AI will drive purchases this year, but not without questions 2025-09-03 at 07:04 By Sinisa Markovic AI is moving into security operations, but CISOs are approaching it with a mix of optimism and realism. A new report from Arctic Wolf shows that most organizations are exploring or adopting AI-driven tools, yet many still see risks […]
AI will drive purchases this year, but not without questions Read More »
Zscaler, Palo Alto Networks, SpyCloud among the affected by Salesloft breach 2025-09-02 at 18:20 By Zeljka Zorz In the wake of last week’s revelation of a breach at Salesloft by a group tracked by Google as UNC6395, several companies – including Zscaler, Palo Alto Networks, PagerDuty, Tanium, and SpyCloud – have confirmed their Salesforce instances
Zscaler, Palo Alto Networks, SpyCloud among the affected by Salesloft breach Read More »
Can AI agents catch what your SOC misses? 2025-09-02 at 10:45 By Mirko Zorz A new research project called NetMoniAI shows how AI agents might reshape network monitoring and security. Developed by a team at Texas Tech University, the framework brings together two ideas: distributed monitoring at the edge and AI-driven analysis at the center.
Can AI agents catch what your SOC misses? Read More »
Complexity and AI put identity protection to the test 2025-09-02 at 08:06 By Anamarija Pogorelec Identity has become a core pillar of cybersecurity strategy. Remote work, cloud-first adoption, and distributed supply chains have moved identity from “a tactical IT consideration to a strategic pillar of cybersecurity,” according to Cisco Duo’s 2025 State of Identity Security
Complexity and AI put identity protection to the test Read More »
Cybersecurity jobs available right now: September 2, 2025 2025-09-02 at 07:47 By Anamarija Pogorelec CISO Shift Technology | France | Remote – View job details As a CISO, you will develop and execute a comprehensive enterprise information security strategy aligned with company goals and risk tolerance. Lead incident response efforts and continuously improve detection, response,
Cybersecurity jobs available right now: September 2, 2025 Read More »
What the GitGuardian secrets sprawl report reveals about leaked credentials 2025-09-02 at 07:47 By Help Net Security In this Help Net Security video, Dwayne McDaniel, Senior Developer Advocate at GitGuardian, presents findings from The State of Secrets Sprawl 2025. McDaniel explains why generic secrets are especially difficult to detect, why private repositories pose an even
What the GitGuardian secrets sprawl report reveals about leaked credentials Read More »
AIDEFEND: Free AI defense framework 2025-09-01 at 09:21 By Mirko Zorz AIDEFEND (Artificial Intelligence Defense Framework) is an open knowledge base dedicated to AI security, providing defensive countermeasures and best practices to help security pros safeguard AI and machine learning systems. Practicality is at the core of AIDEFEND. The framework is designed to be “highly
AIDEFEND: Free AI defense framework Read More »
KillChainGraph: Researchers test machine learning framework for mapping attacker behavior 2025-09-01 at 09:21 By Mirko Zorz A team of researchers from Frondeur Labs, DistributedApps.ai, and OWASP has developed a new machine learning framework designed to help defenders anticipate attacker behavior across the stages of the Cyber Kill Chain. The work explores how machine learning models
Cybersecurity signals: Connecting controls and incident outcomes 2025-09-01 at 08:03 By Anamarija Pogorelec There is constant pressure on security leaders to decide which controls deserve the most attention and budget. A new study offers evidence on which measures are most closely linked to lower breach risk and how organizations should think about deploying them. Marsh
Cybersecurity signals: Connecting controls and incident outcomes Read More »
Boards are being told to rethink their role in cybersecurity 2025-09-01 at 08:03 By Sinisa Markovic Boards of directors are being told that cybersecurity is now central to business resilience and growth, and that they must engage more directly in the way their organizations manage risk. A new report from Google Cloud’s Office of the
Boards are being told to rethink their role in cybersecurity Read More »
GenAI is fueling smarter fraud, but broken teamwork is the real problem 2025-09-01 at 08:03 By Anamarija Pogorelec More than 80 percent of large U.S. companies were targeted by socially engineered fraud in the past year, according to Trustmi’s 2025 Socially Engineered Fraud & Risk Report. Nearly half of those organizations reported a direct financial
GenAI is fueling smarter fraud, but broken teamwork is the real problem Read More »
Week in review: 300k+ Plex Media Server instances still vulnerable to attack, exploited Git RCE flaw 2025-08-31 at 13:37 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158 Over 300,000 internet-facing Plex Media Server
Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms 2025-08-29 at 14:19 By Zeljka Zorz A recently uncovered phishing campaign – carefully designed to bypass security defenses and avoid detection by its intended victims – is targeting firms in industrial manufacturing and other companies critical to various supply chains, Check Point
Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms Read More »
New framework aims to outsmart malware evasion tricks 2025-08-29 at 10:03 By Mirko Zorz Attackers have learned how to trick machine learning malware detectors with small but clever code changes, and researchers say they may finally have an answer. In a new paper, academics from Inria and the CISPA Helmholtz Center for Information Security describe
New framework aims to outsmart malware evasion tricks Read More »
AI isn’t taking over the world, but here’s what you should worry about 2025-08-29 at 10:03 By Help Net Security In this Help Net Security video, Josh Meier, Senior Generative AI Author at Pluralsight, debunks the myth that AI could “escape” servers or act on its own. He explains how large language models actually work,
AI isn’t taking over the world, but here’s what you should worry about Read More »
Finding connection and resilience as a CISO 2025-08-29 at 10:03 By Mirko Zorz With sensitive information to protect and reputational risk always in the background, it isn’t easy for security leaders to have open conversations about what’s working and what isn’t. Yet strong peer networks and candid exchanges are critical for resilience, both organizationally and
Finding connection and resilience as a CISO Read More »
AI can’t deliver without trusted, well-governed information 2025-08-29 at 10:03 By Sinisa Markovic While enterprise IT leaders recognize the transformative potential of AI, a gap in information readiness is causing their organizations to struggle in securing, governing, and aligning AI initiatives across business, according to a survey conducted by the Ponemon Institute. Who is the
AI can’t deliver without trusted, well-governed information Read More »
Infosec products of the month: August 2025 2025-08-29 at 07:23 By Sinisa Markovic Here’s a look at the most interesting products from the past month, featuring releases from: Black Kite, Brivo, Cloudflare, Descope, Doppel, Druva, Elastic, ExtraHop, LastPass, Prove, Riverbed, Rubrik, StackHawk, and Trellix. StackHawk empowers security teams to expand their API testing coverage StackHawk
Infosec products of the month: August 2025 Read More »
Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations 2025-08-28 at 15:29 By Zeljka Zorz Cybercriminals have started “vibe hacking” with AI’s help, AI startup Anthropic has shared in a report released on Wednesday. An attacker used the agentic AI coding assistant Claude Code for nearly all steps of a data extortion operation
Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations Read More »
ScamAgent shows how AI could power the next wave of scam calls 2025-08-28 at 09:03 By Mirko Zorz Scam calls have long been a problem for consumers and enterprises, but a new study suggests they may soon get an upgrade. Instead of a human scammer on the other end of the line, future calls could
ScamAgent shows how AI could power the next wave of scam calls Read More »