Infosecurity News
Infosecurity Europe: How to Get Boards to Prioritize Cyber Risk Quantification
Cybersecurity leaders major companies discuss how they got support from the board on cyber risk
Anthropic Expands Mythos Access to 150 More Organizations
Anthropic widens Project Glasswing access to 150 more firms as patching becomes the bottleneck
Infosecurity Europe: Patch Responsibility Remains Up for Grabs as AI Unearths Decades of Flaws
The emergence of AI models capable to autonomously find and fix vulnerabilities at scale is having a significant impact on patching management, experts say
Infosecurity Europe: Execs Must Treat Cyber Threats as Statecraft, ISACA Expert Say
Private firms are being targeted by nation-state groups for reasons beyond finance, argued ISACA’s Bharat Thakrar
Infosecurity Europe: AI-Powered Cybercrime Tools Surge on Dark Web
Halcyon’s Cynthia Kaiser lifts the lid on the dark web market for AI cybercrime tools
Infosecurity Europe: NCSC Urges Immediate Action to Boost Resilience as Uncertainty Persists
NCSC director of operations, Paul Chichester, says it’s time to future-proof cybersecurity today
Infosecurity Europe: Cybersecurity Teams Which Don’t Leverage AI are "Doomed to Fail"
Humans still need to be part of cyber defense, but refusing to deploy AI is no longer optional against AI-enhanced cyber threats, warns Dataminr’s Joe Slowik
Infosecurity Europe: Bayer Reinvents Security Awareness Training to Counter AI Threats
Bayer’s security awareness training now focuses on psychological approaches rather than technical methods for detecting social engineering
Threat Actor Uses AI to Build EDR Evasion Tools
A threat actor used AI coding tools to build and test EDR evasion malware, Sophos finds
Infosecurity Europe: UK Firms Prioritize AI Threat Preparedness as Cyber Risks Evolve
UK organizations are prioritizing AI-driven cybersecurity as 43% cite AI-powered attacks as their top risk, prompting significant investment in advanced threat defense
Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets
Attackers backdoored 32 packages in Red Hat's official npm scope to steal cloud and CI secrets
Infosecurity Europe: Business Leaders Lack Understanding of Threat Intelligence, Study Warns
A new Silobreaker and SANS Institute paper examines the ‘Intelligence-Stakeholder Gap’ and what organizations must do to achieve business buy-in on threat intelligence
Critical Flowise Flaw Gives Attackers Full Server Control
Obsidian publishes PoC for a 1-click Flowise RCE that can fully compromise self-hosted servers
Infosecurity Europe: Tabletop Exercise to Test How CISOs Respond to Major Supermarket Cyber-Attack
Semperis is set to bring ‘Enter the War Room: A Tabletop Experience’ to Infosecurity Europe to help cybersecurity leaders prepare to face real incidents
Infosecurity Europe: AI SOCs Will Still Need SOC Analysts, Security Vendors Say
Top cybersecurity vendors said AI won't replace entry-level – only routine ticket-taking and triage
FSB Group Gamaredon Hides Worm in Windows Data Streams
FSB-linked Gamaredon concealed a fileless worm in NTFS data streams to spy on Ukraine targets
Attackers Abuse Shared Content for ChatGPT Phishing Campaign
Push Security says threat actors are delivering malware hosted on chatgpt.com/s/ domain
Palo Alto Warns High-Severity Bug Is Being Actively Exploited
A vulnerability in Palo Alto Networks’ PAN-OS software is being exploited in attacks
Infosecurity Europe: OWASP Forms New Agentic Research Council
OWASP’s new Agentic Research Council will aim to connect academic work to operational realities on agentic AI security
Silent Ransom Group Uses In-Person IT Impersonation to Breach Systems
Threat actors from the Silent Ransom Group, aka Luna Moth, are escalating attacks by impersonating IT staff in phone calls and even showing up in person to gain direct access to victim systems
