókhoz.

cloudflare
   

A Cloudflare rekordot jelentő 71 millió kérés/másodperc DDoS-támadást hárított el

A Cloudflare blogbejegyzése egy rekordot döntő DDoS-támadás sikeres elhárításáról számol be, és számos fontos tanulsággal szolgál. A támadás rávilágított a DDoS-támadások növekvő méretére és gyakoriságára, valamint arra, hogy többrétegű védelmi stratégiákra van szükség a hatékony elhárításukhoz. A támadásra adott sikeres válaszlépés a biztonsági szolgáltatók és szervezetek közötti együttműködés fontosságát is demonstrálta, valamint a mesterséges intelligencia és a gépi tanulás használatát a támadások valós idejű azonosítása és enyhítése érdekében. A jelentés hangsúlyozza a DDoS-támadások folyamatos és változó fenyegetését, valamint azt, hogy a szervezeteknek ébernek és felkészültnek kell maradniuk az ilyen támadásokra.

mandiant
   

A támadó fejével gondolkozni…

A Mandiant Security Perspectives Report kiemeli a kibertámadások egyre növekvő fenyegetettségét, különös tekintettel a zsarolóvírus-támadások egyre kifinomultabb és pusztítóbb jellegére. A jelentés azt is megjegyzi, hogy a távmunka új sebezhetőségeket és kihívásokat teremtett a szervezetek számára a távoli hozzáférés biztosítása terén, és hogy az ellátási láncot érő támadások egyre nagyobb aggodalomra adnak okot. E kihívások kezelése érdekében a szervezeteknek a proaktív fenyegetésvadászatra és -felderítésre kell összpontosítaniuk, hogy gyorsabban azonosíthassák a támadásokat és reagálhassanak rájuk. A jelentés végső soron arra emlékeztet, hogy a kibertámadások fenyegetése valós és folyamatos, és hogy a szervezeteknek továbbra is ébernek és proaktívnak kell maradniuk az ellenük való védekezésben.

   

Hogyan védhetjük magunkat MFA adathalász támadással szemben

Az elmúl hetekben több kutató is felhívta a figyelemet kiterjedt adathalász támadásokra, melyek a MFA (Multifactor Authentication) többényezős hitelesítéssel védett

  

Dongó rosszindulatú kód

Bumblebee kód emlemzését nemrég publikálta a Paloaltonetwork. Projector Libra az egyik bűnöző csoport amely Bumblebee-t terjeszti. Ezt teszi oly módon,

   

Aktívan kihasználják az Exchange sérülékenységet

Az elemzőket és a szakértőket is meglepte, milyen mértékű lehet a március elején bejelentett Microsoft Exchange szervereket érintő sérülékenység kihasználása.

   

Tisztelt Ügyfelünk, cseréljen jelszót!

A Ubiquiti Networks termékei közt főként  vezeték nélküli eszközök találhatóak kifejezetten kis-és közepes méretű vállalkozások számára kifejlesztve. A cég most

   

A DJI a HUAWEI sorsára jut

A DJI – az egyik legnépszerűbb drónokat gyártó kínai cég – felkerült az USA Kereskedelmi Minisztériumának üzleti titok lopása alanyainak listájára, ahol a Huawei és a ZTE is szerepel, sok más kínai gyártóval együtt. A minisztérium az utolsó frissítés során 77 új “entitást” vett fel a listára.