CSOonline

A newly disclosed malware strain dubbed “StoatWaffle” is giving fresh teeth to the notorious, developer-targeting “Contagious Interview” threat campaign. According to NTT Security findings, the malware marks an evolution from the long-running campaign’s user-triggered execution to a near-frictionless compromise embedded directly in developer workflows. Attackers are using blockchain-themed project repositories as decoys, embedding a malicious VS Code configuration file that triggers code execution when the folder is opened and trusted by the victim. “StoatWaffle is a modular malware implemented by Node.js and it has Stealer and RAT modules,” NTT researchers said in a blog post, adding that the campaign operator “WaterPlum” is “continuously developing new malware and updating existing ones.” This means tracking Contagious Interview activity may now require widening the scope of detection efforts to include weaponized dev environments, not just malicious packages and interview lures. Opening a folder is all it takes StoatWaffle abuses developer trust within Visual Studio Code environments. Instead of relying on users to execute suspicious scripts, like in earlier attacks, attackers are embedding malicious configurations inside legitimate-looking project repositories, often themed around blockchain development, a lure theme that has been consistent with Contagious Interview campaigns. The trick relies on a “.vscode/tasks.json” file configured with a “runOn: folderOpen” setting. Once a developer opens the project and grants trust, the payload executes automatically without any further clicks. The executed StoatWaffle malware operates a modular, Node.js-based framework that typically unfolds in stages. These stages include a loader, credential harvesting components, and then a remote access trojan (RAT) planted for persistence and pivoting access across systems. The RAT module maintains regular communication with an attacker-controlled C2 server, executing commands to terminate its own process, change the working directory, list files and directories, navigate to the application directory, retrieve directory details, upload a file, execute Node.js code, and run arbitrary shell commands, among others. StoatWaffle also exhibits custom behavior depending on the victim’s browser. “If the victim browser was Chromium family, it steals browser extension data besides stored credentials,” the researchers said. “If the victim browser was Firefox, it steals browser extension data besides stored credentials. It reads extensions.json and gets the list of browser extension names, then checks whether the designated keyword is included.” For victims running macOS, the malware also targets Keychain databases, they added. Contagious Interview, revisited StoatWaffle isn’t an isolated campaign. It’s the latest chapter in the Contagious Interview attacks, widely attributed to North Korea-linked threat actors tracked as WaterPlum. Historically, this campaign has targeted developers and job seekers through fake interview processes, luring them into running malicious code under the guise of technical assessments. Previously, the campaign weaponized npm packages and staged loaders like XORIndex and HexEval, often distributing dozens of malicious packages to infiltrate developer ecosystems at scale. Team 8, one of the group’s sub-clusters, previously relied on malware such as OtterCookie, shifting to StoatWaffle around December 2025, the researchers said. The disclosure also shared a set of IP-based indicators of compromise (IOCs), likely tied to C2 infrastructure observed during analysis, to support detection efforts. View the full article

Two AI releases early this year are prompting users to give up control and let autonomous agentic tools complete tasks on their behalf. IT leaders should be ready to deal with the consequences. Anthropic rolled out its agentic platform Claude Cowork in January for macOs and February for Windows, and use of agentic tool OpenClaw skyrocketed early this year after developer Peter Steinberger, now with OpenAI, launched the open-source project in late 2025. While most organizations are focused on deploying AI that augments human work, there’s been a huge spike in interest in autonomous agentic AI since late last year, says Neal Riley, innovation lead and former CIO at IT consultancy and digital transformation parent company The Adaptavist Group. Many organizations, even traditionally risk-adverse firms in the financial services and healthcare industries, have begun to experiment with autonomous AI as they look to reshape their workflows, he says. Even with concerns about unanticipated results and autonomous agents operating as shadow AI, early adopters of agentic AI see huge potential for the technology to be a force multiplier that, for example, empowers non-technical people to solve minor IT problems without involving the tech team. “Coming to 2026, we are starting to see people investing quite heavily in a lot of these processes that are more agentic and allowing this kind of control to happen in a very tight and regulated way, but allowing for these systems to take that level of autonomy,” Riley says. “We are seeing a huge uptick in this.” Autonomous bots for everyone OpenClaw and Claude Cowork are at the forefront of this coming revolution, enabling users to enlist AI to automate workflows on their computers. OpenClaw bots integrate with external large language model (LLM) AIs, such as Claude and OpenAI’s GPT models, and users access it through a chatbot running on a messaging service such as WhatsApp, Telegram, or Discord. Users give Claude Cowork access to their applications and files, then prompt the AI to complete tasks. Cowork can organize files, build spreadsheets, prepare reports, and analyze notes, by accessing files on the user’s computer, pulling in context from apps such as Slack, and browsing the Web for more information. Before Claude takes action, it shows the user the plan and waits for approval, according to Anthropic. Still, some users have given these autonomous agents a high level of control, and there are risks when they turn over their computers without hard limits. Meta AI security researcher Summer Yue in late February tweeted that OpenClaw tried to delete her email inbox after she asked the AI to clean it up. “Nothing humbles you like telling your OpenClaw ‘confirm before acting’ and watching it speedrun deleting your inbox,” she wrote. She acknowledged a rookie mistake. “Turns out alignment researchers aren’t immune to misalignment,” she wrote. “Got overconfident because this workflow had been working on my toy inbox for weeks. Real inboxes hit different.” One of the top replies to Yue’s tweet was a picture of someone handing a chimpanzee an assault rifle. Researchers have also found several security flaws in OpenClaw, including a vulnerability to prompt injection attacks. Big risk, big reward Herein lies the rub: AI experts see huge potential advantages with autonomous AI — with the possibility of creating huge workplace efficiencies — but the risks are substantial. Riley acknowledges both security concerns and the potential for agentic AI to take actions that users didn’t anticipate. While users haven’t yet seen autonomous AI able to complete work faster or cheaper than humans — tokens are expensive — the technology has the potential to remake the nature of work for the better, he says. “When you talk about the advantages, it’s definitely replacing the work that happens today, but almost that’s a byproduct,” he says. “What it actually enables you to do is coordinate in a different way than you did before with the passing of information back and forth across the team to get those things out faster, with better quality.” Autonomous AIs will allow organizations to redeploy their human workforces to new tasks, removing much of the drudgery work, advocates say. “Once you can start trusting a lot of these agentic systems to take the responsibility for things, often it’s not doing it faster or even better than what the human does,” Riley says. “What it does is it doesn’t require the human to be involved, which means they can work on other things.” Many companies are still early in the autonomous AI journey, says Upal Saha, CTO at AI data integration provider bem. One of the big challenges is getting the AIs to understand how the business operates, he says. “Inside most companies, the relationships between processes, data, and decisions aren’t documented cleanly,” he adds. “That knowledge lives across teams and individuals. Agents can be incredibly capable, but without that operational context they’re often guessing rather than executing.” Speed is a huge potential advantage of autonomous agents, but it’s also one of the downsides, Saha notes. “If they have the right context, they can compress hours of manual operational work into seconds,” he adds. “The downside is that the same speed can amplify mistakes. If an agent misunderstands a workflow or data structure, it can repeat that mistake at scale.” Despite the risks, the market is shifting quickly toward agentic AI, with large-scale adoptions coming in the next two years, says Russell Twilligear, head of AI R&D at AI-generated content provider BlogBuster. “We are witnessing a shift from systems that only generate text towards systems that can actually execute multi-step work,” he says. “The biggest advantage is that autonomous agents don’t just answer a simple prompt. They can move from intent to execution by gathering information, updating systems, etc.” However, there’s a danger if autonomous agents are implemented incorrectly, Twilligear adds. “The biggest disadvantage is that this is going to scale faster than we can control it,” he says. “That means security risks and misfires on every new integration.” Security and oversight are the major problems to overcome, he adds. “When an agent can access email, files, browsers, etc., you are opening a world of hurt,” Twilligear says. “The problem is how fast all of this is happening. Recent security reporting shows that a lot of companies don’t even have monitoring over their AI agents. To me, that is just wild.” Allow experimentation IT leaders deploying autonomous agents need to put robust controls in place, ensure that their data is clean and accessible, and their app permissions are correctly configured, The Adaptavist Group’s Riley says. Despite security and output concerns, Riley encourages IT leaders to allow employees to experiment with the emerging technology because of the impending adoption. Organizations that invest in AI training and allow employees to play with the technology tend to get better results from deployments, he notes. “With all of these tools that are available, people should be trying right now to just understand how they work,” he says. “These things are coming out so fast that the onboarding and the sort of enablement you would have gotten in IT software 10 years ago just simply isn’t there. Everyone’s approach to this is, just go play with it, and you’ll figure out how it works.” See also: What CISOs need to know about the OpenClaw security nightmare Your personal OpenClaw agent may also be taking orders from malicious websites Agentic AI: A CISO’s security nightmare in the making? Think agentic AI is hard to secure today? Just wait a few months Agentic AI in IT security: Where expectations meet reality View the full article

AI is the new space race for data centers, and consistency at speed is the rocket fuel that colocation and hyperscale providers need to reach orbit. Everything you already know about physical security still applies but it won’t matter unless you have the right plan and partnerships in place to scale without sacrificing quality. Growth that isn’t intentional quickly becomes chaotic. And in a market this competitive, chaos means falling behind. Only a flexible, scalable security strategy, one supported by optimized, end-to-end best practices, can position an AI-ready data center business for long-term success. The future of data centers is already here The next evolution of data centers isn’t coming — it has arrived. If cloud computing was the blockbuster of the past decade, AI is the global film festival running around the clock. Hyperscale construction continues to accelerate, and the market is projected to more than double in size over the coming years, driven largely by AI demand. Competing in this environment requires operating at an entirely new level. If you’ve successfully delivered cloud capacity, you have a foundation, but AI scale reduces tolerance for error to nearly zero. Only the most precise, disciplined operators will maintain an edge. Scaling isn’t simply a matter of increasing output. It requires a rigorous framework that elevates traditional data center expertise to address new physical security risks, emerging threat vectors and design implications unique to AI workloads. These range from hyperscale considerations to more sophisticated protections against nation-state actors and other high-consequence threats. AI compute power has global implications, and its physical protection must reflect that reality. Organic evolution is too slow for this moment. Businesses must not only accelerate — they must mature. Think beyond delivery Every company operates as an economy of projects. But at AI scale, projects must evolve into programs. Designing and delivering AI-capable data centers requires an integrated, fast-moving production model built on repeatable processes and structured knowledge transfer. Intelligent reuse of project elements, including toolsets, intellectual property, templates, design standards and best practices, becomes essential. Each project should establish precedent for the next. Rapid growth depends on compounding institutional knowledge and applying it with clarity and discipline. Customizable work packages, accessible knowledge repositories and proactive identification of repeatable workflows all contribute to smoother operations. Even bespoke solutions must be structured in a way that allows future replication. This extends into how teams use BIM and digital modeling technologies. Three-dimensional visualization and digital twin capabilities are now baseline expectations. What differentiates high performers is their ability to streamline BIM processes with reusable templates, data-driven design libraries, standardized modeling components and automation tools that reduce manual effort while improving precision. The goal is simple: build a delivery engine that runs like a well-oiled machine, one that is durable, scalable and aligned with both current and future standards of excellence. Evolve your notion of requirements AI-scale development affects every point of the project control compass: requirements, budget, resources and time. Of these, requirements demand the most attention. They often involve emerging technologies, novel design approaches and evolving regulatory conditions. Unlike traditional boilerplate standards, many new requirements emerge dynamically throughout the lifecycle of a project. Successful security programs treat requirements holistically. It’s not enough to understand what a requirement says; you must understand why it exists and how it affects the broader ecosystem of standards, operations and risk posture. There is also a critical distinction between foundational mandates, which include policies, regulatory frameworks and established standards, and evolving exceptions that gradually become new norms. At AI scale, exceptions are frequent. With multiple projects underway, agility means quickly assessing impact, updating documentation and deploying changes without disrupting timelines. AI introduces additional challenges. Larger facilities strain the capacity of existing systems. Clients demand higher levels of identity and access assurance. Threat vectors now include airborne risks such as drones and vulnerabilities associated with data-bearing devices. Meanwhile, innovation in cooling technologies, sustainability practices and energy-efficient architecture introduces new physical security implications that must be addressed in parallel. Where past programs may have relied on an 80/20 ratio of repeatable versus novel work, AI scale pushes that closer to 95/5. Success depends on executing the repeatable 95 percent with seamless accuracy while maintaining the flexibility and ingenuity to manage the 5 percent that is truly new. Mature agility means shrinking the denominator — maximizing scenarios where standards can be universally applied and minimizing workarounds. High-risk, bespoke elements should be structured in ways that eventually become repeatable. Supercharge your success factors In a rapidly evolving market, change is constant. Each new requirement is an opportunity to elevate performance, not just for a single organization but for the industry as a whole. When designing for AI capacity, the margin for compromise is razor-thin. Excellence requires both breadth and depth of expertise. Teams must combine comprehensive technical knowledge with fluency in a client’s specific operational model. The strongest partnerships balance general subject-matter mastery with the ability to adapt seamlessly to unique organizational needs. Two capabilities consistently distinguish market leaders: the automation of design, modeling and quality assurance processes, and an almost intuitive attention to the fine details that determine project success. Automation drives efficiency and scalability; disciplined detail orientation preserves quality. Consistency, paired with continuous optimization, becomes the engine of momentum. Engage partners AI-scale development demands more than transactional relationships. A supplier delivers a scope of work; a partner invests in long-term success. The right security partner engages early at the strategic level, integrating into roadmap discussions rather than reacting to late-stage requirements. They operate with structured methodology and disciplined communication, capable of integrating with in-house teams when necessary, while functioning autonomously when appropriate. Strong partners extend the reach of internal subject matter experts, collaborating closely to test solutions, validate concepts and refine designs. They assume ownership of the program as if it were their own, representing the organization’s interests consistently across projects and stakeholders. In complex builds involving multiple consultants and integrators, effective partners also understand how to collaborate without friction. They bring clarity, coordination and stability to environments where misalignment can otherwise derail progress. Ultimately, the value of a physical security consultant correlates directly with their ability to operate as a sophisticated business in their own right—offering thought leadership, strategic vision and a proven, repeatable method for delivering against unique requirements. The right partnership doesn’t just support growth. It enables it. Build the future The race for AI-driven capacity is accelerating rapidly. Physical security must scale with equal precision and foresight. By adopting a programmatic mindset, investing in repeatable systems and cultivating strategic partnerships, organizations can build data centers that are effective, efficient, resilient and future-ready. AI represents an inflection point. Those who mature quickly — while maintaining discipline and consistency — will define the next era of data center excellence. This article is published as part of the Foundry Expert Contributor Network. Want to join? View the full article

The nightmare begins with our protagonist trying to find a way inside to get to the firm’s files, but every door is bolted shut. Then they spot a back entrance and they’re in, first walking, then running down one corridor, then another, and another, feeling that they’re getting ever closer to that file and a payday they’ve dreamt about for years. But something doesn’t feel right. The corridors, it seems, just lead to more corridors. For the first time, our protagonist feels like they’re being watched. And so, they flee. It’s a nightmare that plays out every couple of minutes in companies around the world: a cybercriminal pings what they think is a company’s exposed server, only to discover that the seemingly sensitive information it’s sending back is anything but. That’s because what they’ve actually encountered is a honeypot server, a digital cage used by organizations to lure threat actors and capture their movements as they try to break into the company. In theory, this is much safer than letting them break in while learning something from the damage they leave behind. In practice, however, the effectiveness of honeypots has historically depended on how much effort its programmers put into making the environment seem realistic to the attacker – which, considering such servers can cost tens of thousands of dollars per month to maintain, isn’t usually much. But the recent pairing of large language models (LLMs) with honeypots allows these servers to generate convincing environments at a fraction of the cost, supercharging the acquisition of threat intelligence for both individual organizations and the cybersecurity community at large. How honeypots have been used Honeypots themselves have been around since 1986, when the astronomer-turned-computer systems manager Dr Cliff Stoll ensnared a KGB spy attempting to steal US military secrets via an ARPANET connection. Stoll’s innovation would eventually inspire classic honeypot servers. “Researchers love them [as] they’re one of the best ways to collect real-world attacker TTPs and discover new malware campaigns,” says cybersecurity researcher and founder of Beelzebub Mario Candela. SOC teams, meanwhile, tended to see them as “nice to have,” given how difficult and expensive honeypots were to deploy and maintain – premium versions absorbed thousands of dollars and engineering hours per month – and how quickly the more sophisticated, dangerous threat would identify them. The emergence of LLMs in the late 2010s, however, would lead to the first experiments by academic researchers in combining AI in honeypots. Dr M. Abdullah Canbaz remembers this period well. An assistant professor in information sciences and technology at the University at Albany, SUNY, the idea of bolting an LLM onto a honeypot came from one of his students. The pair built their own LLM, training it to parse traffic data and handle a huge variety of Linux commands. This, explains Canbaz, allowed it to grapple with even the most sophisticated hacker. The resulting paper was published in 2024, at the peak of an efflorescence of academic interest in AI-powered honeypots. “I’ve got so many calls since then,” says Canbaz, often from people who “want to take our paper and… turn it into a startup business.” Many have. Far from being an academic exercise, AI-powered honeypots are now being built by organizations large and small. On the smaller end is Beelzebub a low-code, open-source AI-powered honeypot that has acquired a reputation for devilish effectiveness. “The key architectural leap was integrating LLMs directly into the deception layer,” says Candela. “Instead of static, rules-based honeypots, we built high-interaction, LLM-driven deception environments that can dynamically respond to attackers, keeping them engaged for longer and capturing richer intelligence.” Sophisticated attackers will probably cotton on eventually, but the benefit for cybersecurity teams make it worth trying. They “may eventually notice subtle inconsistencies: perhaps a response latency pattern that differs from a real system, or a file system that’s too ‘clean,’ or a system that fails to exhibit certain expected side effects of a real compromise,” says Candela. But “by the time an attacker starts to suspect they’re in a deception environment, we’ve already captured their tooling, TTPs, and intent.” Why CISOs should consider honeypots Another player in the AI honeypot space is Deutsche Telekom (DT). The firm is both a user and purveyor of AI-powered honeypots through its free, open-source platform ‘T-Pot.’ The most obvious advantage to their use, explains Marco Ochse, DT’s lead for threat analytics and mitigation, lies in how little these traps cost to set up and run compared to their antecedents. “In practical terms, AI changes the economics of deception,” says Ochse. “It allows [the organization] to scale believable interaction without [the usual] cost and complexity.” That doesn’t come at the expense of complexity, adds DT’s chief security officer, Thomas Tschersich. As far as the engineer behind the honeypot is concerned, the difference between the classical and the AI-powered variety is similar to filming a movie scene using complex wooden sets constructed on a back lot or CGI: both are facades, but the latter is much less expensive while remaining nigh-on indistinguishable from a fake city street painstakingly constructed out of plywood. Even better, the AI-powered honeypot can adapt to the requests of the hacker in real time, making it more likely they’ll stay in the trap for longer periods without realizing they’re in one in the first place. In the end, says Tschersich, you can raise the authenticity of interactions with threat actors without this being associated with high investments. That’s become more important amid a spike in attacks on organizations that begin with threat actors having already obtained valid credentials to access systems. In these scenarios, says Candela, defenders “are blind once an attacker is inside” the network. By keeping threat actors occupied at traditional attack points for longer and deploying AI-powered honeypots in less traditional locations, such as APIs and within AI agents, says Candela, organizations can steal a march on their opponents. What, then, are we all learning from the deployment of this larger, AI-powered net? The big development, explains Candela, is the use of AI by the cybercriminals themselves. It is “democratizing attacks” with threat actors now using coding assistants to not only rapidly generate and deploy exploit code at scale but also use AI to probe vulnerabilities in target systems automatically. “Open-source AI red-team tools mean autonomous agents can now scan, exploit and adapt without human input,” says Candela. There are risks to this paradigm. LLM outputs are, after all, essentially the product of very high-level pattern recognition. Cede cybersecurity to this kind of AI, says Canbaz, and you risk leaving the attack surface wide open to exploitation by cybercriminals mounting unorthodox and, therefore, unexpected campaigns. In this future, he continues, “there’s no clear definition of an attacker.” How attackers may counter the honeypot trap Candela shares these concerns, envisioning the emergence of ‘deception detection-as-a-service’ providers meeting demand from cybercriminal organizations to root out AI-powered honeypots in companies ahead of breach attempts. Additionally, “sophisticated actors might try to poison honeypot data or manipulate the deception layer,” says Candela, a key reason why Beelzebub’s own deception environment is isolated. The speed of cyberattacks may also increase as hackers, unaware if they’re interacting with a honeypot or not, aim to conduct their nefarious business as quickly and efficiently as possible just in case they’re being watched. “This actually makes deception more valuable, not less,” says Candela, “because speed-focused attackers are more likely to interact with well-placed honeypots during rapid lateral movement.” Time, then, to say goodbye to the classic honeypot? Not necessarily, argues Tschersich. “Static honeypot deployments such as low-, medium- or high-interaction sensors will not be replaced but complemented by AI-powered honeypots in response to a highly automated and AI-driven threat landscape,” he says. Even so the cybersecurity landscape is changing rapidly, with responsibility for attack and defense increasingly shouldered by machines. The AI-powered honeypot, perhaps, is a bridge to that future – for good and ill. View the full article

Mit einer ISO 27001-Zertifizierung weisen Unternehmen nach, dass sie ein wirksames Informationssicherheits-Managementsystems (ISMS) betreiben. Lesen Sie, weshalb der Zertifizierungsprozess häufig schief geht. Foto: mentalmind – shutterstock.com ISO-Zertifizierungen, aber auch die Einführung eines Informationssicherheits-Managementsystems (ISMS) nach IT-Grundschutz, werden von vielen Unternehmen als Beweis für ihre Qualität und ihren professionellen Ansatz bei der Durchführung ihrer Geschäftstätigkeit angesehen. Obwohl das ein wichtiger Grundstein für jedes Unternehmen ist, läuft in einigen Fällen nicht immer alles wie geplant. Im Folgenden werden die häufigsten Fallstricke bei der ISO-/ISMS-Einführung und deren Zertifizierung sowie Lösungsansätze aufgeführt. 1. Fehlende Verbindlichkeit der Geschäftsleitung Allen voran geht die Geschäftsleitung. Egal, ob als Einzelperson oder zu mehreren. Einer der maßgeblichen Faktoren, der dazu führt, dass ISO-/ISMS-Einführungen in Unternehmen nicht funktionieren, ist das fehlende Commitment der Geschäftsführer. Diese muss die Bedeutung der ISO-/ISMS-Einführungen verstehen und sich aktiv für ihre Umsetzung und Aufrechterhaltung einsetzen. Ohne das Engagement der Geschäftsleitung ist es oft schwierig, alle Mitarbeiter für den Prozess zu gewinnen und sicherzustellen, dass die ISO-Standards oder auch die Standards nach IT-Grundschutz in den täglichen Geschäftsablauf integriert werden. Deshalb sollten Unternehmen auf jeden Fall klarstellen, wie wichtig das Thema ist – auch, wenn die Umsetzung mit hohem Aufwand und Unannehmlichkeiten verbunden sein kann. “Aufräumen” ist nicht immer schön. Das Ergebnis dafür aber umso lohnender. Wenn die Geschäftsleitung die ISO-/ISMS-Einführungen unterstützt und fördert, kann dies zu einem erfolgreichen Abschluss und einem besseren Unternehmensimage führen. 2. Dran vorbei statt mittendrin Einer der häufigsten Gründe, warum ISO-/ISMS-Einführungen in Unternehmen nicht funktionieren, ist, dass sie nicht tatsächlich in den täglichen Geschäftsablauf integriert werden. Viele betrachten die ISO-/ISMS-Einführungen als eine einmalige Aktivität, die einmal durchgeführt wurde, um das Zertifikat zu erhalten. Dabei achten sie jedoch nicht darauf, die geschaffenen Abläufe in ihre täglichen Geschäftspraktiken zu integrieren. Ohne eine tatsächliche Einbindung in den täglichen Geschäftsablauf wird das Zertifikat nutzlos und die Vorteile, die es bietet, werden nicht realisiert. Im schlimmsten Fall zahlen Organisationen sogar drauf, lassen dabei jedoch in jedem Fall wertvolles Entwicklungspotential liegen. Bei der Integration gilt es zu beachten, dass man sich nicht zu sehr in Details verliert. Die (arbeits-)lebensnahe Umsetzung des Managementsystems ist maßgeblich für dessen Erfolg. Anstatt komplizierte Prosa zu schreiben, tut es vielleicht auch eine Grafik. Frei nach dem Motto “Ein Bild sagt mehr als tausend Worte!”. Sind Abläufe leicht und intuitiv zu erfassen und klar umzusetzen, werden sie auch gelebt. Hier kann es auch hilfreich sein, Prozesse zu automatisieren. Auch der Blick von außen durch einen erfahrenen Berater kann von Vorteil sein. Lesetipp: Wie Sie sich auf ein SOC-2-Audit vorbereiten 3. Mitarbeiter nicht umfassend beteiligen Ein weiteres Problem, das bei ISO-/ISMS-Einführungen häufig vorkommt, ist die fehlende Beteiligung aller Mitarbeiter. Wenn nur ein kleiner Teil des Unternehmens für die Umsetzung der ISO-/ISMS-Einführungen verantwortlich ist, kann es zu einer Desynchronisation zwischen den Abteilungen kommen, die nicht Teil des Prozesses sind. Dies führt dazu, dass bestimmte Abteilungen nicht an den vorgesehenen Verfahren teilnehmen und dass die ISO-/ISMS-Einführungen letztendlich nicht funktioniert. Die Lösung hierzu? Erfahren Sie im nächsten Punkt. 4. Mitarbeiteridentifikation nicht fördern Ein weiterer Faktor, der die Funktionalität von ISO-/ISMS-Einführungen in Unternehmen erschwert, ist die fehlende Identifikation der Mitarbeitenden mit der Einführung und dem daraus resultierenden Managementsystem. Die Mitarbeiter müssen verstehen, warum die Einführung wichtig ist, wie sie in ihre täglichen Arbeitsabläufe integriert werden soll und wie das ihnen die Arbeit erleichtert. Ist das nicht der Fall, wird es schwierig , die Einführung umzusetzen und eine daraus etwaig resultierende Zertifizierung aufrechtzuerhalten. Eine Lösung dafür bilden zum Beispiel Schulungen und Weiterbildungsprogramme. Diese tragen dazu bei, dass die Mitarbeitenden frühzeitig in den Zertifizierungsprozess einbezogen werden. Dadurch wird sichergestellt, dass alle Mitarbeitenden die Bedeutung der Zertifizierung verstehen und wie diese in ihre täglichen Arbeitsabläufe integriert werden kann. Die Schulung und Einbindung der Mitarbeitenden stellt zudem sicher, dass das Managementsystem effektiv umgesetzt wird. Die Angestellten tragen dadurch aktiv zu dessen Verbesserung bei. 5. Vernachlässigen von Kompetenzbildung Schulungen für Mitarbeitende im Kontext der ISO-/ISMS-Einführungen sind in vielerlei Hinsicht wichtig. Fehlende Kompetenz bei den Verantwortlichen trägt oftmals dazu bei, dass Zertifizierungsvorhaben spätestens im Audit scheitern. Schulungen und das Bilden von Bewusstsein aller Mitarbeitenden für die Bedeutung der ISO-/ISMS-Einführungen und ihre Rolle bei der Umsetzung sind deshalb essentiell. Ein gut ausgebildetes Team findet gute und effiziente Lösungen für den Aufbau und die Umsetzung eines Managementsystems. So kann Bürokratisierung vermieden werden. Damit ist Kompetenzbildung von Anfang an ein entscheidender Faktor für den Erfolg einer ISO-/ISMS-Einführungen. 6. Umsetzen ohne Plan Ein weiteres Hindernis bei der Implementierung von ISO-/ISMS-Einführungen, ist das Fehlen eines klaren Plans zum Vorgehen. Viele Organisationen beginnen den Prozess ohne, dass sie eine genaue Vorstellung davon haben, was für eine erfolgreiche Einführung oder eine Zertifizierung benötigt wird. Dadurch verschwenden sie Zeit und Ressourcen. Ohne einen genauen Plan konzentrieren sich Firmen auf Bereiche, die nicht relevant sind oder die Anforderungen der ISO-/IT-Grundschutz Standards nicht erfüllen. Dauert die Umsetzung für den Aufbau eines Managementsystems zu lange, kann es außerdem dazu kommen, dass die reguläre Unternehmensentwicklung den Prozess selbst überflügelt und Arbeit mehrfach anfällt, um Änderungen zu folgen. Eine mögliche Lösung besteht darin, einen klaren Plan zu erstellen, der die Schritte zur Implementierung der Standards festlegt. Dieser Plan sollte die spezifischen Anforderungen der gewählten Standards, die benötigte Zeit und die Ressourcen für die Einführung/Zertifizierung, sowie die Verantwortlichkeiten und Aufgaben der beteiligten Mitarbeiter und Abteilungen berücksichtigen. Durch eine klare Definition einer Deadline für den primären Aufbau des Managementsystems können Unternehmen sicherstellen, dass sie sich auf die wichtigsten Bereiche konzentrieren. Somit sind sie in der Lage, Zeit und Ressourcen effektiver zu nutzen. Eine vorgelagerte Soll-Ist-Stand- oder GAP-Analyse ist dabei ein erprobtes Mittel, um Klarheit zu schaffen und die Basis für eine konkrete Planung zu erhalten. 7. Das passt schon so oder währt ehrlich doch länger? Wenn Unternehmen sich selbst belügen, funktioniert die ISO-/ISMS-Einführungen ebenfalls nicht. Oftmals werden Schwachstellen- und Risikoanalysen nicht objektiv betrachtet oder eigentlich relevante Themen schlicht nicht erfasst. So nach dem Motto: “Was der Auditor nicht weiß, macht ihn nicht heiß.” Dies führt dazu, dass Unternehmen ihre Risiken nur unzulänglich behandeln oder erst gar nicht wahrnehmen und somit die Wirksamkeit des Managementsystems beeinträchtigen. Der Aufschrei, wenn ein Risiko nach einer zuvor positiven Bewertung eintritt und immense Kosten zu dessen Behebung anfallen, ist im Nachhinein oft groß. Eine unehrliche Betrachtung sorgt dafür, dass die Implementierung der gewählten Standards oberflächlich und unvollständig erfolgt, was die Einführung und gegebenenfalls auch die Zertifizierung letztendlich sinnlos macht. Eine Lösung hierfür besteht darin, dass Unternehmen schonungslos ehrlich zu sich selbst sind und sich gegebenenfalls auch Hilfe zur Selbsthilfe holen. Ein unvoreingenommener und erfahrener Berater kann helfen, Risiken richtig einzuschätzen. Außerdem ist er in der Lage, potentielle Szenarien aufzeigen, die aufgrund von Betriebsblindheit sonst nicht gesehen werden. So kann das Unternehmen eine ehrliche Risikoanalyse durchführen und Schwachstellen im Unternehmen identifizieren, um eine effektive Implementierung der gewählten Standards zu gewährleisten. 8. Die Einführung/Zertifizierung als abgeschlossenen Prozess betrachten Ein weiteres häufiges Problem bei ISO-/ISMS-Einführungen ist das Fehlen eines kontinuierlichen Überwachungs- und Verbesserungsprozesses. Viele Unternehmen sehen die ISO-/ISMS-Einführungen als einen abgeschlossenen Prozess. Werden jedoch keine kontinuierlichen Bemühungen unternommen, um die Umsetzung der gewählten Standards aufrechtzuerhalten und zu verbessern, droht das Unternehmen schnell hinter den neuesten Trends und Anforderungen zurückzufallen. Im schlimmsten Fall kann es sogar passieren, dass das Unternehmen seine Zertifizierung verliert. Im Anschluß ist es entsprechend schwer, diese erneut zu erlangen. Um diese Probleme zu vermeiden, müssen Unternehmen die ISO-/ISMS-Einführungen als einen kontinuierlichen Prozess ansehen, der ständig überwacht und verbessert wird. Alle Mitarbeiter sollten in den Prozess einbezogen werden, um eine reibungslose Umsetzung und eine tatsächliche Integration in den täglichen Geschäftsablauf zu gewährleisten. Zudem ist es wichtig, dass regelmäßig Überprüfungen und Audits durchgeführt werden. Dadurch sorgen Organisationen dafür, dass sie immer den neuesten Standards entsprechen. 9. Einsatz von Billiglösungen Eine ISO-/ISMS-Einführung und Zertifizierung ist nichts für Unternehmen, die auf Billiglösungen aus sind. Viele Unternehmen versuchen, Kosten zu sparen, indem sie sich für günstigere Lösungen entscheiden oder versuchen, die Standards auf eigene Faust und ohne angemessene Ressourcen zu implementieren. Dies führt regelmäßig dazu, dass Unternehmen wichtige Bereiche übersehen oder mangelhafte Lösungen implementieren, die die Standards nicht vollständig erfüllen oder nur Mehrarbeit schaffen, ohne die eigentlich möglichen Vorteile eines Managementsystems zu erschließen. Es ist wichtig zu verstehen, dass die Implementierung von ISO/IT-Grundschutz-Standards ein wichtiger und langfristiger Prozess ist. Dieser erfordert eine angemessene Investition, um sicherzustellen, dass alle Anforderungen erfüllt werden und das Managementsystem effizient umgesetzt wird. Was bringt es, am Anfang zu sparen und dann auf Dauer mehr Kosten zu haben, um die Fehler in der Basis auszugleichen? Lösen lässt sich dieses Dilemma durch eine klare und ausführliche Bestandsaufnahme in Kombination mit einem Soll-Abgleich. Auf Basis eines klaren Bildes, was zu tun ist, lässt sich ein angemessenes Budget für die Implementierung der gewählten Standards bereitstellen und auf qualitativ hochwertige Lösungen setzen, die den Anforderungen entsprechen. So kommen auch langfristige Vorteile von Managementsystemen zum Tragen, wie eine verbesserte Effizienz, Qualität und Kundenzufriedenheit, was letztendlich zu höheren Umsätzen und Gewinnen führen kann. Ein angemessener Mehraufwand schon bei Implementierung des Systems rechnet sich also langfristig gesehen. (jm) Lesetipp: Gut zertifiziert ist halb gewonnen View the full article

As CISOs worry about AI agent sprawl, Palo Alto Networks has announced an update to its Prisma AIRS security platform and enterprise browser to include the ability to discover AI agents, models, and connections across the entire IT environment, to scan agents for vulnerabilities, and to allow admins to simulate red team tests for agents. Assuming the completion of Palo Alto Networks’ planned acquisition of Koi Security, it said, Prisma AIRS 3.0 will soon also offer an AI Agent Gateway providing a central control plane to enforce agent runtime and identity security. According to Gartner, 40% of enterprise applications will be integrated with task-specific AI agents by the end of this year, up from less than 5% today. As organizations accelerate their digital transformation, agentic AI in enterprise applications will move beyond individual productivity, Gartner says, setting new standards for teamwork and workflow through smarter human-agent interactions. To meet that challenge, Prisma AIRS is adding new ways to use AI to detect AI application security issues. In a prerelease briefing for reporters, Nikesh Arora, CEO of Palo Alto Networks, predicted, “in next five years, our customers are going to go through the most significant overhaul of their enterprise networks they’ve ever seen” because of AI. “Every CIO wants AI implemented yesterday,” he said. “Every company wants to see how they can leverage AI as quickly as possible,” wants to understand if the shift to AI is real, and if so, how CIOs need to prepare. “Can we use AI to deliver better cybersecurity outcomes? Yes, we can,” he said. But it won’t happen overnight. In fact, he said, the pace at which large language models (LLMs) are moving is significantly expanding the attack surface. Recently, he said, there have been news reports that AI agents created by firms caused hacks within their own companies. He didn’t cite specific examples, but last week Meta said there had been a severe internal security breach after an autonomous AI agent exposed sensitive company and user data to unauthorized employees for two hours. In the future, if agents in the enterprise are more than a fad, Arora said, “there will be millions of agents traversing enterprise architectures, trying to execute on their behalf — both agents delegated by people like you and me, and autonomously. I can’t imagine meeting a CEO in the last three months who does not have some aspiration to start having agents effectively doing tasks within the enterprise. It’s slow going, but the intention is there. And I can see many system integrators and consultants out there advocating and helping customers with that migration.” But, he added, there are risks. To meet them, Prisma AIRS 3.0 will allow admins to safely deploy AI applications, he said. To increase visibility, the platform will identify agents running in cloud environments, on SaaS platforms and locally on endpoints. A capability called Agent Artifact Security maps out an agent’s architecture and scans for vulnerabilities, and another capability called AI Red Teaming for Agents simulates context-aware agentic attacks, discovers AI-related vulnerabilities, and recommends runtime security policies. Prisma Browser To also improve AI security, Palo Alto Networks released a new version of Prisma Browser for enterprise end users, with expanded capabilities allowing employees to use any LLM they choose. The new version of the browser is able to discover user-generated AI activity and enforce content-aware boundaries to keep agents within their intended scope. The browser also prevents sensitive data from leaking to unmanaged or public AI tools during automated tasks, identifies and blocks prompt injection attacks, including malicious instructions designed to hijack AI agents hidden within websites. Palo Alto Networks said the browser also provides real-time distinction between human actions and automated AI tasks. By assessing the intentions of both human and non-human identities, Prisma Browser enables total accountability and compliance with evolving global AI regulations Next Generation Trust Security Separately, Palo Alto Networks also announced a new digital certificate lifecycle management platform, following the closing last month of its acquisition of CyberArk. By integrating CyberArk’s machine identity intelligence into the network, NGTS closes the gap between the teams managing certificates and the teams responsible for uptime, Palo Alto Networks said in a press release. The company said that Next Generation Trust Security (NGTS) will help organizations deal with the fact that the maximum lifespan of digital certificates has just been cut to 200 days from 398 days, and by 2029 will fall to just 47 days. Until now, many companies have been keeping track of certificates through spreadsheets, says Palo Alto Networks; NGTS discovers and manages the lifecycle of certificates across the network for them. The company said that NGTS also eliminates unapproved certificates and blind spots that lead to security gaps, protects the business from certificate-related outages and trust failures by automatically identifying and refreshing credentials before they expire and disrupt customer transactions or internal services, and accelerates the transition to a post-quantum future by handling faster renewal cycles and evolving encryption standards through automation. Palo Alto Networks has not announced pricing for NGTS. View the full article

Mandiant’s M-Trends 2026 report, released today at the RSA Conference, shows that attackers are moving faster, operating more collaboratively, and increasingly focusing on the systems organizations rely on to recover from breaches. The report, based on more than 500,000 hours of incident response engagements in 2025, finds that attackers are compressing key phases of the attack lifecycle, even as median dwell time increased to 14 days, up from 11 days the previous year. In addition, it reveals a change in tactics. Voice phishing accounted for 11% of initial infection vectors, making it the second most common entry point after exploits, which led at 32%. Email phishing declined to 6%, down from 14% the year before, reflecting a move toward more interactive social engineering. Together, the trends point to a shift in both how quickly attacks unfold and what attackers are trying to achieve once inside. It also highlights a growing imbalance between speed and persistence. While some attack phases now unfold in seconds, others are becoming more prolonged. Incidents identified through external notification had a median dwell time of 25 days, compared with nine days for those detected internally, pointing to improved internal detection but continued gaps in visibility, particularly in complex environments. At the same time, attackers are refining their objectives. Ransomware-related intrusions accounted for 13% of investigations, while extortion activity appeared in 23% of cases. Data theft was observed in 40% of incidents, up slightly from 37% the previous year. As Jurgen Kutscher, vice president at Mandiant Consulting, Google Cloud, writes in a blog post accompanying the report, financially motivated groups are “optimized for immediate impact and deliberate recovery denial,” while other threat actors such as nation-states focus on long-term persistence. Attack timelines compress as threat actors specialize One of the most consequential developments is the rise of hand-off operations, in which one threat actor gains initial access and rapidly transfers it to another, often a ransomware group. A major driver of this shift is what Mandiant describes as “increased specialization and collaboration within the cybercrime ecosystem.” The speed of that transition has changed dramatically. “In 2022, the median time between an initial access event and the hand-off to a secondary threat group was more than 8 hours. In 2025, that window collapsed to just 22 seconds,” Kutscher writes. Prior compromise, in which access is inherited from another threat actor, accounted for roughly 10%–13% of initial infection vectors globally and as much as 30% in ransomware operations. For defenders, alerts that once seemed low priority can now escalate into full-scale incidents almost immediately. Social engineering becomes more interactive While exploits remain the leading initial infection vector at 32%, the report underscores a shift toward more adaptive social engineering. Voice phishing has risen sharply, while email phishing continues to decline, signaling a move away from high-volume campaigns toward real-time interaction. Mandiant’s data shows that email phishing dropped to just 6% of intrusions in 2025. In its place, adversaries have pivoted to highly interactive, voice-based social engineering. Attackers are also using messaging platforms and social media to engage targets directly, often bypassing technical controls by manipulating help desk processes or identity verification workflows. The report highlights how attackers are exploiting SaaS environments, harvesting tokens and credentials to move laterally across organizations and their partners. AI accelerates early-stage attacks, not outcomes Artificial intelligence is contributing to these changes, but not as a primary driver of successful breaches. The report indicates that attackers are using large language models to improve phishing, reconnaissance, and evasion, increasing the efficiency of early-stage operations. At the same time, the underlying causes of successful intrusions remain unchanged. “The vast majority of successful intrusions still stem from fundamental human and systemic failures,” Kutscher writes. AI is accelerating existing attack methods rather than replacing them, reinforcing the need for CISOs to address persistent gaps in patching, identity security, and visibility. Ransomware shifts toward recovery denial Ransomware tactics are evolving. While encryption and data theft remain central, attackers are increasingly focused on undermining an organization’s ability to recover. In 2025, Mandiant observed a systemic shift in which ransomware operators actively targeted backup infrastructure, identity services, and virtualization management planes. This shift toward recovery denial changes the dynamics of extortion. By compromising or destroying recovery capabilities, attackers increase the likelihood that victims will pay, even when backups exist. “Modern ransomware is now a fundamental resilience problem, forcing organizations into a choice: pay or rebuild,” Kutscher writes. Dwell time increases as persistence improves The increase in median dwell time reflects a broader trend toward persistence, particularly in espionage operations and activity linked to North Korean IT worker schemes. In those cases, median dwell time reached 122 days, illustrating how some attackers are optimizing for long-term access rather than immediate impact. Attackers are also exploiting gaps in monitoring infrastructure. The report notes that some threats achieve dwell times of nearly 400 days, highlighting persistent visibility challenges tied to limited log retention and monitoring of edge devices. Detection improves, but gaps remain Mandiant’s research indicates that 52% of organizations detected intrusions internally in 2025, up from 43% the previous year. External notifications accounted for 34% of detections, while the attacker first disclosed 14% of incidents. Although internal detection is improving, reliance on external parties and adversary disclosure highlights ongoing visibility gaps, particularly in hybrid and cloud environments. What CISOs should prioritize Mandiant’s recommendations reflect a shift away from static defenses toward faster, more adaptive response models. One key recommendation is that security teams need to rethink alert triage. With hand-off times now measured in seconds, low-level detections can no longer be treated as routine noise. What appears to be an isolated alert may signal the start of a secondary intrusion, requiring immediate action before attackers move to hands-on-keyboard activity. Organizations also need to treat core infrastructure—identity systems, backup environments, and virtualization platforms—as critical control planes. These are now primary targets for attackers seeking to undermine recovery and must be isolated, tightly controlled, and protected as Tier-0 assets. Identity is becoming a central battleground. As interactive social engineering bypasses traditional MFA, organizations need continuous identity verification, stricter privilege controls, and tighter governance over SaaS integrations. Detection strategies must also evolve as attackers rely more on legitimate tools and in-memory malware. Static indicators are less effective, requiring a shift to behavioral detection that flags anomalies such as unusual access patterns, suspicious API activity, or misuse of authentication tokens. Finally, visibility gaps remain a persistent problem. Extending log retention and centralizing telemetry across network, cloud, and virtualization environments are critical to detecting long-running intrusions and understanding their full scope. View the full article

A new infostealer is bypassing Chrome’s Application-Bound Encryption (ABE), using a debugger-based technique researchers say hasn’t been seen in the wild before. Called “VoidStealer,” the stealer seems to have found a way around ABE, introduced in Chrome 127 in 2024, a security control aimed at locking sensitive browser data like passwords and cookies behind tighter encryptions, tying decryption to a privileged system service. While ABE bypasses have existed before, through techniques that involved code injection into Chrome, abusing COM/elevation service, and remote debugging, almost all of them required admin privileges. Vojtěch Krejsa, the threat researcher at Gen who first flagged the stealer, calls VoidStealer’s bypass non-noisy. “The bypass requires neither privilege escalation nor code injection, making it a stealthier approach compared to alternative ABE bypass methods,” he said in a blog post. Chasing the master key An ABE bypass revolves around a critical piece of material, the “v20_master-key.” This key is what ultimately unlocks stored browser secrets, including cookies, passwords, and tokens, once the browser has verified the request. In theory, ABE keeps this key tightly guarded, ensuring it’s never exposed in a way that malware can easily access it. However, in practice, that key still has to exist in plaintext at runtime, if only briefly, for Chrome to do its job. Earlier bypass techniques found ways to go after decryption, some relying on process injection that involved slipping malicious code into Chrome to invoke a legitimate decryption routine. Others used memory dumping or remote debugging, scanning large chunks of process memory to locate decrypted data. More advanced approaches abused Chrome’s elevation service or COM interfaces to trick the browser into handing over decrypted material. VoidStealer takes a more surgical route, Krejsa explained. Instead of forcing Chrome to decrypt data or scraping memory broadly, it attaches as a debugger and waits. By placing hardware breakpoints on a precise instruction tied to Chrome’s decryption flow, it intercepts the exact moment the v20_master_key appears in plaintext in memory. It then reads the key using standard debugging APIs. VoidStealer uses hardware breakpoints because they don’t modify code, Krejsa explained. Unlike software breakpoints, which can be detected, hardware ones rely on CPU registers, leaving memory untouched and without altering Chrome’s natural execution. Malware with many tricks VoidStealer is part of a broader shift in how infostealers are evolving post-ABE. The malware already supports multiple bypass techniques, falling back to older injection-based methods if needed, but clearly prioritizing stealth where possible. Krejsa also warned of its development pace. Since first appearing in December 2025, the malware has evolved quickly through versions, suggesting active maintenance and likely customer demand in underground markets. The malware, which runs a MaaS model, has undergone a total of 12 iterations so far, with the latest version “v2.1” rolled out on Mar 18, 2026. Because VoidStealer avoids injection and privilege escalation, traditional indicators could fall short, Krejsa noted. He said defenders must focus on behavioral signals, including unexpected debugger attachments to browser processes, unusual use of memory-reading APIs, and anomalous Chrome process spawning patterns. As a primary indicator of compromise (IoC), the researcher shared a sample linked to VoidStealer v2.0. View the full article

The North Korea fake IT worker scheme has become a pernicious threat across several industries. While best practices emphasize precautions throughout the hiring phase, once onboarded such operatives can be challenging to detect. Combinations of behavioral analytics, threat intelligence, and other points of information are taking shape as essential defenses, as a recent case attests. According to a recent report from LevelBlue SpiderLabs, a suspected North Korea-linked operative was hired, passed security checks, and was assigned to work on Salesforce data before being identified and terminated 10 days later. It took a combination of geolocation anomalies, unmanaged device access, and threat intelligence correlation to identify the threat. In August 2025, routine onboarding quickly unraveled when Cybereason XDR behavioral analytics flagged suspicious login patterns and LevelBlue SpiderLabs threat intelligence confirmed the organization had unknowingly hired the bad actor. When an admin from the organization activated the new hire’s EntraID account, the team observed that the new hire used an EntraID login from a Dallas, Texas, IP address that deviated from his usual login regions (China). The EntraID login originated from an unmanaged device and used an IP address from the Astrill VPN, which is typically used by North Korea-linked IT workers. Tue Luu, threat detection engineer at LevelBlue SpiderLabs, told CSO that it was the threat intelligence correlation that set alarm bells ringing. “These things are seldom determined by a single piece of information or telemetry or behavior; rather, they result from a confluence of suspicions and statistical anomalies.” The North Korean fake IT worker scheme can allow operatives to steal sensitive data, proprietary source code, trade secrets, and intellectual property. It can expose organizations to ransom demands and the harvesting of credentials to maintain persistent unauthorized access. “It’s the ultimate trojan horse: difficult to mitigate, especially if they pass your employee vetting process,” Luu said. It’s estimated that North Korea-linked remote worker schemes have infiltrated hundreds of organizations globally, generating between $250 million and $500 million annually for the regime. How the scheme played out in detail Friday: Threat actor hired as remote employee assigned to work on Salesforce data and passed standard verification procedures. Friday to Wednesday: Cybereason XDR established behavioral baseline showing consistent logins from China. Thursday: A login anomaly is detected that triggered a high-severity alert. Friday: Threat intel matched OTX pulse for Astrill VPN infrastructure used by North Korean actors. Monday: User’s account revoked and an extended investigation initiated. During the SpiderLabs team’s deep dive, they scoured employee interactions, group chat additions, and other material to look for evidence of persistence mechanisms and remote access tools. They found no evidence of residual access, backdoors, or malicious artifacts, attributed to the speed of detection. In most cases, these rogue insiders attempt to operate in the shadows. “As long as they aren’t lighting up too many of the company’s controls, perhaps using communication channels that pass proxy muster, you may see methods like QQ chat clients, pastebin-like sites, or even shared cloud-based email drafts as ways to pass information,” Luu said. Key signs of NK-linked insider infiltration SpiderLabs has found that these threat actors commonly operate from China rather than North Korea because the internet is more stable and they can employ VPN services to conceal their true geographic origin. Astrill VPN has the ability to bypass China’s Great Firewall and allows threat actors to tunnel traffic through US exit nodes and masquerade as legitimate domestic employees. As a result, authentication events from known Astrill VPN IP ranges represent a high-fidelity indicator of compromise. In this case, however, the VPN itself wasn’t the only sign things were not as they seemed. “I believe what happened here is that Astrill VPN was not a standard solution used in the specific environment we were monitoring for the client in this case. If it had been, then this particular indicator might not have had as much weight,” Luu said. “The true anomaly here is that the use of that particular VPN software was unusual for this particular environment. There are personal VPNs and business VPNs, and the XDR solution can distinguish between the personal and business VPN solutions and only alert on the personal VPN usage,” Luu added. No silver IAM bullet for CISOs Identity and access management offers no magical method for spotting fake IT workers. As this example demonstrates, discovering a North Korean insider requires patching together a number of signals. This investigative and alert work can take different forms. “Some approaches start with well-segregated privileges and begin ramping up privileges over time as trust and tenure are established to ‘slow roll’ risky hires,” Luu told CSO. In some cases, it’s looking for logon or work activity outside of typical working hours for a particular geography. “Certainly, the confluence of suspicions helps. For example, are employees accessing data or attempting to authenticate data, hosts, or applications outside their established roles?” Luu noted. The reminder for CISO is to ensure onboarding processes are robust and regularly reviewed. “Learn what software is ‘normal’ in your environment and set software standards, and ensure employees have company-managed devices, preferably Windows for more control,” Luu advised. “Make sure IT admins apply EntraID Conditional Access policy to lock down logins from allowed regions or areas where employees are employed. The client didn’t have the conditional access policy activated before the incident, and they applied it after as a recommendation from Cybereason.” View the full article

Last year, I asked a room of infrastructure, identity and application leaders a simple question: “Where in our environment do we rely on RSA or elliptic curve cryptography?” The first answers were the usual suspects: TLS on the edge, our VPN and the certificates on laptops. Then we pulled up a dependency map and the mood changed. Crypto wasn’t just in a few obvious places. It was buried in API gateways, service meshes, database drivers, firmware update pipelines and third-party SaaS. Some of it was configurable. A lot of it wasn’t. That exercise is why I think the post-quantum conversation has to move from “interesting someday” to “start now.” Even if large, fault-tolerant quantum computers are not here yet, adversaries can harvest encrypted traffic and data today and attempt to decrypt it later. If you have information that must remain confidential for a decade or more — customer PII, health data, proprietary models, merger plans — waiting for a clean deadline is the riskiest option. The good news is that we do not have to bet the enterprise on a single new algorithm overnight. A hybrid approach lets us add post-quantum protection while keeping classical algorithms that are widely deployed and interoperable. The trick is to start early enough that the migration is deliberate, measurable and boring by the time 2030 arrives. The 2030 deadline is closer than it looks In security programs, 2030 can feel like an eternity. In cryptography programs, it is frighteningly close. The reason is the long tail of enterprise change: inventories, procurement, platform upgrades, certificate lifecycles, embedded devices and the slowest vendor in your stack. The standards foundation is already landing. NIST published its first three finalized post-quantum cryptography standards in August 2024, including FIPS 203 for ML-KEM and companion signature standards. That shifted the question I hear from “what should we wait for?” to “how do we operationalize this without breaking everything?” From there, three forces compress the timeline: “Harvest now, decrypt later” is not theoretical. If an attacker steals encrypted session captures or archived backups, the confidentiality loss happens the day quantum-capable decryption becomes practical. Your risk horizon is set by the shelf life of your data, not the arrival date of a quantum computer. Government and critical infrastructure guidance are converging. The National Security Agency’s CNSA 2.0 suite sets expectations for quantum-resistant algorithms in national security systems with milestones that pull software and firmware signing toward a 2030 horizon. Even if you are not building for government, those supply chain requirements tend to flow downhill into commercial products. Crypto migration is never a single project. Your public TLS endpoints might be modernized quickly. Your internal PKI, code signing pipeline and long-lived devices can take years. The last crypto refresh many enterprises remember — deprecating SHA-1 and older TLS — was manageable largely because teams started before the hard cutoff dates. That is why I recommend a hybrid strategy before 2030. It buys down long-term confidentiality risk now, creates time for interoperability bugs to surface and avoids a last-minute scramble when customers, regulators or your own board ask, “Are we quantum ready?” What hybrid post-quantum looks like in the real world When I say “hybrid,” I mean using a classical algorithm and a post-quantum algorithm together so the connection stays secure even if one component is later broken. The most relevant enterprise example is hybrid key establishment for TLS and internal mTLS. The IETF is standardizing approaches that combine classical ECDHE with ML-KEM so a TLS 1.3 session key depends on both mechanisms. Hybrid signatures touch certificate chains, code signing systems and validation logic, so they usually come later. In most roadmaps I run, we begin by keeping classical certificates for compatibility while preparing PKI components, HSMs and signing services to support post-quantum signature algorithms as platforms mature. In practice, hybrid almost always starts inside the enterprise first. External customer traffic has the most interoperability constraints and the highest blast radius. Internal service-to-service traffic, VPN tunnels between managed endpoints and software signing are better early candidates because we control both ends and can roll back quickly. You also have to plan for real constraints: Size and performance: post-quantum keys, ciphertexts and signatures can be larger than today’s elliptic curve equivalents, which can break assumptions in certificate stores, load balancers and MTU sizing. Crypto agility: hybrid only works if you can change algorithms without rewriting half your environment, which means pushing cryptographic choices into configuration and deprecating bespoke crypto. Operational observability: you need telemetry for handshake success rates, latency impact, error patterns and downgrade behavior so the rollout looks like any other reliability program. The point is not to be “post-quantum only” tomorrow. The point is to make post-quantum a normal part of your cryptographic control plane so the eventual full transition becomes a series of routine upgrades, not a crisis. A practical roadmap you can start this quarter If you are looking for a pragmatic way to begin, here is the roadmap I have used with large US enterprises. Build a cryptography inventory tied to data value Start with an inventory of where cryptography is used: TLS termination, internal mTLS, VPN, SSH, S/MIME, code signing, disk and database encryption, backups, identity tokens, key management systems and embedded device firmware. Map those uses to data classes and retention horizons. The systems protecting 10+ year secrets are your “harvest now, decrypt later” priorities. CISA’s post-quantum cryptography initiative is a useful checklist for the categories and dependencies you should capture and for how to think about critical functions. Pick 3 early migration surfaces you control end-to-end In most enterprises, the first three areas I target are: Internal mTLS between services VPN and remote access Code signing for internal software distribution and update pipelines These reduce long-term exposure without forcing you to negotiate compatibility with every customer browser, partner system or unmanaged device. Stand up a “hybrid-ready” lab and instrument it Before you touch production, stand up a lab that mirrors core traffic patterns: edge TLS, internal service mesh, API gateway and identity provider. Measure handshake sizes, latency and failure modes. Make sure you can roll back cleanly and explain what changed. Upgrade for crypto agility Standardize on modern TLS stacks, keep them patched and make algorithm selection a managed configuration. Consolidate certificate issuance flows. Push teams away from static crypto choices baked into application code. The more you centralize, the faster you can migrate. Run a limited hybrid pilot with explicit success metrics Pick one internal domain or one non-critical endpoint and pilot hybrid TLS. Define success as measurable outcomes: no increase in error rate, acceptable latency delta, stable CPU utilization and clean telemetry. When something breaks, document the dependency that caused it and feed that back into your inventory. Put post-quantum requirements into procurement now The fastest way to make 2030 painless is to make 2026 contracts future-friendly. Add language that requires crypto agility, support for NIST standardized post-quantum algorithms as they are adopted and a documented roadmap for hybrid support in TLS, VPN and signing. If you start now, you buy time for standards, platforms and operational tooling to converge. Hybrid post-quantum migration rewards early, quiet work. The enterprises that begin before 2030 will not just be safer against future decryption. They will have a more agile, measurable cryptographic program that is easier to govern, audit and modernize for whatever comes next. This article is published as part of the Foundry Expert Contributor Network. Want to join? View the full article

Insider threats are coming back in a consequential way. According to the State of Human Risk Report from Mimecast, 42% of organizations have experienced an increase in malicious insider incidents over the past year, with 42% also reporting a rise in negligent incidents for the first time. The report further found that organizations experienced an average of six insider-driven incidents per month at an estimated cost of $13.1 million per incident. Additionally, 66% of the 2,500 surveyed IT security and IT decision-makers expect insider-related data loss to increase over the next 12 months. “Insider risk has become one of the most consequential and underestimated threats facing organizations today, not just because of the data loss it causes, but because attackers are increasingly exploiting insiders as a deliberate entry point to bypass perimeter defenses entirely,” Mimecast CISO Leslie Nielsen said in announcing his company’s research results. “The data shows both careless mistakes and deliberate actions driving incidents in equal measure,” he added. “Rather than trying to manage human behavior, organizations need adaptive controls that identify high-risk actions and adjust protections in real-time, creating friction when someone accesses data they shouldn’t, regardless of whether they have valid credentials. As AI makes it easier for insiders to exfiltrate data at scale, security must meet users at the point of risk.” The state of insider threats today as technologies, tactics, and motivations evolve Insider threats continue to fall into two broad camps. On one side is the malicious insider who knowingly acts with the intent to harm. On the other side is a member of the organization whose impacting actions may be accidental or negligent, or in some cases manipulated by a malicious outsider. According to Forrester Research’s 2025 Security Survey, 22% of data breaches in the prior 12 months were the result of internal incidents. Some 47% were due to abuse or malicious intent, 32% were due to inadvertent misuse or an accident, and 21% involved both. These categories cover a wide swath of activities, says Joseph Blankenship, vice president and research director at Forrester. For example, a nonmalicious insider may accidentally email protected data to someone not authorized to have it or mistakenly allow public access to a database. A disgruntled employee may actively circumvent security controls to steal sensitive information to post to embarrass the organization. Although those scenarios have been around for years, new technologies, tactics, and motivations are evolving to drive, manipulate, and enable insiders, security leaders say. “My background is in the intelligence community, where we studied insider threat through a well-established lens: ego, ideology, and economics. Those motivations haven’t changed. What’s changed is the operating environment and who/what qualifies as an insider,” says Chris Cochran, field CISO and vice president of AI security at the SANS Institute. “It’s no longer just employees. It’s contractors, fraudulent hires who gained access through identity fraud, and now AI agents operating with persistent, privileged access,” he says. “A misconfigured agent is a superuser that never sleeps. A compromised agent is an adversary with legitimate credentials moving at machine speed. If it has trusted access and can act on data, it’s an insider, witting or unwitting.” The shift to remote work, Cochran adds, also removed physical and psychological barriers to insider risks. “Downloading data to a personal device doesn’t feel like espionage, and that trivialization is the risk,” he says. “Layer on economic pressure: While companies freeze hiring and suppress raises, and you have a recipe for witting insider threat at scale.” Niel Harper, executive coach and strategic advisor at Octave Digital and a board member with governance association ISACA, points to the growth of social media as another factor spurring insider threats today. Social media platforms, he says, give external threat actors information they can use to bribe, trick, or entice insiders to do their bidding. “They provide a treasure trove of information for threat actors, and a threat collective can easily conduct open-source intelligence to help them understand who is susceptible to blackmail or becoming a mercenary,” he explains. In such incidents, Blankenship says malicious actors often coach insiders on how to get around security controls and evade detection. Employees today are also more tech savvy and have greater access to powerful digital tools, including AI, and thus are more capable of finding ways around security controls, experts say. “The average staffer can now become a really high-risk threat actor,” says Harper, who is also chief trust officer at Hugo and a former CISO, including at the international police organization Interpol. Moreover, AI itself can become an insider threat, Harper adds, explaining that agents can go rogue or be programmed to do so. “So AI has changed the paradigm when it comes to insider threats,” he adds. Meanwhile, the modern work environment has created new scenarios that increase the insider threat risk, Harper says. For example, he says the rise in the use of contractors and outsourced providers as well as people working multiple jobs can up the opportunities for both malicious and nonmalicious incidents, as does remote work, due in part to the distributed nature of digital access for such workers. Hacktivism against companies, polarization, ideological divisions, economic pressures, and fears of job loss are also driving up insider risk today, Harper adds. Some of these dynamics have enabled malicious actors to land work within companies to then become insider threats, says Errol Weiss, CSO at Health-ISAC. These malicious actors, who are often from North Korea, obfuscate their identities and locations so they can be hired for legitimate roles, typically in IT. The common MO is to work for as long as possible to earn money to send back to North Korea while also laying the groundwork to launch some type of attack when their employers uncover their true identities. “They’re monetizing their exits by stealing data or extorting their employers on their way out,” Weiss explains. Additionally, threat actors are becoming more aggressive in their attempts to get insiders to do their dirty work, says Lina Dabit, executive director of the CISO office at Optiv Canada. They’re paying rewards to people willing to harass targeted individuals or provide personal information, such as a personal email or family members’ names. And they’re setting up honeypots, such as romance scams, to gain leverage over insiders. “We’ve always had malicious insiders, but now we have coerced insiders,” Dabit says. “I think it’s just a matter of time before a threat actor shows up at someone’s home or someone’s children’s school.” At the same time, technology has made it easier to facilitate such illicit activities, she and others say. In addition to threat actors using social media and other online sources to cull data they can use to entice or coerce insiders, they’re also using the dark web to connect with insiders willing to help. A 2026 Accenture Cyber Intelligence executive summary, titled “Rising dark-web enabled insider risk,” highlighted a 69% increase in insiders offering their access to hackers in 2025 compared to 2024 and a 127% surge in hackers recruiting insiders compared with 2022. “The world is different and more dangerous than it has ever been,” warns Dabit, a former unit commander with the Cybercrime Investigative Team of the Royal Canadian Mounted Police. “Do not make assumptions that threat actor groups will fit into neat little boxes like nation-state, organized crime, hacktivism, etc. Collaboration between nation state and organized threat groups, whether intentional or simply opportunistic, [is happening and there is a] blurring between organized crime, nation-state, and hacktivism. Newer groups are not adhering to reputational norms, [and the threat environment] has become a no-holds barred approach and nothing is off the table.” Shifting to proactive defense Organizations must be on the lookout for insider threats, Dabit and others advise. “And you need mechanisms in place to look for it,” Blankenship says, highlighting the various security technologies that can detect behaviors such as unusual or unauthorized attempts to access data and systems that could indicate an insider threat. Those, of course, are in addition to all the security and data protection controls considered standard today, he adds. Dabit also advises security leaders to have a plan for how to respond if they suspect or catch an insider either inadvertently or maliciously causing harm. And he advises CISOs to work with the chief legal officer and the head of HR to identify employees who could be insider threats — such as those who are about to be laid off or are disgruntled. Harper recommends regular employee background checks, with more rigorous ones for executives and workers with access to sensitive information or systems. Cochran says most security teams have work to do to meet the insider threats that exist today. “Many of the CISOs I speak with don’t feel very confident they can detect an insider threat before serious damage occurs,” he says. “What needs to change is a shift from reactive, technically focused programs to integrated ones that fuse behavioral signals with technical telemetry, and critically, organizations need to extend insider risk frameworks to non-human/ agentic identities with the same rigor they’d apply to a human employee.” View the full article

Attackers have compromised the widely used open-source Trivy vulnerability scanner, injecting credential-stealing malware into official releases and GitHub Actions used by thousands of CI/CD workflows. The breach could trigger a cascade of additional supply-chain compromises if impacted projects and organizations don’t rotate their secrets immediately. The attack, disclosed by Trivy maintainers today, results from an earlier compromise announced late last month that also leveraged insecure GitHub Actions and impacted multiple projects. Security firms Socket and Wiz traced the root cause to an incomplete credential rotation after the first breach, allowing the attackers to return to Trivy’s environment and introduce malicious commits. “If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,” Trivy maintainer Itay Shakury wrote on GitHub. Multiple components backdoored Trivy, developed by Aqua Security, is one of the most widely used open-source vulnerability scanners, with over 32,000 GitHub stars and more than 100 million Docker Hub downloads. Developers use it to detect vulnerabilities and exposed secrets in their CI/CD pipelines and container images. The attackers compromised three components of the Trivy project: trivy-action, the official GitHub Action for running Trivy scans in CI/CD workflows; setup-trivy, a helper action for installing the scanner; and the Trivy binary itself. Backdoored artifacts were published to GitHub releases, Docker Hub, the GitHub Container Registry, and the Amazon Elastic Container Registry. According to Socket, 75 of 76 version tags in trivy-action were overwritten with malicious code, along with seven tags in setup-trivy. The only unaffected trivy-action tag was version 0.35.0. The compromised tags include widely used versions such as 0.34.2, 0.33.0, and 0.18.0. “When the malicious binary is executed it starts both the legitimate trivy service and the malicious code in parallel,” Wiz researchers wrote in their analysis of the attack. Attackers look for development secrets On GitHub Actions runners, the credential stealer reads the process memory to extract secrets and searches the filesystem for SSH keys, cloud provider credentials, Kubernetes tokens, Docker registry configurations, and cryptocurrency wallets. The stolen data is encrypted and sent to a typosquatted domain that mimics Aqua Security’s legitimate site. If this fails, the malware falls back to creating a public repository called “tpcp-docs” on the victim’s own GitHub account and uploading the encrypted data there. According to Wiz, the attack also installs a persistent Python dropper on developer machines that connects to an attacker-controlled server every five minutes in search for additional payloads to execute. Stealthy tag manipulation technique bypasses detection Instead of creating new releases, which would trigger notifications, the attackers force-pushed existing version tags to point to new malicious commits. Git tags are pointers that reference a specific commit by its fingerprint. By overwriting where those pointers lead, any workflow referencing the tag begins pulling the attacker’s code. To further avoid detection, the attackers cloned the original commit metadata such as author names, email addresses, timestamps, and messages, making the malicious commits appear identical to the legitimate ones they replaced. The forgery left subtle traces such as missing cryptographic signatures and inconsistent timestamp relationships. The same tag manipulation technique was used in the compromise of the tj-actions/changed-files GitHub Action a year ago which affected 23,000 repositories. A lesson for victims The initial Trivy compromise happened in late February when attackers exploited a misconfigured GitHub Actions workflow that had been present in the repository since October 2025. The workflow, triggered by external pull requests, ran with access to repository secrets, a dangerous pattern in GitHub Actions that has been documented before. The attackers stole a personal access token (PAT) with write permissions and used it to delete releases, rename the repository, and publish a malicious Visual Studio Code extension. The Trivy maintainers rotated their credentials, but it seems the process missed some of them. This failure, especially by a company that is specialized in CI/CD security, should serve as a warning to organizations affected by this new attack, especially because the malware is designed to steal the same type of credentials that could enable supply chain compromises in their own pipelines. A recurring pattern The Trivy compromise is the latest in a growing pattern of attacks targeting GitHub Actions and developers in general. The tj-actions/changed-files compromise last year used the same tag manipulation approach and was later traced to an upstream compromise of the reviewdog/action-setup action. Other incidents in 2025 included the GhostAction campaign, which stole over 3,000 secrets from 327 GitHub users, and an attack on the nx npm package that exploited a vulnerable pull_request_target workflow. GitHub changed the default behavior of pull_request_target workflows in December 2025 to reduce the risk of exploitation, but the vulnerable workflow in the Trivy repository predated that change. Organizations using Trivy should pin GitHub Actions to the full commit SHA hashes rather than version tags to prevent tag manipulation attacks. The safe versions are Trivy v0.69.3, trivy-action tag 0.35.0, and setup-trivy 0.2.6. Security teams should also search their GitHub accounts for repositories named tpcp-docs, which would indicate successful fallback exfiltration, and block the command-and-control domain and its IP address at the network perimeter. View the full article

A senior member of the Cyber Monitoring Center (CMC), an organization formed last year to monitor, define and classify cyber events impacting UK organizations, this week questioned whether a £1.5 billion (about $2 billion) government loan guarantee provided to Jaguar Land Rover (JLR) should have happened in the first place. Speaking at an event hosted by the Royal United Services Institute (RUSI) that reviewed the CMC’s activities in its first year of operation, Ciaran Martin, chair of the CMC’s cyber monitoring technical committee, discussed the loan guarantee announced last year following an attack that has been described as one of the UK’s worst cyber incidents. “I must stress that I’m speaking personally now. I think the loan guarantee is an unfortunate precedent because the government intervened in a case-specific way, in response to a set of events, without the clear criteria of what form such intervention could take,” said Martin during a panel discussion with CMC executives and Tracey Paul, chief strategy and communications officer at Pool Re, a UK terrorism reinsurer. Martin, who is also a RUSI Distinguished Fellow, said, “there clearly are a set of plausible, realistic, bad scenarios where most reasonable citizens would expect some form of government activity. But it would be better to have a framework, whether that’s compulsory insurance, incentivizing insurance with tax breaks, whether it’s a set of principles as to what would trigger state intervention. And in what form? Loan guarantees? Something else?” To complicate things, Paul noted that today there is a cyber insurance protection gap. “I don’t know how we are going to bridge this gap between the potential economics loss and the insured loss without some partnership between government and the insurance industry and other parts of the cyber ecosystem,” she said. The industry has a prefunded model, and a contract with the government under which, if the insurer runs out of money, the government will step in and loan the money to pay the losses. “But that is one way of doing it and I think they would like the flexibility to do it in another way,” she observed. “But what I do think is you cannot have a transfer of risk between the public sector and the private sector unless you have some kind of structure around it, and at some point the government are going to have to come to the table on what that looks like in order to make that happen.” Event impact can ‘ripple across an entire economy’ Analysts share Martin’s concerns. Erik Avakian, technical counselor at Info-Tech Research Group, said on Friday that he “has been predicting for years now that attackers would start to move on from pure small disruption types of attacks (think DDoS) to catastrophic disruption and destruction of a company’s operations.” The incident at JLR, he said, “really speaks to impacting the overall resilience of a company’s business operations. And once that happens, the impacts can go well beyond just a quarterly earnings miss.” Avakian added, “what we’ve seen with the Jaguar Land Rover attack is certainly exemplary of that, and has shown that a cyber incident can shut down real-world operations in a way where the impacts can ripple across an entire economy, not just IT systems; where a cyberattack can directly impact a nation’s GDP, employment, and wreak havoc on national exports.” He agreed with Martin’s sentiments, explaining, “in my opinion, the government stepping in like this with a loan guarantee is creating and sending a signal that some companies could now be considered too important to fail due to cyber risk. That can create a dangerous precedent because large, critical organizations could become primary targets for cyber criminals if they know that a successful attack could cause such massive consequences.” It could also lead to new risks, said Avakian, “where companies may potentially underinvest in their security if they believe there’s an implicit safety net that will be there for them. Cyber resilience is more important than ever and should be central to how organizations think about security and risk management; not just how to prevent a breach, but how to keep business operations running in the face of cyberattacks.” David Shipley, CEO of Beauceron Security, added, “a monster has been created by using insurance to cheat our way out of hanging the risk in near-term more expensive, but long-term more effective ways.” Why, he asked, should organizations “invest all the work in multifactor authentication when you can just buy insurance? The problem now is the cybercrime monster that insurance fed is now Godzilla sized, and we can’t insure all of the damage. Great job.” Government bailouts of industry, said Shipley, “is just the next, bad leap in the same flawed decision. If insurance was the crack cocaine of cyber risk mismanagement, government bailouts are the corporate fentanyl. Maybe the smart answer is, we have to account for the real cost of proper security in our goods and services, and invest in ways that don’t put money in the hands of criminals.” This article originally appeared on CIO.com. View the full article

A senior member of the Cyber Monitoring Center (CMC), an organization formed last year to monitor, define and classify cyber events impacting UK organizations, this week questioned whether a £1.5 billion (about $2 billion) government loan guarantee provided to Jaguar Land Rover (JLR) should have happened in the first place. Speaking at an event hosted by the Royal United Services Institute (RUSI) that reviewed the CMC’s activities in its first year of operation, Ciaran Martin, chair of the CMC’s cyber monitoring technical committee, discussed the loan guarantee announced last year following an attack that has been described as one of the UK’s worst cyber incidents. “I must stress that I’m speaking personally now. I think the loan guarantee is an unfortunate precedent because the government intervened in a case-specific way, in response to a set of events, without the clear criteria of what form such intervention could take,” said Martin during a panel discussion with CMC executives and Tracey Paul, chief strategy and communications officer at Pool Re, a UK terrorism reinsurer. Martin, who is also a RUSI Distinguished Fellow, said, “there clearly are a set of plausible, realistic, bad scenarios where most reasonable citizens would expect some form of government activity. But it would be better to have a framework, whether that’s compulsory insurance, incentivizing insurance with tax breaks, whether it’s a set of principles as to what would trigger state intervention. And in what form? Loan guarantees? Something else?” To complicate things, Paul noted that today there is a cyber insurance protection gap. “I don’t know how we are going to bridge this gap between the potential economics loss and the insured loss without some partnership between government and the insurance industry and other parts of the cyber ecosystem,” she said. The industry has a prefunded model, and a contract with the government under which, if the insurer runs out of money, the government will step in and loan the money to pay the losses. “But that is one way of doing it and I think they would like the flexibility to do it in another way,” she observed. “But what I do think is you cannot have a transfer of risk between the public sector and the private sector unless you have some kind of structure around it, and at some point the government are going to have to come to the table on what that looks like in order to make that happen.” Event impact can ‘ripple across an entire economy’ Analysts share Martin’s concerns. Erik Avakian, technical counselor at Info-Tech Research Group, said on Friday that he “has been predicting for years now that attackers would start to move on from pure small disruption types of attacks (think DDoS) to catastrophic disruption and destruction of a company’s operations.” The incident at JLR, he said, “really speaks to impacting the overall resilience of a company’s business operations. And once that happens, the impacts can go well beyond just a quarterly earnings miss.” Avakian added, “what we’ve seen with the Jaguar Land Rover attack is certainly exemplary of that, and has shown that a cyber incident can shut down real-world operations in a way where the impacts can ripple across an entire economy, not just IT systems; where a cyberattack can directly impact a nation’s GDP, employment, and wreak havoc on national exports.” He agreed with Martin’s sentiments, explaining, “in my opinion, the government stepping in like this with a loan guarantee is creating and sending a signal that some companies could now be considered too important to fail due to cyber risk. That can create a dangerous precedent because large, critical organizations could become primary targets for cyber criminals if they know that a successful attack could cause such massive consequences.” It could also lead to new risks, said Avakian, “where companies may potentially underinvest in their security if they believe there’s an implicit safety net that will be there for them. Cyber resilience is more important than ever and should be central to how organizations think about security and risk management; not just how to prevent a breach, but how to keep business operations running in the face of cyberattacks.” David Shipley, CEO of Beauceron Security, added, “a monster has been created by using insurance to cheat our way out of handling the risk in near-term more expensive, but long-term more effective ways.” Why, he asked, should organizations “invest all the work in multifactor authentication when you can just buy insurance? The problem now is the cybercrime monster that insurance fed is now Godzilla sized, and we can’t insure all of the damage. Great job.” Government bailouts of industry, said Shipley, “is just the next, bad leap in the same flawed decision. If insurance was the crack cocaine of cyber risk mismanagement, government bailouts are the corporate fentanyl. Maybe the smart answer is, we have to account for the real cost of proper security in our goods and services, and invest in ways that don’t put money in the hands of criminals.” This article originally appeared on CIO.com. View the full article

Water utilities are finding that letting information flow can flush out cybersecurity problems. The water industry has a security issue: Many utilities operate with ageing systems and minimal IT or cybersecurity personnel. But by coordinating responses to cyber-attacks, participants in a pilot program run by the Cyber Readiness Institute (CRI) and the Center on Cyber and Technology Innovation (CCTI) improved security. One of the key findings of the two-year pilot involving 200 small and medium-sized utilities was that companies need to combine cybersecurity training with adequate support structures. There have already been some reported attacks. In October 2024, American Water was hit by a cyber-attack that meant that the company could no longer bill customers and in 2024 a Texan water company suffered a cyber-attack, The US is not the only country to be so hit: Norway and Poland have reported similar attacks. The pilot program, sponsored by Microsoft, identified four factors that would improve security. First, companies should be wary of free tools, which are often inadequate. Second, utilities should expand hands-on technical assistance to support implementation. The next issue that companies should address is the need to include cybersecurity training in operator licensing. Finally, companies should develop their links water sector associations to help improve cybersecurity operations. The report of the program concludes that to avoid future cybersecurity incidents, utilities should shift from information distribution to capacity building, ensuring that a resilient infrastructure is in place. View the full article

Google will no longer accept AI-generated submissions to a program it funded to find bugs in open-source software. However, it is contributing to a separate program that uses AI to strengthen security in open-source code. The Google Open Source Software Vulnerability Reward Program team is increasingly concerned about the low quality of some AI-generated bug submissions, with many including hallucinations about how a vulnerability can be triggered or reporting bugs with little security impact. “To ensure our triage teams can focus on the most critical threats, we will now require higher-quality proof (like OSS-Fuzz reproduction or a merged patch) for certain tiers to filter out low-quality reports and allow us to focus on real-world impact,” Google wrote in a blog post. The Linux Foundation too is finding the volume of AI-generated bug submissions overwhelming and has sought financial help from AI companies including Google, Anthropic, AWS, Microsoft, and OpenAI to deal with the problem. Together, they are contributing $12.5 million to the foundation to improve the security of open-source software. “Grant funding alone is not going to help solve the problem that AI tools are causing today on open-source security teams,” said Greg Kroah-Hartman of the Linux kernel project in a blog post. “OpenSSF has the active resources needed to support numerous projects that will help these overworked maintainers with the triage and processing of the increased AI-generated security reports they are currently receiving.” The funding will be managed by open source security project Alpha-Omega and the Open Source Security Foundation (OSSF) and will be used to provide AI tools to help maintainers deal with the volume of AI-generated submissions. “We are excited to bring maintainer-centric AI security assistance to the hundreds of thousands of projects that power our world,” said Alpha-Omega co-founder Michael Winser. This article first appeared on InfoWorld. View the full article

Karsten Kunert mit ChatGPT In einem großangelegten Schlag gegen ein internationales Hacker-Netzwerk haben Sicherheitsbehörden in Nordamerika und Deutschland die beiden weltgrößten Botnetze zerschlagen. Die Infrastruktur der Kriminellen war vor allem für sogenannte Denial-of-Services-Attacken (DDoS), verwendet worden, teilte das Bundeskriminalamt mit. Dabei versuchen die Cyberkriminellen, die Webseiten und Apps ihrer Opfer lahmzulegen, indem Sie sie mit unzähligen Datenanfragen überschütten. Zuletzt waren die Informationsangebote der Deutschen Bahn und die DB-Navigator-App Opfer einer DDoS-Attacke geworden. Werkzeuge für Überlastungsangriffe Konkret richtete sich die Aktion gegen die beiden berüchtigten Botnetze «Aisuru» und «Kimwolf». Das ältere System «Aisuru» hat vor allem Geräte infiziert, die sich im «Internet der Dinge» befinden und schlecht gesichert sind. Dazu gehören etwa Router und Überwachungskameras. «Aisuru» wird auch der bislang größte bekannte DDoS-Angriff zugeschrieben, bei dem die gewaltige Datenmenge von 31,4 Terabit pro Sekunde bewegt wurde. Dieser Angriff wurde damals vom IT-Dienstleister Cloudflare abgewehrt. Das eigentliche Ziel blieb unbekannt. «Kimwolf» ist nach Einschätzung von Experten eng mit «Aisuru» verwandt. Das zweite Botnetz legte den Fokus stärker auf Android und Consumer Geräte, darunter TV-Boxen. Internationale Zusammenarbeit der Fahnder An dem Schlag gegen die kriminellen Hacker waren auf deutscher Seite die Zentral- und Ansprechstelle Cybercrime Nordrhein-Westfalen (ZAC NRW) und das Bundeskriminalamt (BKA) beteiligt. Zusammen mit Strafverfolgungsbehörden aus Kanada und den USA wurde die global verteilte technische Infrastruktur der beiden Botnetze abgeschaltet. Das kriminelle Netzwerk ist allerdings nicht vollständig zerschlagen, weil es den Fahndern nicht gelang, Tatverdächtige festzunehmen. Immerhin wurden von den Strafverfolgungsbehörden zwei mutmaßliche Administratoren identifiziert. «Auf die Beschuldigten kommen nun rechtliche Konsequenzen zu», erklärte das Bundeskriminalamt. An ihren Wohnorten in Deutschland und in Kanada seien bei Durchsuchungen umfassende Beweismittel sichergestellt worden. Neben zahlreichen Datenträgern wurden auch Kryptowährungen im fünfstelligen Bereich gesichert. (dpa/ad) View the full article

Karsten Kunert mit ChatGPT In einem großangelegten Schlag gegen ein internationales Hacker-Netzwerk haben Sicherheitsbehörden in Nordamerika und Deutschland die beiden weltgrößten Botnetze zerschlagen. Die Infrastruktur der Kriminellen war vor allem für sogenannte Denial-of-Services-Attacken (DDoS), verwendet worden, teilte das Bundeskriminalamt mit. Dabei versuchen die Cyberkriminellen, die Webseiten und Apps ihrer Opfer lahmzulegen, indem Sie sie mit unzähligen Datenanfragen überschütten. Zuletzt waren die Informationsangebote der Deutschen Bahn und die DB-Navigator-App Opfer einer DDoS-Attacke geworden. Werkzeuge für Überlastungsangriffe Konkret richtete sich die Aktion gegen die beiden berüchtigten Botnetze «Aisuru» und «Kimwolf». Das ältere System «Aisuru» hat vor allem Geräte infiziert, die sich im «Internet der Dinge» befinden und schlecht gesichert sind. Dazu gehören etwa Router und Überwachungskameras. «Aisuru» wird auch der bislang größte bekannte DDoS-Angriff zugeschrieben, bei dem die gewaltige Datenmenge von 31,4 Terabit pro Sekunde bewegt wurde. Dieser Angriff wurde damals vom IT-Dienstleister Cloudflare abgewehrt. Das eigentliche Ziel blieb unbekannt. «Kimwolf» ist nach Einschätzung von Experten eng mit «Aisuru» verwandt. Das zweite Botnetz legte den Fokus stärker auf Android und Consumer Geräte, darunter TV-Boxen. Internationale Zusammenarbeit der Fahnder An dem Schlag gegen die kriminellen Hacker waren auf deutscher Seite die Zentral- und Ansprechstelle Cybercrime Nordrhein-Westfalen (ZAC NRW) und das Bundeskriminalamt (BKA) beteiligt. Zusammen mit Strafverfolgungsbehörden aus Kanada und den USA wurde die global verteilte technische Infrastruktur der beiden Botnetze abgeschaltet. Das kriminelle Netzwerk ist allerdings nicht vollständig zerschlagen, weil es den Fahndern nicht gelang, Tatverdächtige festzunehmen. Immerhin wurden von den Strafverfolgungsbehörden zwei mutmaßliche Administratoren identifiziert. «Auf die Beschuldigten kommen nun rechtliche Konsequenzen zu», erklärte das Bundeskriminalamt. An ihren Wohnorten in Deutschland und in Kanada seien bei Durchsuchungen umfassende Beweismittel sichergestellt worden. Neben zahlreichen Datenträgern wurden auch Kryptowährungen im fünfstelligen Bereich gesichert. (dpa/ad) View the full article

Threat actors have always sought advantage over their targets. Recently we’ve seen two efforts designed for long-term intelligence gain. This activity surfaced right where you would expect inside the enterprise. Enterprises now sit directly in the adversary’s collection path. They don’t have to be the target; they are on the board and in play because they ride on the same infrastructure the adversary is already exploiting. The CISO’s challenge is to ensure their organization doesn’t become an intelligence channel for someone else simply by virtue of how it connects to the world. Convergence Two unrelated campaigns are now intersecting across the same operational dependencies. The overlap is not coordination; it’s the predictable byproduct of how modern infrastructure centralizes access. When everything routes through a handful of shared services, shared identity layers, and shared connectivity providers, the adversary doesn’t need to coordinate. They simply arrive through the same door. The targeted collection surfaces are well understood: telecom routing, cloud adjacency, managed service channels, and identity federation. These are the connective tissues enterprises rely on to function. They are also the connective tissues adversaries exploit to monitor authentication, siphon data, and maintain long‑term access without ever touching the enterprise directly. When actors with different missions arrive through the same dependencies, it signals a structural exposure problem. Because these dependencies are shared and unavoidable, the issue is not the individual campaign. It’s the architecture that allows both campaigns to operate upstream of the enterprise with minimal friction and maximum persistence. Commercial spyware as an intelligence channel Criminal operators deploying Predator, a spyware suite sold by the sanctioned Intellexa consortium, have been documented across more than a dozen countries. US sanctions haven’t slowed them down an iota. Their targets are not random: journalists, activists, politicians, human‑rights defenders, government employees and contractors, and other high‑value individuals. Why? These targets have access to information of value that extends well beyond the device. I’ve long posited that criminal entities operate with two goals in mind: enhance capability or monetize information. The maturation of tradecraft we are seeing today follows the logical arc of the past decade. These include one‑click links, zero‑click exploit chains, network injection in some cases, and persistent device access. Predator is not a commodity tool. Predator is one of several device‑level compromises that become enterprise‑level exposures. It is a commercial espionage platform sold to governments or their proxies, and once deployed, it creates upstream surveillance capabilities that intersect directly with enterprise data flows, authentication systems, and service‑provider networks. This is why it matters. These tools don’t just compromise individuals. They compromise the systems those individuals authenticate into, the networks they traverse, and the service providers that carry their traffic. They operate in the same shared dependencies enterprises rely on. The enterprise becomes part of the collection surface whether it wants to or not. State‑aligned exploitation In February 2026, Singapore disclosed that UNC3886, a sophisticated cyber‑espionage group, had penetrated the networks of all four major telcos servicing Singapore: Singtel, StarHub, M1, and Simba. The threat actors used zero‑days, rootkits, and advanced persistence techniques to gain long‑term access to backbone infrastructure and technical/network data. Think about that for a moment: all four telcos with their infrastructure compromised. These companies serve as part of the country’s national infrastructure, supporting government, enterprise, and individuals alike. When a telco becomes a real‑time signals‑intelligence collection point, the adversary doesn’t need to break into your environment directly. They can collect from the pathways your environment depends on. Singapore named the group but not the sponsor. Most external analysis immediately called UNC3886 China‑nexus. Palo Alto Networks Unit 42’s parallel “Shadow Campaigns” report on TGR‑STA‑1030 (UNC6619) used similar cautious language: a “state‑aligned group that operates out of Asia.” The point is not attribution. The point is that the access was upstream, persistent, and structurally embedded. Regardless of point of origin, the CISO’s focus remains the same: Keep these actors from taking up residence in the infrastructure your organization and your clients depend on. The data‑protection problem is now structural. The collection is permanent. The access is embedded. What does this mean for CISOs The operational implications are not theoretical. They are immediate and measurable. Reevaluate exposure through the lens of shared dependencies, not just internal assets. Your environment is only one part of the attack surface. The dependencies you ride on are also collection points. Strengthen visibility across telecom, cloud, MSP/MSSP, and identity pathways. If you cannot see upstream, you cannot defend downstream. Treat upstream and downstream partners as active components of your threat surface. The adversary already does. Your governance model should reflect the same reality. Demand attestation from telecom and cloud providers. If your upstream providers cannot demonstrate integrity, you inherit their exposure. Reduce implicit trust in upstream pathways. Assume compromise in the infrastructure you do not control. Harden the session layer. Device‑level compromise and upstream compromise both lead to the same outcome: the adversary can impersonate your users and collapse your identity layer. Assume token theft, assume impersonation, and design authentication flows that degrade safely under compromise. In other words, design so that if the adversary gets in, they can’t go far. Shift detection toward low‑noise, long‑term access patterns typical of intelligence‑driven operations. These actors are not loud. They are patient, persistent, and structurally embedded. Recognize the insurance implications. The Singapore telco breaches are the tipping point. Cyber insurers are now explicitly factoring in the risk of permanent APT residency in backbone infrastructure. Expect materially higher premiums, broader exclusions, and the genuine possibility that organizations riding unvetted telco or cloud providers could become uninsurable at renewal. Integrate intelligence‑driven risk assessments into routine governance and architectural decisions. This is no longer a “nice to have.” It is a requirement for operating in an environment where upstream compromise is the norm, not the exception. Strategic reality Commercial (criminal) and state‑linked actors are moving through the same dependencies modern organizations rely on, and that overlap is now a defining feature of the operating environment. These campaigns are not anomalies. CISOs should see these as a fortuitous heads-ups. The question for CISOs is no longer whether adversaries will target their environment directly. The question is whether the infrastructure they depend on has already been turned into an intelligence platform for someone else and whether they would even know if it had. View the full article

Identity & Access Management ist für sicherheitsbewusste Unternehmen im Zero-Trust-Zeitalter Pflicht. Das sind die besten IAM-Anbieter und -Tools. Foto: ne2pi – shutterstock.com Identität wird zum neuen Perimeter: Unternehmen verlassen sich immer seltener auf die traditionelle Perimeter-Verteidigung und forcieren den Umstieg auf Zero-Trust-Umgebungen. Sicherer Zugriff und Identity Management bilden die Grundlage jeder Cybersicherheitsstrategie. Gleichzeitig sorgt die Art und Weise, wie sich Menschen, Anwendungen und Systeme anmelden und miteinander vernetzt sind, auch dafür, dass sich neue, sichtbare Touchpoints für Business-Stakeholder herausbilden. Die Sicherheitsexperten bewegen sich dabei auf einem schmalen Grat zwischen Benutzerfreundlichkeit und Security: Laxe Kontrollen und Authentifizierungsmechanismen machen Unternehmen angreifbar – zu strenge Kontrollmaßnahmen stören den Geschäftsfluss. IAM-Tools im Wandel Die gute – und gleichzeitig schlechte – Nachricht für Unternehmen, die im Bereich Identity & Access Management (IAM) tätig werden wollen: In Sachen Tools zeigt sich dieser Sektor inzwischen differenzierter und leistungsfähiger als je zuvor. IAM-Tools können die Komplexität verschiedener Aufgaben inzwischen deutlich reduzieren. Zum Beispiel wenn es darum geht: Identitäten in hybriden und Multi-Cloud-Umgebungen zu managen, privilegierte Konten zu kontrollieren, Login-Muster zu analysieren, auf Grundlage von Risikofaktoren zu authentifizieren oder Provisioning und andere Elemente des Benutzerlebenszyklus zu automatisieren. “Egal, ob es um fortschrittliche Analysen der Prozesse, die Integration mit Cloud-Service-Providern für ein verbessertes Workload-Management geht oder darum, die Benutzererfahrung per KI zu vereinheitlichen – den Unternehmen bieten sich heute so viele Funktionalitäten wie nie zuvor, um robuste IAM-Initiativen aufzubauen”, meint Naresh Persaud, Managing Director bei Deloitte. Diese Entwicklung habe dazu geführt, dass sich viele kleine Teilmärkte gebildet haben – auf denen sich teils eigenständige Produkte und teils Features, die Teil einer breiteren Plattform sind, tummelten. Da sich die Anbieter in diesem Bereich rasch annäherten, sei zu erwarten, dass diese sich in hohem Maß gegenseitig befruchten und übergreifende Funktionalitäten entstehen. Kurz gesagt: Es gibt eine Vielzahl von Optionen, die in eine IAM-Analyse-Paralyse führen können. “Einige Anbieter konzentrieren sich ausschließlich auf Identity Governance und Administration (IGA), andere auf Privileged Access Management (PAM) – beides sind kritische Elemente eines effektiven Identity-Programms. Der Bereich Authentifizierung ist wahrscheinlich derjenige mit der größten Produktvielfalt, wobei viele Anbieter in der Branche Lösungen im Bereich Multi-Faktor-Authentifizierung (MFA) anbieten”, erklärt JR Cunningham, CSO beim Managed Service Provider Nuspire. “Deshalb ist es für Unternehmen essenziell, seine aktuellen Fähigkeiten und Anforderungen zu definieren, um sicherzustellen, dass die gewählten Produkte, diese auch erfüllen.” Empfehlenswerte Identity & Access Management Tools Im folgenden Absatz haben wir einige der besten Anbieter im Bereich IAM für Sie zusammengestellt – dabei haben wir Einschätzungen der Analystenhäuser Gartner und Forrester einfließen lassen. Diese Identity-und-Access-Management-Anbieter und -Tools sollten CISOs auf dem Zettel haben. Avatier Das Unternehmen Avatier blickt auf eine lange Geschichte im Bereich ITSM und Helpdesk zurück. Seine Identity-Governance-and-Administration (IGA)-Plattform basiert auf automatisierter Benutzerbereitstellung und Passwort-Management. Zuletzt hat der Anbieter massiv in die Modernisierung seines Portfolios investiert: Die Identity-Anwhere-Plattform ist eine containerisierte Lösung, die wahlweise auch in der Cloud gehostet werden kann. Inzwischen unterstützt sie auch passwortlose Authentifizierung per SSO und bietet einen universelle User Experience – auch über Collaboration-Plattformen wie Slack, Microsoft Teams oder ServiceNow. Die IAM-Plattform von Avatier verfügt über Konnektoren zu mehr als 90 Unternehmens- und 5.000 Cloud-Anwendungen und -Plattformen sowie über einen generischen Low-Code/No-Code-Konnektor für individuelle Integrationen. Diese Plattform fliegt oft unter dem Radar der Analysten, da sie im Vergleich zu den Marktführern (in Forrester Wave und Gartners Magic Quadrant) als erschwinglichere Lösung positioniert ist. BeyondTrust Eine feste Größe in der Privileged-Access-Management (PAM) -Nische, hat BeyondTrust die Fähigkeiten und Funktionen seiner Plattform kontinuierlich ausgebaut. Neben PAM bietet die Plattform zentrales Management für Remote-Zugriffe sowie Endpoint Privilege Management für Windows und Mac – und über die “Active Directory Bridge”-Technologie auch für Unix und Linux. Darüber hinaus hat der Anbieter mit seiner “Cloud Privilege Broker”-Technologie (Berechtigungsmanagement in Multi-Cloud-Umgebungen) nun auch im Bereich Cloud Infrastructure Entitlement Management (CIEM) Fuß gefasst – einem PAM-Ableger. Laut den Analysten von Gartner weist BeyondTrust einen starken Bezug zur Compliance- und Audit-Welt auf – ein Unterscheidungsmerkmal liegt dabei in den Reporting- und Visualisierungsfunktionen. Erweiterte Analysefähigkeiten können die Anwender über das Paket “BeyondInsight” zubuchen. Allerdings warnen die Auguren potenzielle Kunden hinsichtlich der Integrationsmöglichkeiten – sowohl bezogen auf externe Lösungen als auch auf sich überschneidende Funktionalitäten sei das der Schwachpunkt von BeyondTrust. CyberArk Laut Forrester Research ist CyberArk (nach Umsatz) der größte PAM-Anbieter und verbindet Privileged Access Management mit Identity-as-a-Service (IDaaS). Mit der Übernahme von Idaptive konnte CyberArk im Jahr 2020 seine SaaS-Kompetenz entscheidend ausbauen: Seitdem gehören SSO, MFA und Customer-Identity-Management-Funktionen genauso zum Programm wie Passwordless- und Self-Service-Optionen für das Account Management. Darüber hinaus bietet die Cyberark-Lösung auch leistungsstarke Analysefunktionen, die ausgereiftere Programme mit Security-Metriken füttern können. CyberArk bietet auch Risk-Based Authentication (RBA), die Administratoren entsprechend ihrer Bedürfnisse granular abstimmen können. Das Ganze kostet allerdings: Laut Gartner können die Preise für einige Anwendungsfälle im Bereich Workforce weit über dem Durchschnitt liegen. CyberArk bietet – etwa für Multi-Cloud-Umgebungen – über seinen “Cloud Entitlements Manager” auch ausgereifte CIEM-Funktionen, einschließlich der Risikobewertung von Berechtigungen. An der IDaaS-Front ist CyberArk laut Forrester eine ernstzunehmende Alternative für alle, “einen risikobasierten Ansatz auf IDaaS” anwenden wollen und diesen mit Privilege-Management-Funktionen anreichen möchten. Auf der anderen Seite warnen die Analysten vor Performance-Problemen und verweisen dabei auf Service-Degradation-Vorfälle. Zudem fehle bislang der Nachweis über die Skalierbarkeit des Produkts. Microsoft Entra ID Geht es nach Forrester, spielt Microsoft mit Entra ID (ehemals Azure Active Directory), das mit über 300.000 zahlenden Kunden die größte IDaaS-Installationsbasis aufweist, im Identity-and-Access-Management-Bereich ganze vorne mit. Gartner führt das rasante Wachstum von Entra ID vor allem darauf zurück, dass das Produkt im Jahr 2020 mit Microsoft 365 und Microsoft Enterprise Mobility and Security (EMS) gekoppelt wurde, wodurch sich die Installationsbasis verdoppelt hat. Das Hauptaugenmerk von Entra ID liegt auf Workforce IAM, insbesondere in Microsoft-lastigen IT-Umgebungen. Die Übernahme von CloudKnox Security im Jahr 2021 hat für zusätzliche PAM- und IGA-Features gesorgt. Okta Trotz einer im März 2022 bekannt gewordenen Datenpanne bleibt Okta eine der renommiertesten Optionen in Sachen Identity & Access Management. Schon seit seiner Gründung im Jahr 2009 ist das Unternehmen Cloud-zentriert – zu einer Zeit, als Cloud-Implementierungen in vielen Unternehmen noch eine Randerscheinung waren. Oktas SaaS-Plattform bietet eine ganze Reihe von gebündelten oder eigenständigen Funktionen, die in hybriden und komplexen Multi-Cloud-Umgebungen funktionieren, darunter SSO, MFA, API-Zugriffsmanagement, Lifecycle- und User Management, sowie Identity Automation und Workflow-Orchestrierung. Der IAM-Anbieter verfügt über eines der robustesten API- und Konnektor-Ökosysteme auf dem Markt und hat sich durch die Übernahme von Auth0 im vergangenen Jahr einen festen Platz im Bereich Customer IAM erobert. Mit der Veröffentlichung von “Okta Privileged Access” hat das Unternehmen 2021 seine Fühler auch in Richtung PAM ausgestreckt. Die Innovationen müssen die Anwender allerdings auch teuer bezahlen: Laut Gartner sind die hohen Kosten der Okta-Lösung bei seinen Kunden “immer wieder” ein Thema. One Identity Vor der Übernahme von OneLogin (Anbieter reiner IDaaS-Lösungen) im Jahr 2021 war One Identity ein PAM- und IGA-Anbieter, der stark in der On-Premises-IAM-Welt verwurzelt war. Laut Forrester hat der Deal das Unternehmen den Einstieg ins IDaaS-Geschäft ermöglicht. Dabei unterscheide sich One Identity von anderen Anbietern insbesondere durch native PAM- und IGA-Funktionen. Allerdings ist es noch zu früh, um abzuschätzen, wie gut das Unternehmen die OneLogin-Technologie integrieren und die Stärken beider Seiten miteinander kombinieren kann. Auch ist nicht klar, was der Zusammenschluss für die Preisgestaltung von OneLogin und den bisherigen Fokus auf kleinere Unternehmen bedeutet. Ping Identity Dieser Anbieter adressiert Unternehmen mit komplexen, hybriden Umgebungen und bildet mit der Kombination von Ping One (IDaaS-Plattform) und PingFederate (föderiertes SSO) eine Brücke zwischen SaaS und lokalem IAM. Zusätzlich zu den Standard-IAM-Funktionen für Mitarbeiter und Kunden (SSO, MFA, Cloud-Identitity-Funktionen) bietet die IDaaS-Plattform dank einiger Übernahmen intwische auch dezentrale Identity-Features. Darüber hinaus bereichert ein Low-Code-Flow-Designer die PingOne-Plattform – und auch Analysen (einschließlich API-Transparenz) und eine optimierteRBA gehören zum Paket. Dabei handelt es sich allerdings nicht um eine vollständige IAM-Plattform aus einer Hand: Wie Gartner erklärt, bietet die Lösung von Ping Identity nur wenige Funktionen für das Identity Management, was es für kleinere Unternehmen oder solche, die eingebettete IGA- oder PAM-Funktionen suchen, weniger attraktiv macht. Anfang 2023 wurde das Identitäts-Angebot von Forgerock Teil von Ping Identity. SailPoint SailPoint gehört auf dem IGA-Markt zu den Marktführern und richtet sich an verteilte Unternehmen mit komplexen IT-Umgebungen, die ausgefeilte Automatisierungs- und Integrationsfunktionen benötigen. Laut Forrester schneidet die SailPoint-Plattform in den Bereichen User Lifecycle Management, Compliance Management und Integration am besten ab. SailPoint ist bestrebt, sein SaaS-Angebot auszubauen, um den sich ändernden Kundenbedürfnissen gerecht zu werden und genießt einen sehr guten Ruf bei den Kunden: Im Rahmen von Gartners Peer Insights Customers’ Choice 2021 wurde das Unternehmen zu einem der besten IGA-Anbieter gewählt. (fm) View the full article

The US is urging infosec leaders to harden their endpoint management system configurations after last week’s hack of American medical supplies provider Stryker by pro-Iranian threat actor Handala. The warning from the US Cybersecurity and Infrastructure Security Agency (CISA) is principally for organizations using Microsoft Intune, a cloud-based unified endpoint management (UEM) service that Handala, known for multiple destructive wiping, data theft and data leak attacks, was reportedly able to compromise. But CISA said the defensive principles of its recommendations can be applied to any endpoint management software. Top issue: phishing resistance The CISA advice is certainly “timely and appropriate,” said Johannes Ullrich, dean of research at the SANS Institute. “In my opinion, the top issue is implementing phishing-resistant authentication” to protect logins. “This problem goes beyond the specific issue of mobile device management and is something IT leaders need to prioritize,” he pointed out. “While multi-factor authentication does solve many problems, not all MFA technologies are phishing-resistant. In particular, for cloud-based solutions, which are usually accessible to everybody, solid phishing-resistant authentication is a must-have.” Organizations must also be careful when enrolling personal devices into corporate-managed endpoint solutions, he added. Only company-owned devices should be enrolled, to avoid disrupting personal devices, and enrolled devices should be dedicated to company business. Hardening endpoint management systems CISA advises IT leaders to: use principles of least privilege access when designing administrative roles for endpoint management systems. For Intune systems, there is role-based access control limiting what actions a role can take, what users the actions are applied to, and which devices are covered; enforce phishing-resistant multi-factor authentication (MFA) and privileged access hygiene. Intune users and others can take advantage of Microsoft Entra ID capabilities including conditional access, MFA, risk signals, and privileged access controls to block unauthorized access to Intune; configure access policies to require multi-admin approval for accessing and making changes to endpoint management systems. CISA also points Intune admins to these Microsoft documents: Best practices for securing Microsoft Intune; Use Access policies to implement Multi Admin Approval, Configure Microsoft Intune for increased security; Role-based access control (RBAC) with Microsoft Intune and Plan a Privileged Identity Management deployment. Michael Smith, field CTO at DigiCert, noted that while the CISA warning applies specifically to Microsoft Intune, there are many similar products that run as an administrator on endpoints. These need escalated privileges because they make changes on the endpoint, which makes them powerful tools for IT. However, he added, that also makes them a target. Any compromise of these products could lead to compromise of the endpoints they manage. The power to create ‘irreversible damage’ Stryker said the March 11 attack caused disruption to its order processing, manufacturing and shipping. However, Handala claims it was also able to remotely wipe thousands of employee devices. In a March 15 update Stryker said all connected, digital and life-saving technologies used by customers remain safe to use. “This event was contained to Stryker’s internal Microsoft environment, and as a result it did not affect any of our products—connected or otherwise,” the statement said. No ransomware or malware was deployed, the company added. In the Stryker incident, attackers hijacked a tool that companies trust every day, and used it to shut down operations on a global scale, commented Ismael Valenzuela, vice-president of threat intelligence at Arctic Wolf. “By abusing Microsoft Intune, they were able to remotely wipe more than 200,000 devices across 79 countries. The lesson is clear: no single login should ever have the power to cause irreversible damage,” he said. “Destructive administrative operations like device wipes, mass policy changes, or tenant‑wide updates must require multiple approvals,” he added. “No one session, credential, or role should be able to take destructive action at scale without independent authorization. Organizations should immediately lock down endpoint management tools by tightly limiting admin access, enforcing multi‑party approvals, and continuously monitoring privileged activity so trusted platforms don’t become single points of failure.” Endpoint management a high-value target Robert Beggs, head of Canadian incident response firm Digital Defence, said endpoint management systems have always been high-value targets because they are universally trusted and push configurations, scripts, and remote actions across an entire IT network. “Although the Stryker incident speaks to exploits of the Microsoft Intune application, similar products have been targeted in the past, including SolarWinds Orion (2020), Kaseya VSA (2021), and the Microsoft Exchange management interface (2021),” he pointed out. “All of these attacks demonstrate that malicious actors recognize the value of attacking controls with the keys to the kingdom, rather than going after individual systems.” He said that the following defenses against this kind of attack are frequently cited by experts: Employ least-privilege access and dual approval for major actions, ensure that strong identity controls are in place, employ micro segmentation and monitor for unusual administrative actions. Monitoring for administrative activity is especially critical with these types of attacks, Beggs added “Look for activities such as admin actions after hours, or from unusual locations or IP addresses,” he said. “Validate the creation of new admin roles or elevated privileges. And baseline normal admin activities so that you can identify admins performing tasks that they usually don’t do.” Because endpoint management systems can push changes to thousands of devices at once, an unexpected script deployment could create new configuration profiles or execute unexpected actions to disable defenses or deploy malicious content, he noted. Signs of compromise include disabling of MFA, removal of security controls, removal of monitoring tools, changes to network access controls, and altered logging settings. “The most important question is, how quickly can you identify these actions,” he said, “and are you prepared to recover?” Two Handala sites seized On Thursday, researchers at Flashpoint confirmed that the FBI had seized two Handala websites used for propaganda and releasing stolen data. One site now carries a statement saying the domain had been seized under a US court order. Flashpoint believes Handala is associated with the Iranian regime, and is not an independent actor. View the full article

Researchers have found nine vulnerabilities in four popular low-cost KVM-over-IP devices, ranging from unauthenticated command injection to weak authentication defenses and insecure firmware updates. The flaws are particularly concerning given the growing presence of such devices in business environments, whether deployed intentionally by IT administrators and managed service providers or introduced as shadow IT. KVM-over-IP devices enable users to control computers remotely as if they were physically present, with full keyboard, video, and mouse access, including at the BIOS level when the OS is not running. Enterprises have long relied on rack-mounted multi-port KVM switches that include security features such as multi-factor authentication, encryption, and logging but cost hundreds or thousands of dollars. In recent times, smaller businesses and IT teams operating on tight budgets have increasingly turned to a new class of compact, Linux-based, single-port KVM devices that offer the same access at a fraction of the cost. However, the quality of their firmware and access controls are not nearly as strong. Researchers from security firm Eclypsium analyzed several of these cheap models in recent months and found lack of brute-force protections for authentication, insecure firmware update mechanisms, exposed debugging interfaces, and unauthenticated vulnerabilities that can lead to full device takeover. The number of such devices exposed directly to the internet has grown from a few hundred less than a year ago to over 1,600, according to Eclypsium. That might not sound like a big number, but users of these devices range from small IT shops and MSPs to enterprises that span many industry verticals. “Enterprise data centers and colocation facilities use IP-KVMs for remote server management,” the Eclypsium researchers said. “Industrial and OT environments deploy them to manage HMI machines in hazardous zones. Healthcare facilities use them for systems in imaging suites and research labs that cannot be easily rebooted. Government and defense installations rely on them for mission-critical servers where physical access requires escorts and approvals.” Basic oversights The nine vulnerabilities impact devices from GL-iNet, Angeet/Yeeso, Sipeed, and JetKVM. The most severe flaw, with a 9.8 CVSS, was found in the Angeet/Yeeso ES3 KVM and allows any attacker with network access to write arbitrary files to the device via an unprotected upload endpoint. Chained with a separate command injection flaw, it creates the premise for pre-authentication remote code execution with root privileges. Angeet has committed to fixing the flaws but has not provided a timeline to Eclypsium. The GL-iNet Comet RM-1 has four vulnerabilities, including a lack of brute-force protection for authentication and insecure connection during provisioning. The device also uses the easy-to-crack MD5 hash function for its firmware update mechanism and no cryptographic signature. As a result, attackers could potentially create backdoored firmware images that the device would accept. Separately, the device’s UART serial interface provides unauthenticated root access to anyone with physical access to the device. GL-iNet has issued partial fixes in a beta release but has no planned fix for firmware signing or UART authentication. JetKVM, one of the most popular devices in the low-cost KVM segment, also used an over-the-air (OTA) update mechanism that relied on SHA-256 hashes without cryptographic signatures and no brute-force protection on its single-password login. Both flaws have been patched. Sipeed’s NanoKVM had an unauthenticated WiFi configuration endpoint that could be exploited to hijack the device’s network connection. The flaw has now been patched. “These are not exotic zero-days requiring months of reverse engineering,” the Eclypsium researchers said. “These are fundamental security controls that any networked device should implement: Input validation, authentication, cryptographic verification, rate limiting. We are looking at the same class of failures that plagued early IoT devices a decade ago, but now on a device class that provides the equivalent of physical access to everything it connects to.” Stealthy backdoors A compromised KVM device can become a powerful backdoor in any environment. An attacker can inject keystrokes to execute commands or access UEFI settings to disable security features such as disk encryption and Secure Boot. Because the device operates outside the controlled system’s OS, endpoint detection tools and host firewalls cannot see it. These devices run their own Linux-based firmware, allowing attackers to hide malware and re-infect connected systems even after disk wipes. “Compromising a KVM device gives an attacker the equivalent of physical access to every machine connected to it,” the Eclypsium researchers warned. “Not ‘kind of like’ physical access. Actual keyboard, video, and mouse control, at the BIOS level, below the operating system, below EDR, below every security control you have deployed.” North Korean spies posing as remote workers have used PiKVM devices connected to laptops and workstations provided to them by employers to fake their physical presence in different countries and gain access to corporate networks. Enterprise-grade KVM switches are not immune to vulnerabilities either. ATEN, one of the leading vendors, patched critical buffer overflow vulnerabilities in some of its products last year. Baseband Management Controller (BMC) interfaces, another type of out-of-band management technology that is common in server products, have been plagued by vulnerabilities for years and some were even exploited to deploy rootkits. Eclypsium advises organizations to isolate KVM devices on dedicated management VLANs, never expose them directly to the internet, deploy two-factor authentication when available, and use VPN solutions to access them. Companies should also audit their networks for KVM devices that they might not be aware of and deploy firmware updates when available. “Audit your KVM deployments,” the researchers wrote. “Know what you have, where it is, and what firmware it is running. These devices are the keys to your kingdom, and right now, too many of them are hanging on the network with the door wide open.” View the full article

One of the world’s most active ransomware groups, Interlock, started exploiting a critical-rated Cisco firewall vulnerability as a zero day weeks before it was patched in early March, Amazon has revealed. The vulnerability in question is CVE-2026-20131, a remotely exploitable deserialization flaw in Cisco Secure Firewall Management Center (FMC) Software which was given a maximum 10 CVSS score. When Cisco released a patch for it on March 4 as part of its semiannual firewall update, security teams would have known this needed to be applied urgently, alongside a fix for a second FMC vulnerability, CVE-2026-20079, with an identical severity rating. However, Amazon’s discovery that Interlock started exploiting CVE-2026-20131 on January 26, around 38 days prior to the release of the patch, turns the issue from merely ‘urgent’ into something akin to a full-blown zero-day vulnerability patching emergency. Attacker mistake Amazon said it started searching for exploitation of CVE-2026-20131 after Cisco’s advisory, using the company’s MadPot global network, a honeypot system comprising thousands of sensors deployed throughout its AWS platform. This quickly uncovered attacks dated weeks prior to the vulnerability being made public. “Observed activity involved HTTP requests to a specific path in the affected software,” said CJ Moses, CISO for Amazon Integrated Security, in a blog this week. He added: “This wasn’t just another vulnerability exploit, Interlock had a zero-day in their hands, giving them a week’s head start to compromise organizations before defenders even knew to look.” He later clarified to CSO that the “week’s head start” he referred to was the gap between the date of the first exploit that Amazon’s later analysis had unearthed and Cisco’s discovery of the bug. Amazon gained insight into the attacker’s infrastructure by using the honeypot to mimic a vulnerable firewall system. This resulted in an attack on the honeypot, which received a malicious binary from the attackers; it also revealed that the ransomware depended on a single server with a poorly-secured staging area. From this, researchers were able to analyze the group’s full attack chain, including Trojans, reconnaissance scripts, and evasion techniques. Unlocking Interlock According to Amazon, the tools and techniques connect the malware to Interlock, a ransomware actor that appeared in 2024, possibly as a ransomware-as-a-service (RaaS) offshoot of the notorious Rhysida group which was behind the hugely disruptive 2023 ransomware attack on The British Library. “The ELF [Linux executable] binary and associated artifacts are attributable to the Interlock ransomware family based on convergent technical and operational indicators. The embedded ransom note and TOR negotiation portal are consistent with Interlock’s established branding and infrastructure,” said Amazon’s Moses. In the past, Interlock had targeted sectors such as education, engineering, architecture, construction, manufacturing, and healthcare, as well as government and public sector entities, Moses said. However, given that the group has been able to exploit a zero-day vulnerability in equipment as prevalent as Cisco firewalls for more than a month, any vulnerable organization might be at risk. The ‘fundamental challenge’ of zero-day exploits “The real story here isn’t just about one vulnerability or one ransomware group — it’s about the fundamental challenge zero-day exploits pose to every security model,” said Moses. “When attackers exploit vulnerabilities before patches exist, even the most diligent patching programs can’t protect you in that critical window. This is precisely why defense in depth is essential.” It’s still unclear how many victims Interlock might have compromised during the period it was able to exploit CVE-2026-20131 as a zero-day vulnerability, but they are likely to be numerous. The Amazon blog includes a list of IP addresses, malicious domains, and JA3 client fingerprint hashes that security teams can search for in logs as evidence of possible compromise. The procedure for patching CVE-2026-20131, and the other 47 CVEs included in Cisco’s March 4 update, varies depending on the FMC software version installed. Cisco recommends using its software checker to determine the appropriate update. View the full article

China is reportedly planning to develop its own national post-quantum cryptography standards within the next three years, even as most of the world has already begun migrating to those finalized by the US in 2024. Post-quantum cryptography deals with algorithms that can protect data from the threat proposed by future quantum computers, which are expected to be able to decrypt data encrypted with legacy algorithms far faster than conventional computers. Governments are pushing for their widespread adoption today to reduce the scope for so-called “harvest now, decrypt later” attacks. Chinese post-quantum cryptography experts have focused on a different type of algorithm to those favored elsewhere, said Wang Xiaoyun, a professor at Tsinghua University’s Institute for Advanced Study, on the sidelines of the National People’s Congress in Beijing last week, Reuters reported. The algorithms could be ready within three years, and finance and energy would be priority sectors for migration, given the sensitivity of their data. China is not simply adopting what the rest of the world is implementing, Wang said, because its researchers have focused on structureless lattice algorithms which they think are stronger than the algebraic lattice designs used elsewhere. The latter, Wang said, “have some degree of security degradation” while structureless lattice algorithms “basically do not have this problem,” she said, according to the Reuters report. The US, UK, EU, and Australia have all aligned on three standards published by the US National Institute of Standards and Technology (NIST): ML-KEM, ML-DSA, and SLH-DSA — and have set migration deadlines between 2030 and 2035. The UK’s National Cyber Security Centre has advised organizations to identify vulnerable systems by 2028 and complete full transition by 2035. Meanwhile, China’s Institute of Commercial Cryptography Standards launched a global call for post-quantum algorithm proposals in February 2025. No algorithm selections have been announced. If Wang’s three-year estimate holds, China’s standards would arrive roughly five years after NIST’s. Serious concern Wang is not an outsider raising a fringe concern. She is the cryptographer who demonstrated collision attacks against MD5 and SHA-1 in 2004 and 2005, two hash functions the broader community had considered secure. Her work triggered their phase-out from most major software systems. Her track record matters here. “When she raises questions about algebraic lattices, it is not some nationalist talking point or fringe theory,” said Dr. Arindam Sarkar, head of computer science and electronics at Ramakrishna Mission Vidyamandira, India. “It comes from someone who has a track record of finding weaknesses that everyone else missed.” Sarkar explained the underlying concern. “Structured lattices have patterns that could potentially be exploited in the future,” he said. “It is like having a lock that follows a predictable pattern versus one that is deliberately irregular. The patterned lock might be perfectly secure today, but if someone figures out the underlying pattern twenty years from now, trouble follows.” NIST itself hedged against the possibility of lattice weaknesses: In March 2025, it selected HQC, a code-based algorithm built on different mathematics, as a backup fourth standard. Dustin Moody, a mathematician who heads NIST’s Post-Quantum Cryptography project, said at the time: “We want to have a backup standard that is based on a different math approach than ML-KEM. As we advance our understanding of future quantum computers and adapt to emerging cryptanalysis techniques, it’s essential to have a fallback in case ML-KEM proves to be vulnerable.” Security, sovereignty, or both China’s preference for domestic cryptographic standards is not new. It has previously developed its own classical encryption algorithms and mandated their use domestically, requiring foreign technology companies operating in China to support them alongside international standards, according to an analysis published by the Post-Quantum Cryptography Coalition. Sarkar said the motivations behind China’s structureless lattice push are not purely technical. “Every major technological power wants some degree of cryptographic independence,” he said. “The security arguments are genuine, but so is the desire to control your own destiny. That does not make the Chinese approach invalid. It makes them a normal player in a world where cryptography is increasingly strategic.” The harvest window problem Security agencies and financial regulators assess that nation-state actors are already intercepting and storing encrypted data today, intending to decrypt it once capable quantum computers arrive. The Federal Reserve has assessed this “Harvest Now, Decrypt Later” threat as a live data-privacy risk. The National Endowment for Democracy has specifically identified China as conducting such operations. NIST has warned that sensitive data “retains its value for many years,” making early migration critical. “The five-year gap creates a genuinely difficult position for anyone operating in China,” Sarkar said. “Do you deploy NIST algorithms now to protect against immediate harvest threats, knowing they might not satisfy future Chinese compliance requirements? Or do you wait for Chinese standards and leave that harvest window wide open?” Don’t wait Sarah Almond, director analyst at Gartner, said the compliance challenge extends beyond China. “Many regions globally are adopting NIST PQC standards,” she said. “China is one region, among others, which are launching its own PQC standardization initiatives. But it is not new for certain regions to adopt their own cryptographic standards.” Enterprises assessing vendor quantum readiness, Almond said, should ask whether support for regional standards will be provided in base products, as a paid feature, or not at all. Sarkar advised against waiting. “Start hybrid deployments immediately,” he said. “Layer NIST-approved post-quantum algorithms alongside your existing classical cryptography. Build systems that can swap out algorithms as requirements become clearer. The worst possible position is to be frozen, doing nothing, while that harvest clock keeps ticking.” View the full article

A critical Telnet vulnerability with a CVSS rating of 9.8 enables attackers to take full control of affected systems before authentication even kicks in, security researchers at Dream Security have warned. Tracked as CVE-2026-32746, the vulnerability is in GNU inetutils telnetd, is a widely deployed implementation of the Telnet remote access protocol found across legacy infrastructure, networking equipment, and embedded systems. The protocol has largely been replaced by SSH (Secure Shell) in modern environments since the early 2000s. In systems that still run the vulnerable Telnet service, the newly disclosed flaw allows an out-of-bounds write stemming from a buffer overflow issue, which can enable unauthenticated remote code execution (RCE) as root. The root cause is a buffer overflow in the telnetd LINEMODE Set Local Characters (SLC) handler triggered during Telnet protocol negotiation, according to the National Vulnerability Database entry for the flaw. Because the vulnerability can be exploited before authentication, attackers can execute arbitrary code immediately after establishing a connection using specially crafted messages. In many deployments, telnetd runs with root privileges, meaning successful exploitation can result in full system compromise, Dream said. Dream informed GNU Inetutils maintainers of the flaw on March 11, describing how the buffer overflow could be exploited. “The SLC response is built in a fixed 108-byte buffer, slcbuf, with only 104 bytes used for data after a 4-byte header. The function add_slc() (lines 162-175) appends 3 bytes per SLC triplet but never checks whether the buffer is full. The pointer slcptr is just incremented each time,” the company told the maintainers, according to a message to a GNU mailing list. “After about 35 triplets […], the 104-byte space is exceeded and the code writes past the end of slcbuf. That corrupts whatever lies after it in BSS (including the slcptr pointer). Later, end_slc() uses the corrupted slcptr to write the suboption end marker, which gives the attacker an arbitrary write in memory. So the bug is a classic buffer overflow with no bounds check,” the message continued. The maintainers prepared a patch the next day, making plans to release it by April 1, according to a timeline in Dream’s advisory. Vulnerable systems include embedded systems and IoT devices with an exposed Telnet interface; servers and appliances that listen on TCP port 23 and use the vulnerable codebase, and Linux distributions that ship inetutils and leave telnetd enabled or installable, including Debian, Ubutnu, RHEL and SUSE, Dream said. “A single network connection to port 23 is sufficient to trigger the vulnerability. No credentials, no user interaction, and no special network position are required,” it said. Dream advised a number of immediate workarounds until the software can be patched, including migrating to secure alternatives such as SSH and disabling telnetd or running it without root privileges. Where that’s not possible, it advised blocking port 23 at the network perimeter and restricting its use to trusted hosts. This is the second Telnet-related flaw to surface this year, following athe discovery in January of an authentication bypass bug that exposed devices to complete takeover. View the full article