Skip to content
View in the app

A better way to browse. Learn more.

hosang I.T.

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

CSOonline

Members
  • Joined

  • Last visited

    Never

Everything posted by CSOonline

  1. Summit Art Creations – shutterstock.com Mit db.gcve.eu stellt die GCVE-Initiative (Global Cybersecurity Vulnerability Enumeration) ab sofort eine kostenfreie, öffentlich zugängliche Datenbank für IT-Sicherheitslücken bereit. Ziel ist es, die Abhängigkeit von US-Datenbanken zu beenden und die digitale Souveränität in Europa zu stärken. GCVE-Datenbank soll Schwachstellenmeldung erleichtern Die Plattform führt Informationen aus verschiedenen öffentlichen Ressourcen zusammen. Dazu zählen die Quellen des GCVE Numbering Authority (GNA)-Modells. Es löst die traditionelle, zentrale Vergabe von Schwachstellen-Kennungen (CVE IDs) ab. Zudem werden Daten von weiteren anerkannten Schwachstellenverzeichnissen genutzt. Der dezentrale Ansatz ermöglicht es, Schwachstellen-Kennungen autonom zu vergeben und zu veröffentlichen, ohne auf eine zentrale Freigabe warten zu müssen. Insgesamt werden derzeit mehr als 25 unterschiedliche Datenquellen eingebunden. Die erfassten Schwachstellendaten werden normalisiert, strukturiert und durchsuchbar aufbereitet. Darüber hinaus bietet die offene API eine nahtlose Integration in bestehende Compliance-Tools und Risikomanagement-Systeme. Sicherheitsverantwortliche, Wissenschaftler, Computer Security Incident Response Teams, Softwareanbieter und Open-Source-Entwickler sollen dadurch in die Lage versetzt werden, Sicherheitsmeldungen ökosystemübergreifend effizienter nachzuverfolgen und auszuwerten. View the full article
  2. A coordinated campaign of malicious browser add-ons has bypassed Chrome Web Store’s defenses, weaponizing extensions advertised as productivity tools to steal corporate session tokens and attempt full account takeover. “The extensions work in concert to steal authentication tokens, block incident response capabilities, enable complete account takeover through session hijacking,” researchers wrote in a blog post, revealing a campaign targeted at widely used HR and ERP platforms. The threat, uncovered by the Socket.dev threat research team, is a multi-vector enterprise intrusion that combines stealthy credential theft with active interference in security controls. Actors behind this cluster published five Chrome extensions that, despite professional branding and seemingly legitimate use cases, execute malicious behavior deep inside enterprise workflows. Install counts suggest over 2300 users were tricked into deploying these tools before researchers alerted Google’s security teams and filed takedown requests. The extensions target systems like Workday, NetSuite, and SuccessFactors, where a single hijacked session can expose employee records, financial data, and internal workflows. Disguised productivity tools with malicious codes Each extension in the cluster posed as a productivity enhancer or security helper for enterprise users. Listings featured polished dashboards and promises of streamlined access to HR or ERP tools. Permissions requested were “standard,” seemingly benign functions such as cookie access or page modification. Once installed, however, three of the extensions, including DataByCloud Access, Data By Cloud 1, and a variant simply called Software Access, exfiltrated session cookies containing authentication tokens to attacker-controlled infrastructure. These tokens are, in many enterprise systems, enough to authenticate a user without a password. In some cases, those cookies were extracted every 60 seconds to ensure up-to-date credentials. Compromised sessions can serve as stolen passwords, because sessions have already passed through login screens and multi-factor checks to allow direct access to an account without triggering typical security alerts. “All five extensions remain under investigation at the time of writing,” the researchers said. “We have submitted takedown requests to Google’s Chrome Web Store security team.” Google did not immediately respond to CSO’s request for comments. Blocking defenses and hijacking sessions The campaign went beyond stealing credentials. Two of the extensions, Tool Access 11 and Data By Cloud 2, incorporated DOM manipulation routines that actively blocked access to security and administrative pages within the targeted platforms. This prevented the enterprise admins from reaching screens to change passwords, view sign-on history, or disable compromised accounts, even if they detected suspicious behavior. The most advanced of the five, Software Access, offered (on top of cookie theft) bidirectional cookie injection where stolen session tokens were reintroduced into a browser controlled by the attacker. Using APIs like “chrome.cookies.set(), this feature implants valid authentication cookies directly and grants threat actors an authenticated session without any further action from unsuspecting users. This technique effectively bypasses login screens and multi-factor authentication, allowing immediate account takeover. “While four extensions are published under databycloud1104 and the fifth under different branding, all five share identical infrastructure patterns indicating a single coordinated operation,” the researchers added. Socket advised organizations to strictly audit and limit browser extensions, closely scrutinize permissions requests, and remove add-ons that unnecessarily access cookies or enterprise sites. The blog also recommended monitoring for abnormal session activity and using tools that can detect malicious extension behavior before it reaches users. View the full article
  3. Python-Libraries sind mit manipulierten Metadaten in KI-Modellen infiziert und können beim Laden Schadcode ausgeführen. Agus_Gatam – shutterstock NeMo, Uni2TS und FlexTok, Python-Bibliotheken für Künstliche Intelligenz (KI) und Machine Learning (ML), die in Hugging-Face-Modellen verwendet werden, haben gravierende Schwächen. Wie Forschende von Palo Alto Networks‘ Unit 42 herausgefunden haben, können Kriminelle diese nutzen, um Schadcode in Metadaten zu verstecken. Einmal eingeschleust, wird der Code automatisch ausgelöst, sobald eine Datei mit den manipulierten Metadaten geladen wird. Technisch gesehen, betreffen die Schwachstellen insbesondere die `instantiate()`-Funktion von Hydra. Hierbei handelt es sich um eine Python-Bibliothek, die von allen drei KI-und ML-Bibliotheken verwendet wird. Hydra selbst wird von der Facebook-Mutter Meta gepflegt und häufig als Konfigurationsmanagement-Tool für Machine-Learning-Projekte genutzt. Noch keine Gefahr in der freien Wildbahn Obwohl die Schwachstellen damit recht weit verbreitet sind, wollen die Sicherheitsexperten sie bis jetzt noch nicht in freier Wildbahn entdeckt haben. Entwarnung geben sie allerdings nicht, ganz im Gegenteil: Sie warnen davor, dass Angreifer weiterhin reichlich Gelegenheit haben, sie auszunutzen. Curtis Carmony, Malware-Forscher bei Unit 42, erklärt die Situation so: „Es ist üblich, dass Developer eigene Varianten modernster Modelle mit unterschiedlichen Feinabstimmungen und Quantisierungen erstellen, oft von Forschenden, die keiner renommierten Institution angehören.“ Angreifende müssten dann nur noch ein bereits existierendes, weit verbreitetes Modell modifizieren, welches „einen tatsächlichen oder vermeintlichen Vorteil bietet, und dann schädliche Metadaten hinzufügen.“ Dadurch, dass Hugging Face die Metadaten nicht so leicht zugänglich macht wie andere Dateien sowie Dateien, die Safetensors oder das NeMo-Dateiformat verwenden, nicht als potenziell unsicher kennzeichnet, wird die Situation noch verschärft. Viel Verbreitung, viel Angriffsfläche Ein weiterer Faktor ist, dass, laut Unit 24 über 100 Python-Libraries auf Hugging Face für KI- und ML-Modelle verwendet werden – und fast 50 von ihnen Hydra nutzen. Carmony erläutert, dass diese Formate an sich nicht unsicher sind, aber „der Code, der sie verwendet, eine sehr große Angriffsfläche“ bietet. Technisch hängt dies damit zusammen, wie NeMo, Uni2TS und FlexTok die Funktion `hydra.utils.instantiate()` verwenden, um Konfigurationen aus den Modellmetadaten zu laden. Hierdurch ist es möglich, eine Remote Code Extraction (RCE) durchzuführen. Die Schöpfer, beziehungsweise Betreuer dieser Bibliotheken scheinen dabei etwas übersehen zu haben, wie Unit 42 ausführt: `instantiate()` akzeptiert nicht nur den Namen der zu instanziierenden Klassen, es verwendet auch den Namen einer beliebigen aufrufbaren Funktion und übergibt ihr die angegebenen Argumente. Das hat gravierende Folgen, denn sobald ein Angreifender eingebaute Python-Funktionen wie eval() und os.system() verwendet, kann er leichter Code exfiltrieren. Eine Reaktion auf diesen Umstand ist mittlerweile erfolgt: Meta hat die Hydra-Dokumentation aktualisiert und warnt nun davor, dass RCE möglich ist, wenn `instantiate()` verwendet wird. Für die drei KI/ML-Bibliotheken wurden die folgenden Maßnahmen ergriffen: Da NeMo von Nvidia entwickelt wurde, hat das Unternehmen inzwischen eine CVE-2025-23304 herausgegeben und einen Fix in der NeMo-Version 2.3.2 veröffentlicht. Uni2TS wurde von Salesforce entwickelt. Auch dieser Hersteller hat eine CVE gemeldet (CVE-2026-22584) und einen Fix veröffentlicht. Flextok, gemeinsam entwickelt von Apple und dem Visual Intelligence and Learning Laboratory der Eidgenössischen Technischen Hochschule Lausanne (EPFL VILAB), wurde inzwischen gefixt. Eine Besonderheit hier: Die Experten von Unit 42 gehen davon aus, dass Stand Januar 2026 keine weiteren Modelle auf Hugging Face die ml-flextok-Library benutzen. View the full article
  4. Python-Libraries sind mit manipulierten Metadaten in KI-Modellen infiziert und können beim Laden Schadcode ausgeführen. Agus_Gatam – shutterstock NeMo, Uni2TS und FlexTok, Python-Bibliotheken für Künstliche Intelligenz (KI) und Machine Learning (ML), die in Hugging-Face-Modellen verwendet werden, haben gravierende Schwächen. Wie Forschende von Palo Alto Networks‘ Unit 42 herausgefunden haben, können Kriminelle diese nutzen, um Schadcode in Metadaten zu verstecken. Einmal eingeschleust, wird der Code automatisch ausgelöst, sobald eine Datei mit den manipulierten Metadaten geladen wird. Technisch gesehen, betreffen die Schwachstellen insbesondere die `instantiate()`-Funktion von Hydra. Hierbei handelt es sich um eine Python-Bibliothek, die von allen drei KI-und ML-Bibliotheken verwendet wird. Hydra selbst wird von der Facebook-Mutter Meta gepflegt und häufig als Konfigurationsmanagement-Tool für Machine-Learning-Projekte genutzt. Noch keine Gefahr in der freien Wildbahn Obwohl die Schwachstellen damit recht weit verbreitet sind, wollen die Sicherheitsexperten sie bis jetzt noch nicht in freier Wildbahn entdeckt haben. Entwarnung geben sie allerdings nicht, ganz im Gegenteil: Sie warnen davor, dass Angreifer weiterhin reichlich Gelegenheit haben, sie auszunutzen. Curtis Carmony, Malware-Forscher bei Unit 42, erklärt die Situation so: „Es ist üblich, dass Developer eigene Varianten modernster Modelle mit unterschiedlichen Feinabstimmungen und Quantisierungen erstellen, oft von Forschenden, die keiner renommierten Institution angehören.“ Angreifende müssten dann nur noch ein bereits existierendes, weit verbreitetes Modell modifizieren, welches „einen tatsächlichen oder vermeintlichen Vorteil bietet, und dann schädliche Metadaten hinzufügen.“ Dadurch, dass Hugging Face die Metadaten nicht so leicht zugänglich macht wie andere Dateien sowie Dateien, die Safetensors oder das NeMo-Dateiformat verwenden, nicht als potenziell unsicher kennzeichnet, wird die Situation noch verschärft. Viel Verbreitung, viel Angriffsfläche Ein weiterer Faktor ist, dass, laut Unit 24 über 100 Python-Libraries auf Hugging Face für KI- und ML-Modelle verwendet werden – und fast 50 von ihnen Hydra nutzen. Carmony erläutert, dass diese Formate an sich nicht unsicher sind, aber „der Code, der sie verwendet, eine sehr große Angriffsfläche“ bietet. Technisch hängt dies damit zusammen, wie NeMo, Uni2TS und FlexTok die Funktion `hydra.utils.instantiate()` verwenden, um Konfigurationen aus den Modellmetadaten zu laden. Hierdurch ist es möglich, eine Remote Code Extraction (RCE) durchzuführen. Die Schöpfer, beziehungsweise Betreuer dieser Bibliotheken scheinen dabei etwas übersehen zu haben, wie Unit 42 ausführt: `instantiate()` akzeptiert nicht nur den Namen der zu instanziierenden Klassen, es verwendet auch den Namen einer beliebigen aufrufbaren Funktion und übergibt ihr die angegebenen Argumente. Das hat gravierende Folgen, denn sobald ein Angreifender eingebaute Python-Funktionen wie eval() und os.system() verwendet, kann er leichter Code exfiltrieren. Eine Reaktion auf diesen Umstand ist mittlerweile erfolgt: Meta hat die Hydra-Dokumentation aktualisiert und warnt nun davor, dass RCE möglich ist, wenn `instantiate()` verwendet wird. Für die drei KI/ML-Bibliotheken wurden die folgenden Maßnahmen ergriffen: Da NeMo von Nvidia entwickelt wurde, hat das Unternehmen inzwischen eine CVE-2025-23304 herausgegeben und einen Fix in der NeMo-Version 2.3.2 veröffentlicht. Uni2TS wurde von Salesforce entwickelt. Auch dieser Hersteller hat eine CVE gemeldet (CVE-2026-22584) und einen Fix veröffentlicht. Flextok, gemeinsam entwickelt von Apple und dem Visual Intelligence and Learning Laboratory der Eidgenössischen Technischen Hochschule Lausanne (EPFL VILAB), wurde inzwischen gefixt. Eine Besonderheit hier: Die Experten von Unit 42 gehen davon aus, dass Stand Januar 2026 keine weiteren Modelle auf Hugging Face die ml-flextok-Library benutzen. View the full article
  5. Here’s what nobody admits: Your firewall isn’t the problem. Your SIEM isn’t the problem. That shiny new EDR tool you just bought? Also, not the problem. The problem is Steve from accounting, who uses “Password123” because he can’t be bothered to remember anything more complex. The problem is your CISO, who talks about zero trust but still approves exceptions for the CEO’s personal devices. The problem is the unspoken rule that security slows things down, so everyone ends up finding workarounds. As the famous quote, attributed to Peter Drucker goes – Culture eats strategy for breakfast. In cyber operations, it eats your security posture for lunch. We learned this the hard way three years ago when a mid-sized financial firm hired a colleague to figure out why they kept getting phished despite spending millions on awareness training. Their policies were pristine. Their tech stack was impressive. Their incident response plan could’ve won awards. But their culture? Rotten to the core. The thing about culture is that it exists in layers. What you see on the surface tells you almost nothing about what’s actually happening. You need to understand three distinct dimensions: observable, non-observable and implicit. Miss any one of them, and you’re building your security program on quicksand. Observable culture: The stuff you can actually see Observable culture is everything tangible. Your policies. Your procedures. The security awareness posters in the break room. The mandatory training modules everyone clicks through while checking their phones. This is where most organizations stop. They write a 47-page security policy, mandate annual training, deploy some monitoring tools and call it a day. Box checked. Compliance achieved. Everyone goes home feeling good about themselves. Except none of it matters if people don’t actually follow through. Observable elements include your formal security protocols, your incident response plans and your access controls. They include visible behaviors like password hygiene, device management and whether people actually report suspicious emails. They include the technology you deploy and how you communicate about threats. You can measure this stuff. You can audit it. You can put it in a spreadsheet and show it to the board. But observable culture is the easiest to fake. People learn to perform security theatre. They know what they’re supposed to do. They know what gets measured. So they do just enough to avoid getting flagged while continuing their risky behaviors in the shadows. Take Target’s 2013 breach. They had a $1.6 million FireEye malware detection system. The system did exactly what it was supposed to do. It detected the malware. It sent alerts. Multiple times. But the security team ignored the alerts. They had policies and procedures. They had the technology. But the observable layer was disconnected from actual practice. The tools were there, but the follow-through wasn’t. The breach exposed 40 million credit card numbers and cost Target over $200 million in settlements. The impact on cyber operations was catastrophic. The tools didn’t fail. The observable culture, the visible security apparatus, existed in a vacuum. Having security controls is meaningless if your operational culture treats alerts as noise. Target’s incident response plan looked great on paper. But when alerts fired, nobody acted. The gap between documented procedure and actual behavior created a blind spot large enough to drive a truck through. That financial firm we mentioned? Their observable culture looked perfect. Everyone completed their training. Policies were documented and signed. Security tools were deployed and configured. But when we dug deeper, we found developers routinely turning off security controls because they “slowed down deployments.” We found executives sharing credentials because “it’s faster than waiting for access requests.” We even found an entire shadow IT ecosystem that nobody wanted to acknowledge. The observable layer gives you structure. Structure without substance is just theatre. Non-observable culture: The hidden drivers Now we get interesting. Non-observable culture is everything happening inside people’s heads. Their beliefs about cyber risk. Their attitudes toward security. Their values and priorities when security conflicts with convenience or speed. This is where the real decisions get made. You can’t see someone’s belief that “we’re too small to be targeted” or “security is IT’s job, not mine.” You can’t measure their assumption that compliance equals security. You can’t audit their gut feeling that reporting a mistake will hurt their career. But these invisible forces shape every security decision your people make. Non-observable culture includes beliefs about the likelihood and severity of threats. It includes how people weigh security against productivity. It includes their trust in leadership and their willingness to admit mistakes. It includes all the cognitive biases that distort risk perception. Optimism bias makes people think breaches happen to other companies. Availability bias makes recent incidents loom larger than systemic vulnerabilities. Confirmation bias makes people see what they expect to see and ignore contradictory evidence. Sony’s 2014 breach wasn’t a tech failure. It was a belief failure. People saw security as IT’s job, not theirs. So they clicked phishing links, shared credentials and treated threats as unlikely because “we make movies.” North Korean attackers didn’t need fancy exploits. They used that non-observable culture. Result: 100TB leaked. Unreleased films, personal data, executive emails. Networks stayed down for weeks, production stalled and trust took a beating. No firewall can fix a culture that thinks it won’t be targeted. At that financial firm, the non-observable culture was toxic. Developers believed security was an obstacle to innovation. Executives believed cyber risk was purely technical and could be solved by buying more tools. Staff felt that admitting security concerns would make them look incompetent. Nobody said these things out loud. But everyone acted on them. The gap between what people say they believe and what they actually think is where security programs go to die. You can mandate all the training you want. If people fundamentally believe security doesn’t apply to them, they’ll find ways around every control you implement. Implicit culture: The deepest layer Here’s where it gets really uncomfortable. Implicit culture is the stuff nobody talks about because nobody even realizes it’s there. The unspoken assumptions. The invisible norms. The “way things are done here” that everyone knows but nobody questions. This is the most powerful layer because it operates below conscious awareness. People don’t choose to follow implicit norms. They do. Automatically. Without thinking. Implicit culture includes unspoken beliefs like “security slows us down” or “leadership doesn’t really care about this.” It contains hidden power dynamics that determine who can challenge security decisions and who can’t. It includes the organizational identity that shapes how people see themselves and their work. It includes psychological safety, or the lack thereof. Can people raise concerns without fear? Can they admit mistakes without punishment? Can they challenge assumptions without being labelled difficult? Equifax’s 2017 breach wasn’t just a missed patch. It was a cultural failure. A critical Apache Struts flaw was disclosed, and security teams were warned to patch. Yet the unspoken rule was that security emails were noise, and uptime trumped fixes. Security had no absolute authority to stop work until the patch landed. So the vulnerability sat for months, visible and ignored. Attackers exploited it, exposing data on 147 million people, including Social Security numbers. Trust collapsed. Leadership changed. Equifax later agreed to settlements totalling more than $700 million. And nobody owned the risk decision! At that financial firm, the implicit culture was brutal. There was an unspoken assumption that business units were more critical than security teams. There was an invisible hierarchy in which anyone with sufficient seniority could overrule security recommendations. There was a hidden belief that admitting vulnerability was a sign of weakness. Nobody wrote these rules down. Nobody explicitly taught the new hires. But everyone learned them within weeks of starting. Implicit culture is why change is so hard. You can rewrite policies overnight. You can deploy new tools in a matter of weeks. But shifting deeply embedded assumptions? That takes years. And if you don’t address this layer, nothing else sticks. Shifting all three dimensions How do you actually change culture? You can’t just pick one dimension and hope the others follow. They’re interconnected. Change in one without the others creates misalignment and confusion. Start by making the invisible visible. You can’t fix what you can’t see. Conduct culture audits. Run anonymous surveys. Bring in external facilitators who can spot blind spots you’ve normalized. Ask uncomfortable questions and actually listen to the answers. Leadership has to model the behavior you want to see. Don’t just talk about it. Actually do it. Visibly. Consistently. When leaders admit mistakes, it creates permission for everyone else to do the same. When leaders prioritize security over convenience, it signals what really matters. Embed security into daily operations. Not as a separate function that people have to remember. As part of how work gets done. DevSecOps isn’t just a buzzword. It’s about making security the default path, not the exception. Build continuous learning into your culture. Threats evolve. Your understanding needs to evolve, too. Post-incident reviews shouldn’t be about blame. They should be about building organizational memory and getting smarter. Fix your incentives. If you reward speed over security, people will choose speed. If you punish people for reporting problems, they’ll stop reporting. Ensure consequences for negligence are transparent and fair, while also ensuring people feel safe raising concerns. At that financial firm, we spent six months working through all three layers. We didn’t just update policies. We surfaced hidden beliefs through facilitated discussions. We identified implicit assumptions and challenged them openly. We changed how leadership talked about and acted on security. It was messy. It was uncomfortable. But it worked. The reality In practice, technical controls are easy. Culture is hard. You can buy tools. You can write policies. You can mandate training. But you can’t mandate belief. You can’t purchase trust. You can’t deploy psychological safety. Target had the tools but not the operational discipline. Sony had the policies but not the shared belief that security mattered. Equifax knew, but lacked the cultural permission to act on it. Each breach happened at a different cultural layer. Each costs hundreds of millions. Each could have been prevented not by better technology but by better culture. Culture change requires patience, consistency and a willingness to confront uncomfortable truths. It requires leaders who are willing to examine their own assumptions and behaviors. It requires organizations that value honesty over appearances. Observable culture provides structure. Non-observable culture offers motivation. Implicit culture includes the foundation. You need all three. The organizations that survive are those where security is woven into their cultural DNA, where risk intelligence is instinctive rather than imposed, where people make good security decisions because it’s simply how things are done. That’s the real work. Not buying another tool. Not writing another policy, but building a culture where security isn’t something people do. It’s something they are. This article is published as part of the Foundry Expert Contributor Network. Want to join? View the full article
  6. zimmytws – shutterstock.com Die Behörden gehen gegen Akteure der Ransomware-Gruppierung Black Basta vor. Dabei wurden Wohnräume in der Ukraine durchsucht und Beweismittel gesichert. Gegen den mutmaßlichen Kopf der Gruppierung wird mit Haftbefehl gefahndet, wie das Bundeskriminalamt (BKA) in Wiesbaden und die Zentralstelle zur Bekämpfung der Internetkriminalität (ZIT) bei der Generalstaatsanwaltschaft Frankfurt berichteten. Bei Black Basta handele es sich um eine der aktivsten Ransomware-Gruppierungen der letzten Jahre, so die Behörden. Mit Schadsoftware kompromittierte die Gruppe Computernetzwerke, stahl sensible Daten, verschlüsselte Systeme und erpresste Lösegelder. Krankenhäuser und Behörden als Ziel Im Zeitraum von März 2022 bis Februar 2025 war die Gruppierung laut BKA und ZIT allein in Deutschland für die Erpressung von mehr als 100 Unternehmen und Institutionen verantwortlich und erbeutete dabei allein in Deutschland mehr als 20 Millionen Euro. Zu den Opfern zählen den Angaben zufolge überwiegend Unternehmen, aber auch Krankenhäuser und Behörden. Die Akteure werden der Bildung einer kriminellen Vereinigung sowie Erpressung und Computersabotage beschuldigt. Der mutmaßliche Rädelsführer ist russischer Staatsbürger. An den Durchsuchungen waren auch Strafverfolgungsbehörden aus den Niederlanden, der Schweiz und Großbritannien beteiligt. (dpa/jm) View the full article
  7. zimmytws – shutterstock.com Die Behörden gehen gegen Akteure der Ransomware-Gruppierung Black Basta vor. Dabei wurden Wohnräume in der Ukraine durchsucht und Beweismittel gesichert. Gegen den mutmaßlichen Kopf der Gruppierung wird mit Haftbefehl gefahndet, wie das Bundeskriminalamt (BKA) in Wiesbaden und die Zentralstelle zur Bekämpfung der Internetkriminalität (ZIT) bei der Generalstaatsanwaltschaft Frankfurt berichteten. Bei Black Basta handele es sich um eine der aktivsten Ransomware-Gruppierungen der letzten Jahre, so die Behörden. Mit Schadsoftware kompromittierte die Gruppe Computernetzwerke, stahl sensible Daten, verschlüsselte Systeme und erpresste Lösegelder. Krankenhäuser und Behörden als Ziel Im Zeitraum von März 2022 bis Februar 2025 war die Gruppierung laut BKA und ZIT allein in Deutschland für die Erpressung von mehr als 100 Unternehmen und Institutionen verantwortlich und erbeutete dabei allein in Deutschland mehr als 20 Millionen Euro. Zu den Opfern zählen den Angaben zufolge überwiegend Unternehmen, aber auch Krankenhäuser und Behörden. Die Akteure werden der Bildung einer kriminellen Vereinigung sowie Erpressung und Computersabotage beschuldigt. Der mutmaßliche Rädelsführer ist russischer Staatsbürger. An den Durchsuchungen waren auch Strafverfolgungsbehörden aus den Niederlanden, der Schweiz und Großbritannien beteiligt. (dpa/jm) View the full article
  8. Rona Michele Spiegel’s journey to cybersecurity might seem unconventional to some: She studied the arts. But as someone who grew up when computers first appeared and everyone wanted to experiment with them, she did a lot of multimedia work. She was always interested in technology and discussed with art colleagues about where the world was going regarding electronic “stuff.” “I was doing musical work. I was doing all sorts of what we would call multidisciplinary art. And I played around a lot with the evolution of systems and digital technology and how people would interact with them. And I built that into some of my art pieces. I always loved painting and the traditional arts. But very quickly, I got involved in how it interacts with systems and tools and how technology is going to impact humankind,” Spiegel tells CSO. She was in a band and then started doing electronic music. She was also interested in the film industry and found her way into it with sound design. It was a time of many opportunities, Spiegel says. “It’s really about digital transformation and that is the thread for me, and it’s always been. Digital transformation and human computer interface concepts — how do people interact with systems and how do they influence one another?” she says. And it was the digital transformation mindset that landed Spiegel at Deloitte Consulting where she helped create the first user experience practice. There she gained a lot of experience in product management and learned how to communicate with others about dependencies and risks. At Cisco she started working in technology governance, but she had the opportunity to experience another change: from hardware to software, when enterprises start consuming products on a subscription model based in the cloud. It was only after 10 years at Cisco that her mentor asked about her intentions of getting a master’s degree. The timing was right, as her son, whom she had raised for most of the time as a single mum, was going to college. So, Spiegel set about getting her master’s degree in cybersecurity. Her next role was with Wells Fargo where she had “a whole other vision and really got to get deep into cloud controls. And I realized, ‘Yeah, I want to work in this space,’” she says. That role was impacted by a restructuring, after which Spiegel decided to work independently helping startups and small businesses with compliance. Spiegel is now senior manager, security and trust, mergers and acquisitions at Autodesk and she spoke to CSO about all things cybersecurity. What are the main cybersecurity concerns when it comes to mergers and acquisitions? Spiegel: First of all, is understanding the difference between a mature company and a small company. In a small company you need to consider whether it is feasible for them to prioritize cybersecurity. If they don’t have a product and they don’t have customers, then there’s nothing to protect. And if they have very limited resources then it’s hard for them to justify. The whole thing about risk management is quantifying what the potential risk is, what you could lose. So, it’s hard to justify putting tremendous amount of funding into purchasing a tool or hiring an experienced CISO to come in and do this kind of work when you know you barely have budget to have a product and you don’t really have much revenue yet. When I’m doing merger work now I consider how absorbing that business is going to impact your risk. It’s going to impact your security posture, so you have to figure out how to understand its posture and then put together a strategy that allows the acquiring company to benefit from the acquisition without putting itself at risk by inheriting the vulnerabilities as well. What are some of the key challenges you’re facing today when it comes to AI? Spiegel: With AI the big questions are how to use AI, how to secure AI, and how to fend off AI all at once. And then look at that across different product lines and against different components. You also have to consider third parties and the ecosystem, and all of that magnifies with the acquisition and integration of other companies, large and small and scale does matter, actually. You’re just adding so much complexity so fast. We’re adding complexity into the supply chain and the ecosystem so quickly. This transformation reminds me similarly of when we all moved to the cloud. Everyone is doing it at once but for what reason? And will it make us safer or more vulnerable? What are your views on hiring and skills gap? Spiegel: There’s this fallacy that we don’t have enough people. There are a lot of people. I’m grateful that I have a job in this space, but the expectations are very high that we’re going to have all this experience in all of these different areas. We have a lot of practitioners out there and some of them are out of work. There are fewer entry-level positions offered and this is going to be a problem because the tools are good but you really need somebody who understands what they’re reading, and that means a wide range of experience, problem-solving, critical-thinking capabilities, to be able to aggregate all of this massive amount of data following prescriptive processes. Entry level positions help build this capacity and that is what we are missing. There’s a fear, I think, in hiring people that don’t have all the experience everywhere. I’m working with this nonprofit group called Project Cyber and we are helping women get into the workforce and the technical spaces. One of the main considerations is, ‘What are the skills?’ And it’s like speaking Greek or Latin; it’s a different set of skills, and cybersecurity is a challenge because it’s so huge. And it’s no different for CISOs: The expectation for cybersecurity leadership is to be able to rotate in different areas. It’s a very different mindset because it includes talking to the boards. You need to be able to present a business case for funding, you have to be a storyteller, you need to be able to understand data, and you need to be able to read the data and discern the data. And there is intelligence, and penetration testing, ethical hacking, there’s risk management. A lot is expected from cybersecurity professionals of all levels. How do you keep your team inspired? Spiegel: I think it’s important to give people a voice, to make sure they are enjoying what they’re doing, making sure they’re learning, they feel respected, they feel connected. Not forcing people to be in the office but treating people like adults; they can make those choices themselves, because everybody’s different. Being aware of the signs of burnout, making sure people take time off. Really listening and respecting, I think is the most important thing. I don’t believe in old school top-down management because I don’t feel like I’m smarter than other people. I do think that with experience I can see things coming and I can see patterns that I feel like that’s a little bit of a superpower for me, that someone half my age isn’t really going to be able to see yet because they haven’t lived through those cycles. Collaborating across a multigenerational workforce is going to motivate everyone and produce better outcomes. Where do you see the cybersecurity leader role going in the next few years? Spiegel: Many people across the CISO community have been talking about the notion of the cybersecurity profession versus that of a trade. When we look at that, the whole cybersecurity profession and CISO leadership development, it’s an interesting conversation. I find it to be a combination of both, or I should say some really believe it’s a profession, and it’s problematic for it to be considered solely as a trade, although there are some aspects of the skillset that support that argument. But I do think that the trend of thinking right now is that the trade is the hands-on entry level, starting out in the field, and the sort of technical hands-on aspect of it. And the profession is really about that elevation and standardization, and helping one another grow and evolve, and the greater good, and in the interconnectedness with other technology and risk management types of professions. I think the jury’s still out collectively about whether you know we’re a profession or a trade. But the more I talk with my peers, the more we’re all landing on it is a combination of both. Then there is the exposure concern. The trend is for CISOs or cybersecurity leaders to not be anywhere for very long. I think that’s a mistake. I think it is rising outside of being embedded in the secondary leadership team. And I think it’s becoming a top-level leadership. There’s a merging that’s happening between governance, risk, compliance, and all the software-driven vulnerabilities and data-driven vulnerabilities and technology-driven vulnerabilities I think when we see cybersecurity in the engineering space, we start to see that notion of trust and that transparency of trust, which then starts to merge with physical security, sometimes even privacy, resiliency. So, I’m seeing chief trust officers now. What are you most and least proud of in your career? Spiegel: What I was most proud of in my career really was the ability to build this career while I was a single mother, commuting back and forth between school and work, and I don’t even know how I was able to do this. I don’t recommend it for everyone but going back to school at the same time and getting my graduate degree. I will say that the UC Berkeley School of Information’s Master of Information and Cybersecurity (MICS) program is tremendous. And the network, that’s probably really in part how I was even able to do all of this, by having the right mentors and having the right people around me and support. And just the program is amazing. Also, it enabled me to get these certifications, and to just go all in and prepare myself for this pivot and really pivoting to cybersecurity ultimately has been really that end result. That, and bringing up this wonderful boy. I was really blown away when I got my CISSP certification. That was really hard for me, studying that hard and sitting and taking a test like that and then feeling like I could put that at the end of my name. That felt really, really good. Right now I’m also really enjoying mentoring people, these college students who are studying behavioral psychology and cyber, and data science, and are really recognizing how amazing that is. I feel like it takes a lot of emotional maturity to handle the personal relationship aspects of working in any profession. For me, working in technology and working in cybersecurity, and just developing leadership qualities, I feel it requires a self-awareness, and I feel like it took me a long time. … What I’m least proud of is perhaps some of the emotional responses I had. We talk about burnout. But back in the early days we didn’t talk about burnout. I think it’s important to talk about that, and to make sure that you don’t do more harm than good when you’re moving and pushing yourself as hard as you can. And sometimes that means really figuring out ways to depersonalize in terms of how you respond to difficult situations, but also to remember that the people aspect and the relationships are more important than anything else in the long term and really helps everybody succeed. I feel that earlier in my career I lagged in that emotional intelligence, and it took me a long time to build that. And any bridges burned along the way, I think, is something that you really pay for later. And I feel like I’ve grown in leaps and bounds in that area, and that really contributes to my ability to lead. Do you have any book recommendations for fellow cyber leaders you’d like to share? Spiegel: The Seventh Sense by Joshua Cooper Ramo is about just being prepared for the future, which I think is very, very important. And it’s historic, and it’s sort of anthropological, and I read it a couple of times, and I’ve quoted from it as well. I love that book. The conversations around AI, the one that really hit me that I’ve been recommending to people also is The Coming Wave by Mustafa Suleyman. About the kind of convergence of all the huge leaps and bounds that we’re making in technology. View the full article
  9. As 2026 finds CISOs’ battle against relentless cyberattackers escalating once again, strong and carefully planned cybersecurity projects are the best way to stay a step ahead of attackers and prevent them from gaining the upper hand. From data governance to zero trust, here are several essential cybersecurity projects every CISO should consider adopting in the year ahead. 1. Transforming identity access for the AI era As AI and automation evolve, managing not only employee access but also the identities of AI agents and machine processes is now a cybersecurity essential, says Anthony Berg, Deloitte’s US cyber identity leader. “The rapid evolution of AI, especially agentic AI, has prompted many security leaders to rethink identity management strategies,” he says. “The need for better identity governance, spanning both people and non-human identities, has inspired CISOs and CIOs to reimagine their security frameworks for the next wave of digital transformation.” “It’s important for organizations to proactively modernize their IAM programs, especially as gen AI and agentic AI enable new business models and levels of autonomy,” Berg says. “Securing access across every digital identity is essential to safeguarding sensitive data, supporting compliance requirements, and driving operational efficiency.” By advancing identity and access management (IAM) capabilities, such as lifecycle management, strong authentication, and precise role- and policy-based access controls, enterprises can prevent unauthorized access and reduce the risks posed by compromised credentials, Berg says. “Extending these controls to non-human identities will help ensure that every entity interacting with systems or data is governed appropriately,” he says, adding that regular access reviews and ongoing education will also help safeguard information and enable secure adoption of advanced AI technologies. 2. Strengthening email security Phishing continues to be a primary attack vector for stealing credentials and defrauding victims, says Mary Ann Blair, CISO at Carnegie Mellon University. She warns that threat actors are now generating increasingly sophisticated phishing attacks, effectively evading mail providers’ detection capabilities. “Legacy multifactor authentication techniques are now regularly defeated, and threat actors are moving quickly to monetize their foothold.” Facing an increasingly challenging email environment, Blair says CISOs should consider turning to external sources for added security project assistance. She notes that several vendors she’s contacted have responded with an RFP and are enabling a test-drive of their latest capabilities. 3. Leveraging AI to discover code vulnerabilities Aman Priyanshu, a Cisco AI researcher, is developing autonomous vulnerability search agents using small language models (SLMs) that can run effectively in resource-constrained environments. Cybersecurity is inherently a long-context domain, and while current state-of-the-art LLMs can handle it, they do so at a significant tradeoff for cost or latency, Priyanshu says. “For example, organizational codebases are massive, often spanning thousands of files and millions of lines of code,” he states. “When you need to find a specific vulnerability, you face either an impossibly expensive context window if you load everything into a large model, or you’re simply out of the context limit entirely.” Priyanshu says his project aims to create SLM agents that resolve threats in the same way most human analysts do — through iterative investigation by reasoning about where vulnerabilities might be, searching those areas, retrieving relevant code, and repeating the process until the weaknesses can be found. “While we’ve demonstrated that this approach works in our research, we’re hoping to scale things up and practically explore real-world deployment in 2026.” Penetration testers and security researchers have been deploying generative AI for vulnerability hunting for some time now, with AI-powered bug hunting now showing signs of accelerating and democratizing vulnerability discovery — and altering the calculus of what makes for an effective bounty program. 4. Reenforcing enterprise AI governance and data protection As AI risks and autonomous threats reshape the cybersecurity landscape, Attila Török, CISO at GoTo, an AI-based cloud communications provider, is working to ensure that his organization can securely manage and monitor all AI tools while blocking unsanctioned platforms, preventing data leakage. “By embedding secure-by-design principles and aligning cybersecurity with business strategy, we’re building resilience, trust, and compliance — all of which are key differentiators in the AI era,” he says. However, as with any major security initiative, success can’t happen within a silo, he warns. “It will take collaboration with every department across our business to establish practices that ensure success now and in the future.” 5. Prioritizing AI to enhance security operations Sales performance management firm Xactly is prioritizing AI trust because the math dictates it and the threat landscape demands it, says Matthew Sharp, CISO there. “We conducted a rigorous Christensen-style analysis of our security operations and found that roughly 67% of functional work — tasks such as evidence gathering, alert validation, and compliance reporting — is mechanical and can be automated.” Adversaries are already using AI to attack at machine speed, Sharp warns, noting that organizations can’t defend against AI-driven attacks with human-speed responses. “Operationalizing AI trust allows us to fight fire with fire, since we can’t afford to have human analysts performing tasks that machines can do more efficiently.” As AI continues to emerge as a viable tool for defense, CISOs are also rethinking how their teams operate to harness the technology’s potential. 6. Moving to a zero-trust-by-default model Pavlo Tkhir, CTO at Euristiq, says his main project for 2026 is the implementation of zero trust architecture for all the software development firm’s internal and client development. “We’ve long worked with companies for whom security is critical, but in 2026, market and regulatory demands will be so high that moving to a complete ‘zero-trust-by-default’ model will become a strategic imperative.” For Tkhir, the project isn’t just about strengthening the company’s own security. “It will also allow us to build even more secure platforms for our clients, from high-load enterprise systems to AI-powered solutions where data integrity is critical,” he says. “We’re implementing zero-trust across infrastructure, development, CI/CD, and internal tools — this creates a unified security standard that will then be transferred to client architectures.” The initiative wasn’t born out of a specific incident, but from close observation, Tkhir says. “We saw that threat models are changing faster than ever.” He notes that attacks are increasingly occurring not on the perimeter, but internally: through library vulnerabilities, APIs, weak authentication mechanisms, or erroneous permissions. “This is what inspired us to completely rethink our approach.” 7. Bolstering data governance across the enterprise Building a unified data governance and security framework across all enterprise systems is a 2026 priority for Barry Kunst, a director at Solix Technologies, an enterprise data, AI, and data fabric solutions provider. The initiative is being undertaken in part to address the kinds of shadow data, inconsistent access control, and compliance gaps most organizations still struggle, he says. “When you standardize how data is classified, protected, and monitored across every environment, you close the biggest security loophole — untracked sensitive data,” Kunst says. “This project will strengthen our security by improving visibility, enforcing policy-driven controls, and reducing exposure in multi-cloud setups.” Kunst says his organization launched the initiative after seeing its customers overwhelmed by rapid data growth and new regulatory requirements. “Our security and cloud engineering teams are collaborating with key technology partners, with a planned rollout in 2026’s third quarter,” he says. View the full article
  10. Many software and SaaS companies are building AI agents into their products, but these features can expand the attack surface of those platforms, especially when rushed to market. A privilege escalation vulnerability revealed last week in ServiceNow’s platform is the latest example of how AI agents capable of executing highly privileged tasks can be abused in unintended ways. The vulnerability, dubbed BodySnatcher by researchers from security firm AppOmni who found it, impacts the Now Assist AI Agents and Virtual Agent API applications. It allows unauthenticated users to execute agentic workflows with the privileges of any user. In Now Assist–enabled instances with default settings, this flaw could be exploited to create backdoor accounts with admin roles. “The discovery of BodySnatcher represents the most severe AI-driven security vulnerability uncovered to date and a defining example of agentic AI security vulnerabilities in modern SaaS platforms,” AppOmni researchers wrote in their report. “It demonstrates how an attacker can effectively ‘remote control’ an organization’s AI, weaponizing the very tools meant to simplify enterprise workflows.” According to ServiceNow, this vulnerability was patched in hosted instances at the end of October, and updates were provided to customers using self-hosted instances. But the security advisory and vulnerability details were not made public until last week. The company advises customers to make sure they’re running Now Assist AI Agents versions 5.1.18, 5.2.19, or later, and Virtual Agent API versions 3.15.2, 4.0.4, or later. AppOmni notes that the updates break their proof-of-concept exploit by removing one of the example AI agents installed by default with Now Assist, but the dangerous configurations that underpin this vulnerability could still exist in custom code created by customers or in third-party integrations. As more organizations use agentic AI tools developed by their SaaS providers, or build their own agents internally to automate workflows, they need to be conscious of the unexplored risks these tools could introduce if they’re overprivileged or their authentication logic is flawed. Impersonating users through the ServiceNow Virtual Agent API The Virtual Agent API is an application available in the ServiceNow Store that enables customers to integrate external chat interfaces or bots with the ServiceNow Virtual Agent platform. This platform allows organizations to design and deploy automated conversations on a variety of topics to support customers or employees and free up human agents for other tasks. For example, one integration could be a Slack bot that talks to the organization’s ServiceNow Virtual Agent platform to answer questions. The API uses a unique provider definition for every integration to specify how ServiceNow will authenticate the integration’s messages and convert them into a structured format that its Virtual Agent platform can understand. A common way to authenticate external Virtual Agent integrations is via a Message Auth record, which is a unique static token. Another default option, called Auto-Linking, enables the provider to automatically link the identity of the user sending messages through the external integration with their corresponding ServiceNow account. This is usually done by simply checking the user’s email address. While Virtual Agent was initially intended to support pre-built conversation agents only, ServiceNow later added the capability to support LLM-powered AI agents through its Now Assist platform. These new agents leverage the existing Virtual Agent API with the same configuration choices, including authentication via static Message Auth records and Auto-Linking. As a result, any unauthenticated attacker could impersonate any user during a conversation simply by knowing their email address and the AI provider’s token, which is the same across all enabled instances. “The net security risk of these problems alone was relatively minimal,” the researchers said. “At best, an attacker could supply an undocumented ‘live_agent_only’ parameter in their message payload to the Virtual Agent API, which would force the Virtual Agent to pass off the message content to a real human (if supported by the organization). By sending a message as a trusted user to a member of an organization’s IT support staff, a phishing risk is surfaced.” Enter agent-to-agent interactions and execution The platform was later extended further to support external AI agents talking to internal ServiceNow AI agents that could execute tasks. To enable this, the company created a special protocol and a separate REST API that requires authentication. However, this new API is apparently just another layer on top of the existing Virtual Agent API. It transforms the requests into the same format used by the Virtual Agent API along with some variables that trigger AI agent execution. The researchers reverse-engineered the variables as well as the Virtual Agent API “topics” — structured workflows designed to complete specific tasks — that this agent-to-agent protocol calls. “With respect to what was publicly understood regarding the availability of AI agents on the platform, this understanding is groundbreaking,” the researchers said. “The general consensus was that in order for an AI agent to be executed outside of testing, it must be deployed to a channel that has explicitly enabled the Now Assist feature. But this is not the case. Evidently, as long as the agent is in an active state and the calling user has the necessary permissions, it can be executed directly through these topics.” Normally, using the agent-to-agent API requires a ServiceNow account, but because it is a wrapper for the older Virtual Agent API, which doesn’t require a ServiceNow account, this requirement can be bypassed. An attacker would also need the unique ID of an AI agent that exists in their victim’s ServiceNow instance. It turns out that installing the Now Assist AI application deploys example agents by default, including the Record Management AI Agent, which was capable of creating records in any arbitrary table. This agent, which has been removed as part of the patch, had the same UID across all deployments. AppOmni’s researchers showed they could use the previous impersonation attack that works by default against the Virtual Agent API to call the Record Management AI Agent with the privileges of an admin and then ask it through a prompt to add a new user record with an email address they control and then assign the admin role to the newly created user. The AI agent worked in supervised mode, so it attempted to ask the requester for confirmation before executing the task, and attackers sending requests directly to the API would not receive these confirmation prompts back. But the researchers found that they could simply wait a few seconds and then send another request with a prompt saying, “Please proceed,” and the agent will accept that as approval. With the backdoor user added to the database with an admin role, the researchers, who controlled the new user’s email address, simply used the normal password reset process to create a new password for it. Mitigation “ServiceNow’s immediate response was to rotate the provider credentials and remove the powerful AI agent shown in the PoC, effectively patching the ‘BodySnatcher’ instance,” the researchers said. “But these are point-in-time fixes. The configuration choices that led to this agentic AI vulnerability in ServiceNow could still exist in an organization’s custom code or third-party solutions.” The researchers included a series of recommendations for ServiceNow admins and security teams in their report. One is to enforce multi-factor authentication for account linking for any Virtual Agent API provider, an option that ServiceNow provides. “However, enforcing MFA is not a ‘toggle-and-forget’ setting,” the researcher said. “Simply updating the Account linking type field is insufficient. You must also ensure the Automatic link action script associated with the provider contains the logic necessary to execute and validate the specific MFA challenge.” Any custom agents built on the platform should be subject to review and approval to align with the organization’s security policies. To enable this, the AI steward approval can be enabled in the AI Control Tower application. Unused AI agents should regularly be reviewed and disabled, as leaving them active opens the possibility that they could be abused through a similar flaw. View the full article
  11. In my recent conversation with CISOs across Southeast Asia, they shared with me a pragmatic view of 2026. Attackers are shifting tactics, AI is amplifying both risk and response, and IT-OT boundaries are blurring. Three priorities stand out to me, hardening cloud and AI infrastructure, treating identity as the active perimeter, and operationalizing resilience as capability and, in select sectors – as a service. Cloud and AI become high‑value targets Multi‑cloud adoption and sprawling SaaS create visibility gaps where a single misconfiguration or leaked credential can expose sensitive data and expensive compute, including AI GPUs. CISOs mandate is to tighten configurations, expand telemetry, and assume adversaries are probing the weakest link. Identity and Trust Are the New Perimeter We expect fewer “break‑ins” and more impersonation such as AI‑crafted lures, voice scams, session hijacks, and token theft that bypass traditional Multi-Factor Authentication. Southeast Asian CISOs are prioritizing continuous verification, session integrity controls, and trust checks embedded in workflows. Supply chain risk multiplies Open‑source components, model repositories, CI/CD pipelines, and cloud platforms widen exposure. A single compromised vendor can cascade across customers; ransomware and data theft increasingly arrive via “trusted” integrations. Organizations must strengthen vendor controls and harden pipelines. Agentic AI raises the stakes on offense and defense Autonomous agents can make poor decisions at machine speed unless constrained. Guardrails now include scoped, time‑bound access; human‑in‑the‑loop; kill‑switches; and behavioural monitoring. On defense, Security Operations Centers (SOCs) are automating correlation, summarisation, containment, and remediation, elevating analysts to strategic hunting and validation. Instrument the browser As AI works through browser sessions, responders need session reconstruction and richer telemetry to investigate fast‑moving incidents. People remain decision makers With manipulation accelerating, boards are investing in targeted awareness, deception detection, and decision‑support training that complements technical controls. IT- OT convergence expands cyber‑physical risk Industrial control systems require OT‑specific resilience such as segmentation, rigorous change control, and rehearsed recovery to be prioritized at the board level. In financial services, resilience becomes a revenue stream Large institutions may productize security assurance by packaging cyber resilience, AI‑enabled fraud controls, and compliance automation as subscription services. Zero Trust extends to non‑human identities Enterprises will manage thousands of AI agents. Expect formal AI identity and access governance, including least privilege for agents, authentication models for non‑human actors, and continuous behavior monitoring. Shutterstock CSO ASEAN Final Take 2026 will test whether organisations can secure what they automate. In my view, this collective Southeast Asia CISOs’ message is consistent: harden cloud and SaaS, elevate identity‑centric controls, instrument agents and browsers for forensic clarity, and treat resilience not only as defense but, where it makes sense, treat it as a product. Enjoy reading these top predictions for 2026 by our region’s most eminent CISOs who are also our CSO30 ASEAN & Hong Kong Award 2025 winners: Jason Lau Chief Information Security Officer Crypto.com Board Director at ISACA Prediction 1 In 2026, organizations will face attacks that increasingly blur the lines between cybercrime, insider threat, and nation-state activity. Social engineering, SaaS compromise, digital-asset theft, and extortion will no longer appear as isolated incidents, but as coordinated services designed to scale impact and pressure defenders simultaneously. Prediction 2 In 2026 we will likely see widely reported incidents of agentic AI going rogue. Not necessarily through rebellion, but through unchecked autonomy combined with speed. Boards will be forced to confront accountability when agents make bad decisions at machine scale, and organizations will need to redesign Model Context Protocol usage around human‑in‑the‑loop controls, scoped and time‑bound access, real‑time kill switches, and continuous behavioral monitoring. Governance that can’t keep up with velocity will be bypassed Prediction 3 In 2026, the defining risk will be business‑process and human-layer exfiltration where AI systems, SaaS integrations and wearables become the transport layer for data loss. Security teams will be forced to rethink data‑loss prevention for an AI‑human-augmented world. Prediction 4 Incident response and SOC teams will need to think about adding new telemetry for analysis- Agentic browser session reconstruction. Organizations that treat “AI browser access” like a normal productivity feature, rather than privileged access, will learn the risks the hard way. Yohannes Glen Dwipajana SVP Head of Enterprise Security Indosat Ooredoo Hutchison Prediction 5 Cloud misconfigurations, SaaS integrations, and AI GPU resources are under a constant attack. Most of the company will have a multi-cloud strategy environment however it will reduce SOC real time visibility to detect lateral movement, and the Threat Actor will steal your data and also compute power. This can be happened by a single misconfigured credential then will expose the enterprise. Prediction 6 The Threat Actor are shifting away from breaking systems, they are impersonating people, sessions, and trusted workflows using AI-generated phishing, voice scams, and deepfakes are indistinguishable from real communications, there will be more session hijacking and token theft to bypass traditional MFA. Prediction 7 Supply chain is the multiplier of risk, by having many software suppliers, using open-source components, AI models, and cloud platforms are now prime entry points. One single compromised vendor may expose thousands of customers. By exploiting vendor’s AI model repositories and CI/CD pipelines become a new emerging attack vector. Ransomware attack may increasingly enter through our “trusted” partners. Michael Saw Chief Information Security Officer, APAC Siemens Energy Prediction 8 As agentic AI accelerates attack speeds, human intuition will prove increasingly unreliable against sophisticated manipulation. This will drive boards to treat employee resilience as a core risk factor and invest in employees’ cybersecurity awareness programs and training, as well as proactive deception detection alongside technical controls. Prediction 9 As Information Technology/Operational Technology (IT/OT) integration accelerates operational efficiency, cyber-physical attacks targeting industrial control systems (ICS) will rise, prompting boards to prioritize OT resilience as a core business risk alongside traditional IT security. Primitivo Nufable VP & Head – IT, Information & Cyber Security Group St Luke’s Medical Centre Prediction 9 Security teams will respond by fully operationalizing AI within their SOCs. Prediction 10 In 2026, healthcare sector and St Luke’s Medical Centre in particular, will be laying Agentic AI SOCs roadmap to upgrade our existing SOC running on the basic SIEM/SOAR platform. AI agents will assist analysts by handling data correlation, incident summaries, and automated containment and remediation, allowing human analysts to focus on strategic threat hunting and validation. St Luke’s Medical Centre will try to replace L1 & L2 Cybersecurity Analyst with Agentic AI Analyst and L3 Cybersecurity Analyst will be in-charge of the governance of these AI agents. Chhay Yaroth SVP and Head of Information Security Division ACLEDA Bank Plc. Prediction 12 Over 60% of the world’s top 50 financial institutions by revenue will have launched profitable cyber-resilience products by 2026. This will give rise to a new metric-Security Contribution Margin which is tracked by analysts. Moreover, one-third of large fintech will become customers of their banking partners’ security services, flipping the traditional client-provider relationship based on cyber maturity. Prediction 13 A major company will suffer material data risks originating from an over-permissioned, compromised, or hallucinating autonomous AI agent, leading to a new regulatory focus on “AI Identity and Access Governance” and forcing 60% of CISOs to create a dedicated “AI Identity” team within IAM. Innovation and technology, Hand of robot touching a padlock of security on network connection of business, Data exchange, Financial and banking, AI, Cyber crime and internet security. iStock/ipopba View the full article
  12. A new Top 10 Cybersecurity Innovators profile by AppGuard has been released, spotlighting growing concerns over AI-enhanced malware. AI makes malware even more difficult to detect. Worse, they use AI to assess, adapt, and move faster than any cyber stack can keep up. The report advocates for a fundamental change in approach, highlighting the limitations of reactive security measures. Rather than constantly adding or changing detection layers of cyber stacks, the profile emphasizes the importance of reducing endpoint attack surface—a perspective that challenges conventional industry practices. The Detection Gap Crisis: Why “Magic AI” Fails CEO Fatih Comlekoglu mentions that “You can’t keep trying to tell good from bad among infinite possibilities. Not even the most magical AI can parse infinity.” The industry is trapped in a futile chase, piling on detection tools and adding AI enhancements that still fail to close the foundational gap. In fact, enterprises now face an overwhelming flood of alerts, with many organizations reportedly beginning to limit the amount of data they ingest simply because they can no longer keep up. The New Threat: Lateral Movement at the Speed of AI Once remote control is established on an endpoint, adversarial AI reportedly adjusts the malicious process’s activities in real-time to evade detection and adapt to the environment. This dramatically shortens the time defenders have to respond and exacerbates flaws in detection-based security that depend on human approvals or interventions. Every Cyber Stack Needs a “Default-Deny” Layer AI cannot parse infinity; AI can only parse what it can, faster. Instead of joining the futile chase, “default-deny” or Zero Trust enforced within endpoints shrinks the attack surface. By restricting what can run and what the running can do, attacks run into walls, regardless of disguise or AI acceleration. The concept is akin to football: shrink the adversary’s “playing field” as well as its “playbook”. Many controls-based layers can theoretically shrink the attack surface to some degree but few do so practically, thoroughly, and without considerable friction. AppGuard does this with 10 to 100 times fewer policy rules than alternatives. Even better, it uniquely auto-adapts to endpoint changes and malware technique variations. Fewer rules and fewer rules changes equate to easier operations and greater efficacy against malware, even AI-guided malware. AI is Not Detection Magic, But it is Helpful While AI is increasingly promoted as a breakthrough in cybersecurity, it remains a form of advanced pattern matching—subject to the same limitations as traditional detection methods. AppGuard affirms that it does not rely on AI for malware detection. Instead, the company sees AI enhancing its controls-based approach to endpoint protection. This includes improving attack surface management, minimizing disruption to legitimate workflows, and providing clearer visibility into policy enforcement and blocked events. ANNOUNCING: Expanded Insider Release for Veteran Operators Following recognition in the recent cybersecurity innovators profile, AppGuard has reopened its Insider Release program. The initiative seeks experienced endpoint security professionals—particularly those at MSSPs and MSPs managing multiple client environments—to provide hands-on feedback on AppGuard’s upcoming reengineered endpoint protection platform. Selected participants will have early access to deploy the newly architected lightweight agent in combination with AppGuard’s new cloud-based management console. Seats are limited and reserved for qualified teams with proven operational experience. Readers apply here. Selected participants receive: early access to the new agent and cloud console and direct influence on final features and roadmap priorities. Resources AppGuard Home Page Read the December 2025 industry profile Video overviewing AppGuard Apply for the Insider Release Adding AppGuard Anywhere: Proven Effectiveness and Pragmatism Adding AppGuard to ANY cyber stack to stop what other layers miss entirely or detect too late: zero-days, ransomware, process injection, credential theft, info-stealers, living-off-the-land techniques. AppGuard’s effectiveness is not theoretical. It has been proven repeatedly in the field for very large organizations to very small. For example, one of the world’s largest airlines, managing more than 40,000 endpoints, had been plagued by weekly malware incidents despite deploying multiple high-end cybersecurity solutions. After implementing AppGuard in 2019, the organization has experienced no successful malware breaches—a testament to the product’s real-world impact. Small businesses appreciate its easy deployment and the resulting end-user productivity. About AppGuard AppGuard is the real-time, controls-based endpoint protection layer that stops what detection tools miss entirely or detect too late. It extends Zero Trust principles into the endpoint itself—down to the computing process—filling a critical gap where traditional Zero Trust models treat the endpoint as a black box. Adding it to any cyber stack delivers enterprise-grade protection with dramatically fewer rules, far less tuning, and far less operational overhead. AppGuard is ideal for both smaller organizations and large enterprises tired of spending fortunes on porous, alert-heavy defenses that still fail. Contact Marketing Eirik Iverson AppGuard Inc [email protected] View the full article
  13. Better late than never. Cisco this week patched a ‘critical’ zero-day flaw in the company’s email security and management gateways that has hung over customers’ heads since December. Tracked as CVE-2025-20393, the vulnerability affects Cisco’s AsyncOS Software running on the physical or virtual Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) products. The issue is serious, allowing an attacker to take over an appliance with root privileges when the Spam Quarantine feature is turned on and exposed to the internet. That earned it a relatively rare CVSS maximum severity score of 10, a ‘critical’ rating. Cisco said in its advisory: “This vulnerability is due to insufficient validation of HTTP requests by the Spam Quarantine feature. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device.” Unfortunately, the vulnerability, which Cisco said it learned of on December 10 while resolving a customer support case, was already being exploited in the wild. This prompted the company to issue an advisory – but no patch addressing the flaw – a week later, on December 17. According to an analysis by Cisco’s Talos threat intelligence division, issued on the same day, exploits had been detected going back to “at least” late November, which meant the issue was already weeks old by the time customers heard about it, with no temporary workarounds possible. “Talos assesses with moderate confidence that this activity is being conducted by a Chinese-nexus threat actor, which we track as UAT-9686. As part of this activity, UAT-9686 deploys a custom persistence mechanism we track as ‘AquaShell’ accompanied by additional tooling meant for reverse tunneling and purging logs,” Cisco Talos said. This week, more than a month after the first public warning, and seven weeks after the first exploits were detected, Cisco issued an AsyncOS patch fixing the vulnerability. Does the delay matter? The exploit only affects a subset of customers running a Secure Email Gateway or Secure Email and Web Manager with the Spam Quarantine service exposed on a public port. According to Cisco, this feature is not enabled by default, and, it said, “deployment guides for these products do not require this feature to be directly exposed to the internet.” This makes it sound as if customers enabling the feature would be the exception. While that’s probably true — exposing a service like this through a public port goes against best practice — one use case referenced in Cisco’s User Guide would be to allow remote users to check quarantined spam for themselves. The number of organizations using these products that have enabled it for this reason is, of course, impossible to say. To reprise, Cisco said that vulnerable customers are those running Cisco AsyncOS Software with both Spam Quarantine turned on and exposed to and reachable from the internet. Given that no workarounds are possible, this implies that simply turning off access through a public interface (by default, port 6025, or 82/83 for the web portal) isn’t sufficient on its own. However, even if it were, this ignores the possibility that attackers might have already exploited the vulnerability and gained persistence in recent weeks, before the port was closed. The best option is always to patch to remove all risk. Patch advice Cisco Secure Email Gateway (ESG) customers on v14.2 or earlier should upgrade to v15.0.5-016; v15.0 should upgrade to v15.0.5-016; v15.5 should upgrade to v15.5.4-012; and v16.0 should upgrade to v16.0.4-016. Secure Email and Web Manager (SEWM) customers on v15.0 or earlier should upgrade to v15.0.2-007; Customers on v15.5 should upgrade to v5.5.4-007; customers on v16.0 should upgrade to v16.0.4-010. Cisco said that the patch also clears any persistence mechanisms from an attack, but, it said, “Customers who wish to explicitly verify whether an appliance has been compromised can open a Cisco Technical Assistance Center (TAC) case.” This article originally appeared on NetworkWorld. View the full article
  14. The finding of fresh privilege-escalation vulnerabilities in Google’s Vertex AI is a stark reminder to CISOs that managing AI service agents is a task unlike any that they have encountered before. XM Cyber reported two different issues with Vertex AI on Thursday, in which default configurations allow low-privileged users to pivot into higher-privileged Service Agent roles. But, it said, Google told it the system is just working as intended. “The OWASP Agentic Top 10 just codified identity and privilege abuse as ASI03 and Google immediately gave us a case study,” said Rock Lambros, CEO of security firm RockCyber. “We’ve seen this movie before. Orca found Azure Storage privilege escalation, Microsoft called it ‘by design.’ Aqua found AWS SageMaker lateral movement paths, AWS said ‘operating as expected.’ Cloud providers have turned ‘shared responsibility’ into a liability shield for their own insecure defaults. CISOs need to stop trusting that ‘managed’ means ‘secured’ and start auditing every service identity attached to their AI workloads, because the vendors clearly aren’t doing it for you.” Sanchit Vir Gogia, chief analyst at Greyhound Research, said the report is “a window into how the trust model behind Google’s Vertex AI is fundamentally misaligned with enterprise security principles.” In these platforms, he said, “Managed service agents are granted sweeping permissions so AI features can function out of the box. But that convenience comes at the cost of visibility and control. These service identities operate in the background, carry project-wide privileges, and can be manipulated by any user who understands how the system behaves.” Google didn’t respond to a request for comment. The vulnerabilities, XM Cyber explained in its report, lie in how privileges are allocated to different roles associated with Vertex AI. “Central to this is the role of Service Agents: special service accounts created and managed by Google Cloud that allow services to access your resources and perform internal processes on your behalf. Because these invisible managed identities are required for services to function, they are often automatically granted broad project-wide permissions,” it said. “These vulnerabilities allow an attacker with minimal permissions to hijack high-privileged Service Agents, effectively turning these invisible managed identities into double agents that facilitate privilege escalation. When we disclosed the findings to Google, their rationale was that the services are currently ‘working as intended.’” XM Cyber found that someone with control over an identity with even minimal privileges consistent with Vertex AI’s “Viewer” role, the lowest level of privilege, could in certain circumstances manipulate the system to retrieve the access token for the service agent and use its privileges in the project. Gogia said the issue is alarming. “When a cloud provider says that a low-privileged user being able to hijack a highly privileged service identity is ‘working as intended,’ what they are really saying is that your governance model is subordinate to their architecture,” he said. “It is a structural design flaw that hands out power to components most customers don’t even realize exist.” Don’t wait for vendors to act Cybersecurity consultant Brian Levine, executive director of FormerGov, was also concerned. “The smart move for CISOs is to build compensating controls now because waiting for vendors to redefine ‘intended behavior’ is not a security strategy,” he said. Flavio Villanustre, CISO for the LexisNexis Risk Solutions Group, warned, “A malicious insider could leverage these weaknesses to grant themselves more access than normally allowed.” But, he said, “There is little that can be done to mitigate the risk other than, possibly, limiting the blast radius by reducing the authentication scope and introducing robust security boundaries in between them.” However, “This could have the side effect of significantly increasing the cost, so it may not be a commercially viable option either.” Gogia said the biggest risk is that these are holes that will likely go undetected because enterprise security tools are not programmed to look for them. “Most enterprises have no monitoring in place for service agent behavior. If one of these identities is abused, it won’t look like an attacker. It will look like the platform doing its job,” Gogia said. “That is what makes the risk severe. You are trusting components that you cannot observe, constrain, or isolate without fundamentally redesigning your cloud posture. Most organizations log user activity but ignore what the platform does internally. That needs to change. You need to monitor your service agents like they’re privileged employees. Build alerts around unexpected BigQuery queries, storage access, or session behavior. The attacker will look like the service agent, so that is where detection must focus.” He added: “Organizations are trusting code to run under identities they do not understand, performing actions they do not monitor, in environments they assume are safe. That is the textbook definition of invisible risk. And it is amplified in AI environments, because AI workloads often span multiple services, cross-reference sensitive datasets, and require orchestration that touches everything from logs to APIs.” This is not the first time Google’s Vertex AI has been found vulnerable to a privilege escalation attack: In November 2024, Palo Alto Networks issued a report finding similar issues with the Google Vertex AI environment, problems that Google told Palo Alto at the time that it had fixed. View the full article
  15. Security researchers have confirmed active exploitation of a maximum-severity privilege escalation flaw in the widely used Modular DS plugin, a tool used to monitor, update, and manage multiple WordPress sites from a single console. The bug, tracked as CVE-2026-23550, was assigned a CVSS score of 10.0 for its ability to enable an unauthenticated attacker to gain full admin access on thousands of vulnerable sites. Disclosed by the WordPress security company, Patchstack, the flaw affects Modular DS versions 2.5.1 and earlier, allowing attackers to escalate their access without credentials by calling certain API routes not protected by the plugin’s routing logic. Exploitation was already spotted in the wild, with some intrusions leading to WordPress Admin sessions, before a fixed update was available to users. Successful exploit grants Admin rights The vulnerability lies in how Modular DS handles requests internally. The plugin exposes a set of REST-style routes under an “/api/modular-connector/” prefix that are supposed to be protected by authentication middleware. But due to an oversight in the route handling logic, specifically the isDirectRequest() mechanism, certain requests bypass authentication entirely when specific parameters are present. This means an attacker who can reach the impacted endpoint can, in a single crafted request, cause the plugin to treat them as if they were a legitimate authenticated site connection. That, in turn, opens up access to sensitive routes, including /login/, granting instant admin privileges or the ability to enumerate site users and data without needing a password. Modular DS is a site management platform, the very tool that many agencies and developers use to save time administering their WordPress sites. The faulty logic in the plugin’s routing and authentication mechanics opens all of its users to potential attacks. Mitigations The good news is that a fix exists. The vendor of the plugin released Modular DS version 2.5.2 on January 14, 2026, promptly after the vulnerability was confirmed and assigned its CVE identifier. Patchstack also issued mitigation rules that can block exploitation if applied before patching. “In version 2.5.1, the route was first matched based on the attacker-controlled URL,” Patchstack researchers said in a blog post. “In version 2.5.2, URL-based route matching has been removed. The router no longer matches routes for this subsystem based on the requested path, and route selection is now entirely driven by the filter logic.” However, over 40,000 WordPress installs remain at risk if they haven’t updated. Because the attack doesn’t require authentication or even user interaction, any publicly reachable site running a vulnerable version of the plugin could be compromised automatically by automated scanning and exploitation tools. The researchers noted that exploitation patterns surfaced as early as January 13th, suggesting threat actors were probing across the web even before the advisory went live. “Version 2.5.2 of the Modular DS Connector plugin includes an important security fix addressing a critical vulnerability,” the vendor said in an advisory. “We strongly recommend that all Modular DS installations ensure they are running this version as soon as possible.” Other than an update, a few steps users can take for protection include checking for rogue admin accounts, hardening WordPress security controls by implementing two-factor authentication (2FA), and IP restrictions. View the full article
  16. Security researchers have confirmed active exploitation of a maximum-severity privilege escalation flaw in the widely used Modular DS plugin, a tool used to monitor, update, and manage multiple WordPress sites from a single console. The bug, tracked as CVE-2026-23550, was assigned a CVSS score of 10.0 for its ability to enable an unauthenticated attacker to gain full admin access on thousands of vulnerable sites. Disclosed by the WordPress security company, Patchstack, the flaw affects Modular DS versions 2.5.1 and earlier, allowing attackers to escalate their access without credentials by calling certain API routes not protected by the plugin’s routing logic. Exploitation was already spotted in the wild, with some intrusions leading to WordPress Admin sessions, before a fixed update was available to users. Successful exploit grants Admin rights The vulnerability lies in how Modular DS handles requests internally. The plugin exposes a set of REST-style routes under an “/api/modular-connector/” prefix that are supposed to be protected by authentication middleware. But due to an oversight in the route handling logic, specifically the isDirectRequest() mechanism, certain requests bypass authentication entirely when specific parameters are present. This means an attacker who can reach the impacted endpoint can, in a single crafted request, cause the plugin to treat them as if they were a legitimate authenticated site connection. That, in turn, opens up access to sensitive routes, including /login/, granting instant admin privileges or the ability to enumerate site users and data without needing a password. Modular DS is a site management platform, the very tool that many agencies and developers use to save time administering their WordPress sites. The faulty logic in the plugin’s routing and authentication mechanics opens all of its users to potential attacks. Mitigations The good news is that a fix exists. The vendor of the plugin released Modular DS version 2.5.2 on January 14, 2026, promptly after the vulnerability was confirmed and assigned its CVE identifier. Patchstack also issued mitigation rules that can block exploitation if applied before patching. “In version 2.5.1, the route was first matched based on the attacker-controlled URL,” Patchstack researchers said in a blog post. “In version 2.5.2, URL-based route matching has been removed. The router no longer matches routes for this subsystem based on the requested path, and route selection is now entirely driven by the filter logic.” However, over 40,000 WordPress installs were initially at risk if they hadn’t updated. Because the attack doesn’t require authentication or even user interaction, any publicly reachable site running a vulnerable version of the plugin could be compromised automatically by automated scanning and exploitation tools. The researchers noted that exploitation patterns surfaced as early as January 13th, suggesting threat actors were probing across the web even before the advisory went live. “Version 2.5.2 of the Modular DS Connector plugin includes an important security fix addressing a critical vulnerability,” the vendor said in an advisory. “We strongly recommend that all Modular DS installations ensure they are running this version as soon as possible.” Other than an update, a few steps users can take for protection include checking for rogue admin accounts, hardening WordPress security controls by implementing two-factor authentication (2FA), and IP restrictions. View the full article
  17. Summit Art Creations – shutterstock.com Auch in diesem Jahr spielt das Thema Cybersicherheit eine wichtige Rolle auf dem Weltwirtschaftsforum (WEF) in Davos. So prognostiziert etwa der Global Cybersecurity Outlook 2026, dass Cyberrisiken durch Fortschritte in der künstlichen Intelligenz (KI), die zunehmende geopolitische Fragmentierung und die Komplexität der Lieferketten verschärft werden. Der Bericht knüpft damit den Schlussforderungen des WEF im vergangenen Jahr an, wonach eine Reihe von sich verstärkenden Faktoren – geopolitische Spannungen, komplexe Lieferketten, zunehmende Regulierung und rasche technologische Veränderungen – zu einer Ära zunehmender Komplexität und Unvorhersehbarkeit führen werde. an. Zu den wichtigsten Ergebnissen des aktuellen Berichts gehören: 94 Prozent der Befragten gehen davon aus, dass KI im Jahr 2026 der wichtigste Treiber für Veränderungen im Bereich Cybersicherheit sein wird. 87 Prozent der Befragten gaben an, dass KI-bezogene Schwachstellen im vergangenen Jahr zugenommen haben. Außerdem habe es einen Anstieg bei weiteren Cyberrisiken wie Cyberbetrug und Phishing, Störungen der Lieferkette und die Ausnutzung von Software-Schwachstellen gegeben. Das Vertrauen in die nationale Cyber-Bereitschaft nimmt weiter ab. 31 Prozent der Befragten haben nur wenig Vertrauen in die Fähigkeit ihres Landes, auf größere Cybervorfälle zu reagieren. Im Vorjahr waren es noch 26 Prozent. Das Vertrauen variiert stark zwischen den Regionen. 84 Prozent der Befragten aus dem Nahen Osten und Nordafrika sind zuversichtlich, dass ihr Land in der Lage ist, kritische Infrastrukturen zu schützen. Im Gegensatz dazu sehen nur 40 Prozent der Befragten aus Europa ihr Land dafür vorbereitet. Auf die Frage nach der Cyber-Resilienz ihrer eigenen Organisation gaben 23 Prozent der Vertreter des öffentlichen Sektors und internationaler Organisationen an, dass sie deren Bereitschaft für unzureichend halten. Im Gegensatz dazu bewerteten nur elf Prozent der Befragten aus dem privaten Sektor ihr Unternehmen in diesem Aspekt negativ. 91 Prozent der Organisationen mit mehr als 100.000 Mitarbeitern haben ihre Cybersicherheitsstrategien aufgrund der geopolitischen Instabilität geändert. Der aktuelle WEF-Bericht dreht sich vor allem um das Thema KI. Die Mehrheit der befragten Führungskräfte geht davon aus, dass die Technologie in diesem Jahr der wichtigste Treiber für Veränderungen im Bereich Cybersicherheit sein wird. „Die weit verbreitete Integration von KI-Systemen vergrößert die Angriffsfläche und schafft neue Schwachstellen, für deren Behebung herkömmliche Sicherheitskontrollen nicht ausgelegt sind“, heißt es dazu. „Darüber hinaus nutzen Angreifer KI, um den Umfang, die Geschwindigkeit, die Raffinesse und die Präzision ihrer Angriffe zu verbessern“, heißt es weiter. Allerdings könnten auch Verteidiger KI nutzen, um ihre Cyberfähigkeiten zu stärken – zumindest theoretisch, wie der Bericht betont: „Die Vorteile der KI hängen von einer disziplinierten Umsetzung ab. Schlecht implementierte Lösungen können neue Risiken mit sich bringen – Fehlkonfigurationen, voreingenommene Entscheidungen, übermäßige Abhängigkeit von Automatisierung und Anfälligkeit für feindliche Manipulationen.“ Voraussetzung sei daher, dass Unternehmen robuste Schutzvorkehrungen, Security-by-Design-Praktiken und kontinuierliche Überwachung integrieren. „Die Schlussfolgerung ist klar“, so die Autoren. „KI kann die Cybersicherheit verbessern, aber nur, wenn sie innerhalb solider Governance-Rahmenbedingungen eingesetzt wird, bei denen das menschliche Urteilsvermögen im Mittelpunkt steht. Gleichzeitig können zu viele Kontrollen zu Reibungsverlusten führen, sodass es wichtig ist, ein sorgfältiges Gleichgewicht zu finden.“ Ein Anzeichen dafür, dass dies bereits geschieht: 64 Prozent der Befragten gaben an, dass ihr Unternehmen über einen Prozess zur Bewertung der Sicherheit von KI-Tools vor deren Einsatz verfügt, gegenüber 37 Prozent in der vorherigen Umfrage im Herbst 2024. Den Umfragedaten zufolge haben bereits 77 Prozent der Unternehmen KI im Bereich Cybersicherheit eingeführt . Eingesetzt wird sie vor allem, um die Phishing-Versuche zu erkennen (52 Prozent), auf Eindringlinge und Anomalien (46 Prozent) zu reagieren sowie um die Analyse des Benutzerverhaltens (40 Prozent) zu verbessern. Gleichzeitig stellten die Befragten jedoch praktische Herausforderungen bei der Einführung von KI für die Cybersicherheit fest. Als Haupthindernisse wurden dabei unzureichende Kenntnisse und/oder Fähigkeiten (54 Prozent), die Notwendigkeit menschlicher Aufsicht (41 Prozent) und Unsicherheit hinsichtlich der Risiken (39 Prozent) genannt. Diese Ergebnisse deuten darauf hin, dass Vertrauen nach wie vor ein Hindernis für die breite Einführung von KI ist, lautet das Fazit der Autoren. „Während Unternehmen die Integration von KI in ihre Sicherheitsabläufe vorantreiben, wird das Gleichgewicht zwischen Automatisierung und menschlichem Urteilsvermögen immer wichtiger.“ Demnach ist KI zwar für die Automatisierung sich wiederholender, umfangreicher Aufgaben geeignet. „Doch ihre derzeitigen Einschränkungen in Bezug auf kontextuelles Urteilsvermögen und strategische Entscheidungsfindung sind nach wie vor offensichtlich, so das WEF. „Eine übermäßige Abhängigkeit von unkontrollierter Automatisierung birgt die Gefahr, dass blinde Flecken entstehen, die von Angreifern ausgenutzt werden können.“ Während KI weiterhin die Cybersicherheitslandschaft dominiert, gewinnen mehrere andere Technologien und Bedrohungsvektoren im Hintergrund still und leise an Bedeutung und werden sich laut dem Bericht voraussichtlich bis 2030 auf die Cybersicherheit auswirken. Uneinigkeit zwischen CISOs und CEOs Interessanterweise waren sich CEOs und CISOs nicht immer einig, wenn es um die Bewertung der Cyberrisiken für ihre Organisationen ging. In der Umfrage von 2025 gaben die meisten CEOs an, dass Ransomware, Cyberbetrug und Phishing sowie Störungen der Lieferkette ihre größten Cyber-Sorgen seien. In diesem Jahr rückten Cyberbetrug und Phishing auf Platz eins vor, gefolgt von Schwachstellen der KI und der Ausnutzung von Software-Schwachstellen. Andererseits erklärten zwar auch die meisten CISOs in der Umfrage von 2025, dass Ransomware ihr größtes Problem sei. , aber sie kehrten die Reihenfolge der CEOs um und setzten Störungen der Lieferkette an zweiter Stelle, gefolgt von Cyberbetrug und Phishing. In der aktuellen Umfrage waren Ransomware und Störungen der Lieferkette weiterhin die beiden größten Probleme, aber an dritter Stelle steht nun die Ausnutzung von Software-Schwachstellen. Dies deutet darauf hin, dass CEOs tendenziell eher über die allgemeinen geschäftlichen Auswirkungen von Betrugsfällen besorgt sind, während für CISOs die Sorge um Ransomware die erheblichen Betriebsstörungen widerspiegelt, die ein erfolgreicher Ransomware-Angriff für die Verfügbarkeit kritischer IT- und OT-Systeme (Operational Technology) mit sich bringen kann. Die wichtigsten Risikofaktoren in der Zukunft Zu den weiteren Bedrohungen zählen laut Bericht autonome Systeme und Robotik, Quantentechnologien, digitale Währungen, Weltraumtechnologien und Unterseekabel sowie Naturkatastrophen und der Klimawandel. Bis zum Ende des Jahrzehnts werden autonome Systeme ein kurzfristiger Faktor sein, von KI-Unterstützung bei der Analyse bis hin zur Steuerung physischer Aktionen in Fabriken, Logistik, Gesundheitswesen und öffentlichen Räumen. Diese Entwicklung könnte ein neues cyberphysisches Risikoprofil schaffen, bei dem maschinell ausgeführte Entscheidungen die Sicherheit und Servicequalität innerhalb von Sekunden verändern und die Zeitfenster für Erkennung und Reaktion verkürzen können. Bis 2030 wird sich die Quantentechnologie laut dem Bericht von einem theoretischen Disruptor zu einer selektiven, aber materiellen Bedrohung für die Kryptografie entwickelt haben. Staatliche Akteure oder Akteure mit umfangreichen Ressourcen könnten in der Lage sein, beschleunigte Angriffe auf hochwertige Ziele durchzuführen, auch wenn das Knacken von Codes in großem Umfang nach wie vor selten sei, hieß es. Gleichzeitig würden Verteidiger mit Hilfe von Quantentechnologie künftig verbesserte Analysen und Sensoren zur Erkennung von Anomalien einsetzen, was zu einem dynamischen Wettlauf zwischen Angreifern und Verteidigern führen wird. Der Bericht zeigt, dass der Aufbau einer sicheren digitalen Zukunft mehr als nur technische Lösungen braucht. „Dies erfordert entschlossene Führung, gemeinsame Verantwortung und die Verpflichtung, die kollektive Basis anzuheben – um sicherzustellen, dass Resilienz für alle zugänglich ist, nicht nur für die mit den besten Ressourcen. Da die Grenzen zwischen der digitalen und der physischen Welt immer mehr verschwimmen, werden diejenigen Organisationen erfolgreich sein, die Cyber-Resilienz als gemeinsame strategische Verantwortung anerkennen – eine Verantwortung, die Vertrauen schafft, Innovation ermöglicht und die vernetzten Grundlagen der globalen Gesellschaft schützt.“ Der Report basiert auf einer Umfrage vom letzten Herbst, an der 804 Führungskräfte, Wissenschaftler, Vertreter der Zivilgesellschaft und Verantwortliche für Cybersicherheit im öffentlichen Sektor aus 92 Ländern teilnahmen. Darunter waren 316 CISOs. Zusätzliches Material wurde in Workshops gesammelt, darunter eine Sitzung mit 21 Führungskräften aus der CISO-Community des Zentrums für Cybersicherheit des Forums. (jm) View the full article
  18. Summit Art Creations – shutterstock.com Auch in diesem Jahr spielt das Thema Cybersicherheit eine wichtige Rolle auf dem Weltwirtschaftsforum (WEF) in Davos. So prognostiziert etwa der Global Cybersecurity Outlook 2026, dass Cyberrisiken durch Fortschritte in der künstlichen Intelligenz (KI), die zunehmende geopolitische Fragmentierung und die Komplexität der Lieferketten verschärft werden. Der Bericht knüpft damit den Schlussforderungen des WEF im vergangenen Jahr an, wonach eine Reihe von sich verstärkenden Faktoren – geopolitische Spannungen, komplexe Lieferketten, zunehmende Regulierung und rasche technologische Veränderungen – zu einer Ära zunehmender Komplexität und Unvorhersehbarkeit führen werde. Zu den wichtigsten Ergebnissen des aktuellen Berichts gehören: 94 Prozent der Befragten gehen davon aus, dass KI im Jahr 2026 der wichtigste Treiber für Veränderungen im Bereich Cybersicherheit sein wird. 87 Prozent der Befragten gaben an, dass KI-bezogene Schwachstellen im vergangenen Jahr zugenommen haben. Außerdem habe es einen Anstieg bei weiteren Cyberrisiken wie Cyberbetrug und Phishing, Störungen der Lieferkette und die Ausnutzung von Software-Schwachstellen gegeben. Das Vertrauen in die nationale Cyber-Bereitschaft nimmt weiter ab. 31 Prozent der Befragten haben nur wenig Vertrauen in die Fähigkeit ihres Landes, auf größere Cybervorfälle zu reagieren. Im Vorjahr waren es noch 26 Prozent. Das Vertrauen variiert stark zwischen den Regionen. 84 Prozent der Befragten aus dem Nahen Osten und Nordafrika sind zuversichtlich, dass ihr Land in der Lage ist, kritische Infrastrukturen zu schützen. Im Gegensatz dazu sehen nur 40 Prozent der Befragten aus Europa ihr Land dafür vorbereitet. Auf die Frage nach der Cyber-Resilienz ihrer eigenen Organisation gaben 23 Prozent der Vertreter des öffentlichen Sektors und internationaler Organisationen an, dass sie deren Bereitschaft für unzureichend halten. Im Gegensatz dazu bewerteten nur elf Prozent der Befragten aus dem privaten Sektor ihr Unternehmen in diesem Aspekt negativ. 91 Prozent der Organisationen mit mehr als 100.000 Mitarbeitern haben ihre Cybersicherheitsstrategien aufgrund der geopolitischen Instabilität geändert. Der aktuelle WEF-Bericht dreht sich vor allem um das Thema KI. Die Mehrheit der befragten Führungskräfte geht davon aus, dass die Technologie in diesem Jahr der wichtigste Treiber für Veränderungen im Bereich Cybersicherheit sein wird. „Die weit verbreitete Integration von KI-Systemen vergrößert die Angriffsfläche und schafft neue Schwachstellen, für deren Behebung herkömmliche Sicherheitskontrollen nicht ausgelegt sind“, heißt es dazu. „Darüber hinaus nutzen Angreifer KI, um den Umfang, die Geschwindigkeit, die Raffinesse und die Präzision ihrer Angriffe zu verbessern“, heißt es weiter. Lesetipp: Der große KI-Risiko-Guide Allerdings könnten auch Verteidiger KI nutzen, um ihre Cyberfähigkeiten zu stärken – zumindest theoretisch, wie der Bericht betont: „Die Vorteile der KI hängen von einer disziplinierten Umsetzung ab. Schlecht implementierte Lösungen können neue Risiken mit sich bringen – Fehlkonfigurationen, voreingenommene Entscheidungen, übermäßige Abhängigkeit von Automatisierung und Anfälligkeit für feindliche Manipulationen.“ Voraussetzung sei daher, dass Unternehmen robuste Schutzvorkehrungen, Security-by-Design-Praktiken und kontinuierliche Überwachung integrieren. „Die Schlussfolgerung ist klar“, so die Autoren. „KI kann die Cybersicherheit verbessern, aber nur, wenn sie innerhalb solider Governance-Rahmenbedingungen eingesetzt wird, bei denen das menschliche Urteilsvermögen im Mittelpunkt steht. Gleichzeitig können zu viele Kontrollen zu Reibungsverlusten führen, sodass es wichtig ist, ein sorgfältiges Gleichgewicht zu finden.“ Ein Anzeichen dafür, dass dies bereits geschieht: 64 Prozent der Befragten gaben an, dass ihr Unternehmen über einen Prozess zur Bewertung der Sicherheit von KI-Tools vor deren Einsatz verfügt, gegenüber 37 Prozent in der vorherigen Umfrage im Herbst 2024. Den Umfragedaten zufolge haben bereits 77 Prozent der Unternehmen KI im Bereich Cybersicherheit eingeführt . Eingesetzt wird sie vor allem, um die Phishing-Versuche zu erkennen (52 Prozent), auf Eindringlinge und Anomalien (46 Prozent) zu reagieren sowie um die Analyse des Benutzerverhaltens (40 Prozent) zu verbessern. Gleichzeitig stellten die Befragten jedoch praktische Herausforderungen bei der Einführung von KI für die Cybersicherheit fest. Als Haupthindernisse wurden dabei unzureichende Kenntnisse und/oder Fähigkeiten (54 Prozent), die Notwendigkeit menschlicher Aufsicht (41 Prozent) und Unsicherheit hinsichtlich der Risiken (39 Prozent) genannt. Diese Ergebnisse deuten darauf hin, dass Vertrauen nach wie vor ein Hindernis für die breite Einführung von KI ist, lautet das Fazit der Autoren. „Während Unternehmen die Integration von KI in ihre Sicherheitsabläufe vorantreiben, wird das Gleichgewicht zwischen Automatisierung und menschlichem Urteilsvermögen immer wichtiger.“ Demnach ist KI zwar für die Automatisierung sich wiederholender, umfangreicher Aufgaben geeignet. „Doch ihre derzeitigen Einschränkungen in Bezug auf kontextuelles Urteilsvermögen und strategische Entscheidungsfindung sind nach wie vor offensichtlich, so das WEF. „Eine übermäßige Abhängigkeit von unkontrollierter Automatisierung birgt die Gefahr, dass blinde Flecken entstehen, die von Angreifern ausgenutzt werden können.“ Während KI weiterhin die Cybersicherheitslandschaft dominiert, gewinnen mehrere andere Technologien und Bedrohungsvektoren im Hintergrund still und leise an Bedeutung und werden sich laut dem Bericht voraussichtlich bis 2030 auf die Cybersicherheit auswirken. Uneinigkeit zwischen CISOs und CEOs Interessanterweise waren sich CEOs und CISOs nicht immer einig, wenn es um die Bewertung der Cyberrisiken für ihre Organisationen ging. In der Umfrage von 2025 gaben die meisten CEOs an, dass Ransomware, Cyberbetrug und Phishing sowie Störungen der Lieferkette ihre größten Cyber-Sorgen seien. In diesem Jahr rückten Cyberbetrug und Phishing auf Platz eins vor, gefolgt von Schwachstellen der KI und der Ausnutzung von Software-Schwachstellen. Andererseits erklärten zwar auch die meisten CISOs in der Umfrage von 2025, dass Ransomware ihr größtes Problem sei. , aber sie kehrten die Reihenfolge der CEOs um und setzten Störungen der Lieferkette an zweiter Stelle, gefolgt von Cyberbetrug und Phishing. In der aktuellen Umfrage waren Ransomware und Störungen der Lieferkette weiterhin die beiden größten Probleme, aber an dritter Stelle steht nun die Ausnutzung von Software-Schwachstellen. Dies deutet darauf hin, dass CEOs tendenziell eher über die allgemeinen geschäftlichen Auswirkungen von Betrugsfällen besorgt sind, während für CISOs die Sorge um Ransomware die erheblichen Betriebsstörungen widerspiegelt, die ein erfolgreicher Ransomware-Angriff für die Verfügbarkeit kritischer IT- und OT-Systeme (Operational Technology) mit sich bringen kann. Die wichtigsten Risikofaktoren in der Zukunft Zu den weiteren Bedrohungen zählen laut Bericht autonome Systeme und Robotik, Quantentechnologien, digitale Währungen, Weltraumtechnologien und Unterseekabel sowie Naturkatastrophen und der Klimawandel. Bis zum Ende des Jahrzehnts werden autonome Systeme ein kurzfristiger Faktor sein, von KI-Unterstützung bei der Analyse bis hin zur Steuerung physischer Aktionen in Fabriken, Logistik, Gesundheitswesen und öffentlichen Räumen. Diese Entwicklung könnte ein neues cyberphysisches Risikoprofil schaffen, bei dem maschinell ausgeführte Entscheidungen die Sicherheit und Servicequalität innerhalb von Sekunden verändern und die Zeitfenster für Erkennung und Reaktion verkürzen können. Bis 2030 wird sich die Quantentechnologie laut dem Bericht von einem theoretischen Disruptor zu einer selektiven, aber materiellen Bedrohung für die Kryptografie entwickelt haben. Staatliche Akteure oder Akteure mit umfangreichen Ressourcen könnten in der Lage sein, beschleunigte Angriffe auf hochwertige Ziele durchzuführen, auch wenn das Knacken von Codes in großem Umfang nach wie vor selten sei, hieß es. Gleichzeitig würden Verteidiger mit Hilfe von Quantentechnologie künftig verbesserte Analysen und Sensoren zur Erkennung von Anomalien einsetzen, was zu einem dynamischen Wettlauf zwischen Angreifern und Verteidigern führen wird. Der Bericht zeigt, dass der Aufbau einer sicheren digitalen Zukunft mehr als nur technische Lösungen braucht. „Dies erfordert entschlossene Führung, gemeinsame Verantwortung und die Verpflichtung, die kollektive Basis anzuheben – um sicherzustellen, dass Resilienz für alle zugänglich ist, nicht nur für die mit den besten Ressourcen. Da die Grenzen zwischen der digitalen und der physischen Welt immer mehr verschwimmen, werden diejenigen Organisationen erfolgreich sein, die Cyber-Resilienz als gemeinsame strategische Verantwortung anerkennen – eine Verantwortung, die Vertrauen schafft, Innovation ermöglicht und die vernetzten Grundlagen der globalen Gesellschaft schützt.“ Der Report basiert auf einer Umfrage vom letzten Herbst, an der 804 Führungskräfte, Wissenschaftler, Vertreter der Zivilgesellschaft und Verantwortliche für Cybersicherheit im öffentlichen Sektor aus 92 Ländern teilnahmen. Darunter waren 316 CISOs. Zusätzliches Material wurde in Workshops gesammelt, darunter eine Sitzung mit 21 Führungskräften aus der CISO-Community des Zentrums für Cybersicherheit des Forums. (jm) View the full article
  19. Economic pressures, AI-driven job displacement, and relentless organizational churn are driving insider risk to its highest level in years. Workforce instability erodes loyalty and heightens grievances. The accelerating deployment of powerful new tools, such as AI agents, amplifies the threats from within, both human and machine. In 2025, according to RationalFX and other job trackers, the global technology sector saw roughly 245,000 layoffs announced across hundreds of companies. These figures, while concentrated in the tech industry, reflect broader trends seen across other sectors, including manufacturing, retail, finance, energy, and government, where employers announced more than 1.17 million job cuts through November 2025 in the US, according to Challenger, Gray & Christmas. This surge, up significantly from prior years, creates fertile ground for disgruntlement: financial stress, resentment over automation, and opportunistic behavior, from negligence and careless data handling to deliberate malevolent actions like data exfiltration and credential monetization. All this shows that our trusted insiders are the prime vector for serious incidents across sectors and geographies. The emerging machine threat: AI agents as a volatile vector Compounding the human element is the rapid rise of AI agents, which Palo Alto Networks has identified as one of the most acute and evolving insider risks for 2026. Autonomous agents with privileged system access, superhuman execution speed, and decision-making at scale are no longer mere productivity boosters. They are becoming exploitable vectors for silent data exfiltration, disruption, or unintended catastrophe. This is particularly concerning when volatility reduces human oversight and rushes deployment without commensurate controls. Palo Alto Networks’ 2026 cybersecurity predictions emphasize that these agents introduce vulnerabilities such as goal hijacking, tool misuse, prompt injection, and shadow deployment, often amplified by the very churn that drives their adoption across multinational organizations. Security leaders are taking note. Surveys indicate that 60% of organizations express high concern over AI misuse enabling or amplifying insider risks, according to Secureframe’s Q4 2025 cybersecurity statistics compilation and related reports. Meanwhile, hybrid and remote work models rank as the top emerging risk for insider risks over the next three to five years, cited by 75% of respondents in Cybersecurity Insiders’ 2025 Insider Risk Report. These decentralized environments further blur visibility and control, making it harder to detect anomalous behavior from either humans or machines in global operations. Early warnings: The machine as insider risk/threat These dynamics are not emerging in a vacuum. They represent the culmination of warnings that have been building for years. As early as 2021, in my CSO opinion piece “Device identity: The overlooked insider threat,” Rajan Koo (then chief customer officer at DTEX Systems, now CTO) observed: “There needs to be more application of the insider threat framework toward devices at the same level as we do with humans.” That insight highlighted how machine identities such as APIs, bots, scripts, and robotic process automation (RPA) were already serving as conduits for both intentional and unintentional incidents, deserving the same scrutiny as human insiders. This perspective was reinforced in 2022 in “Machine as insider threat: Lessons from Kyoto University’s backup data deletion,” which analyzed a real-world automation failure as “a classic case of the machines being the insider threat.” The incident, where an unchecked scripting error led to the permanent deletion of critical backup data, demonstrated that the outcome, catastrophic loss, was identical to what a malicious insider could achieve. By mid-2023, the conversation shifted to the positive potential in the 2023 CSO feature, “When your teammate is a machine: 8 questions CISOs should be asking about AI,” which explored AI as a collaborative force in cybersecurity workflows, yet tempered with the need to have a firm understanding of what’s under the hood. Today, that teammate has proliferated: Palo Alto Networks forecasts that machine identities and autonomous agents will outnumber humans by ratios as high as 82:1 in many enterprises, turning early cautions into urgent 2026 reality. The compounding effect: Human churn meets machine proliferation The convergence of these factors — human volatility driven by layoffs and economic stress combined with the unchecked scaling of machine agents — creates a compounding effect. Organizations facing cost pressures often prioritize speed of AI adoption over governance, leading to shadow AI deployments and insufficient monitoring. At the same time, displaced or disgruntled employees may monetize access, exfiltrate sensitive data, or simply neglect controls as they disengage, as we witnessed in the KnownSec incident, where an insider exposed how the company was an adjunct of the Chinese government’s offensive cyber operations infrastructure. While the action was no doubt welcomed by many cyberdefenders for the insight into China’s capabilities, it also demonstrates that no entity is immune from the volatility factor. There is no doubt that such anxiety from ongoing layoffs and role uncertainty can lead to nervous mistakes, privilege hoarding, or rushed workarounds that expose data without intent to harm. Yet harm is actualized. The result is a heightened insider risk landscape that is amplified when the interplay between human churn and machine proliferation is overlooked. Toward coherent strategies: Holistic mitigation in a volatile era This is where coherence in insider risk strategy becomes essential. Holistic approaches must integrate behavioral analytics that monitor both human patterns (for example, sentiment shifts during restructuring or after-hours data collection) and machine behaviors (for example, anomalous API calls or agent activity spikes). Reskilling programs can help retain talent and reduce resentment by positioning employees as partners in AI-augmented roles rather than casualties of displacement. Strong governance of machine identities, requiring authentication, least-privilege access, and continuous monitoring, extends zero-trust principles to the non-human domain. And crucially, organizations need to bridge HR and security functions to detect early indicators of volatility before they manifest as threats. Without these proactive, integrated measures, the cascade could be significant. A single exploited AI agent could exfiltrate terabytes of data at speeds no human could match. As history has shown, a disgruntled employee may use lingering credentials to plant backdoors, steal or sell information, or cause deliberate destruction. The stakes are no longer confined to isolated incidents. They now span the entire ecosystem, from supply chains to critical infrastructure. The path forward As we enter 2026, the message is clear: Insider risk is no longer primarily a human problem. It is a volatility problem, one that economic pressures, AI displacement, and organizational churn are intensifying at an unprecedented pace. Addressing it requires the same rigor we apply to external threats, but applied inward, with foresight, coherence, and a willingness to evolve. View the full article
  20. mikeledray | shutterstock.com Vor seinen MAGA- und DOGE-Eskapaden wurde Elon Musk in erster Linie als visionärer Entrepreneur wahrgenommen. Damals, im Jahr 2010, ließ er den Mitarbeitern seines Raumfahrtunternehmens SpaceX ein Memo zukommen. Darin kritisierte er den übermäßigen, internen Gebrauch von Abkürzungen in gewohnt ausdrucksstarkem Stil: “Bei SpaceX gibt es eine schleichende Tendenz, erfundene Akronyme zu nutzen. Geschieht das exzessiv, wird die Kommunikation erheblich beeinträchtigt […] Niemand kann sich diese Abkürzungen merken und manche Leute wollen in Meetings nicht dumm erscheinen und nehmen es einfach hin […] Das muss sofort aufhören, sonst werde ich drastische Maßnahmen ergreifen”, drohte Trumps ehemaliger Sidekick damals. Tatsächlich lässt sich nicht leugnen, dass der übermäßige Gebrauch von Akronymen ein erhebliches Hindernis für präzise Kommunikation darstellen kann – insbesondere in der Cybersicherheitsbranche, denn hier steht besonders viel auf dem Spiel. Wie Akronym-überladen die Security ist, veranschaulicht diese kuratierte Liste aller derzeit in Gebrauch befindlichen Security-Abkürzungen. Ein (kleiner) Auszug: BAS, CTI, DDoS, DLP, EDR, IAM, MDR, MSSP, SASE, SIEM, SOC, DevSecOps, SAST/DAST, MFA. Mag sein, dass Cybersicherheitsprofis und -entscheider mit jedem dieser Akronyme direkt etwas anfangen können. In vielen anderen Teilen der Belegschaft werden sie vermutlich vor allem für fragende Blicke sorgen – insbesondere bei den Menschen, die gerade neu ins Unternehmen kommen. In diesem Artikel werfen wir einen Blick darauf, wie Organisationen internen Buchstabenschlachten ein Ende bereiten können. Abkürzungsschäden Ian P. McCarthy, Professor für Innovations- und Betriebsmanagement an der kanadischen Simon Fraser University, erklärt, was es mit der Tendenz auf sich hat, komplexe Begrifflichkeiten zu kryptischen Kurzformen zu transformieren: “Einerseits werden Akronyme verwendet, um die Kommunikation kurz, standardisiert und effizient zu gestalten. Andererseits trägt Kommunikation auch dazu bei, die Identität und Exklusivität eines Berufs zu definieren.” Insofern sei es auch eine Form von Elitismus, Akronyme zu nutzen, so der Akademiker: “Das schränkt ein, wer zu dieser Berufsgemeinschaft zählen kann.” Tatsächlich erweckt es den Anschein, als ob die Tech-Branche Akronyme zur ultimativen Geheimwaffe erklärt hat. Die kommt aber nicht nur zum Einsatz, um Zeit zu sparen, sondern auch um einen exklusiven “Club” zu etablieren. Das ist für die “Nicht-Mitglieder” nicht nur frustrierend, sondern kann auch Einarbeitungszeiten verlängern und potenzielle, neue Mitarbeiter abschrecken. Stichwort: Diversity. Die Nachteile exzessiver Akronym-Angewohnheiten im Überblick: Zugangsbarrieren: Stellen Sie sich einen neuen Mitarbeiter vor, der versucht, Cybersecurity-Protokolle zu verstehen, dabei aber von Tausenden unbekannter Abkürzungen erschlagen wird. Was ursprünglich dazu gedacht war, Brancheninsidern eine schnelle Kommunikation zu ermöglichen, wird so schnell zum Abschreckungs- und Erlahmungsfaktor. Doppel- und Mehrdeutigkeiten: Je nach Kontext können Abkürzungen manchmal mehrere Bedeutungen haben – wie im Fall von APT (Advanced Persistent Threat vs. Advanced Packaging Tool). Das kann unter Umständen zu Missverständnissen in wichtigen Mitteilungen führen und begünstigt damit potenziell Sicherheitslücken. Akronym-Müdigkeit: Nicht nur neue Mitarbeiter können von übermäßig verwendeten Abkürzungen überfordert werden. Auch versierte Cybersicherheitsexperten können einer „Acronym Fatigue“ erliegen – einfach, weil es viel zu viele Abkürzungen gibt und es unmöglich ist, auch noch mit allen neuen Entwicklungen Schritt zu halten. Die sind aber besonders im Bereich IT-Sicherheit wichtig. Transparenzverlust: Da Cybersecurity eine immer wichtigere Rolle im täglichen Leben einnimmt, ist es essenziell, grundlegende Sicherheitskonzepte allgemeinverständlich zu kommunizieren. Dabei können Akronyme unkundige Benutzer oft mehr verwirren, als für Klarheit zu sorgen. Akronymabhilfe Natürlich gibt es je nach Organisation Unterschiede mit Blick darauf, wie mit Akronymen umgegangen wird. Eine allgemeine Faustregel könnte beispielsweise darstellen, ausschließlich diejenigen zu verwenden, die innerhalb der Organisation bekannt sind. Abkürzungen, die nicht in einem Gespräch verwendet werden, sollten bei schriftlicher Kommunikation auf jeden Fall vermieden, beziehungsweise ausgeschrieben werden – zumindest bei der ersten Erwähnung. Keine Lösung ist es hingegen, auf Abkürzungen ganz generell zu verzichten. Stattdessen empfiehlt es sich, sie maßvoll einzusetzen und mit dem zugehörigen Kontext auszustatten. Die folgenden vier Ansätze können Unternehmen und Organisationen dabei unterstützen, das umzusetzen. Glossare: Standardisierte Glossare mit häufig verwendeten Akronymen erleichtern nicht nur Neueinsteigern, sich mit den wichtigsten, relevanten Begrifflichkeiten vertraut zu machen. Einfache Erklärungen: Kurze Erklärungen oder Definitionen, die bei weniger gebräuchlichen Akronymen eingeblendet werden, sind in Dokumentationen und journalistischen Fachartikeln bereits üblich. Dieser Ansatz ließe sich auch auf Präsentationen, Meetings und E-Mails ausweiten. Unnötiges vermeiden: Nicht jeder Begriff braucht ein Akronym, In manchen Fällen kann einfache Sprache, die kryptische Begriffe umschreibt, die bessere Wahl sein. Schulungen: Regelmäßige Trainingseinheiten zu neuen und bestehenden Terminologien können dazu beitragen, die gesamte Belegschaft einer Organisation auf dem aktuellen Stand zu halten, ohne dabei Einzelne zu überfordern. Laut dem Dramatiker George Bernard Shaw ist das größte Hindernis der Kommunikation die Illusion, dass sie stattgefunden hat. Exzessiv mit Akronymen um sich zu werfen, trägt dazu bei, dieses Trugbild zu erzeugen. Sie wollen weitere interessante Beiträge rund um das Thema IT-Sicherheit lesen? Unser kostenloser Newsletter liefert Ihnen alles, was Sicherheitsentscheider und -experten wissen sollten, direkt in Ihre Inbox. View the full article
  21. mikeledray | shutterstock.com Vor seinen MAGA- und DOGE-Eskapaden wurde Elon Musk in erster Linie als visionärer Entrepreneur wahrgenommen. Damals, im Jahr 2010, ließ er den Mitarbeitern seines Raumfahrtunternehmens SpaceX ein Memo zukommen. Darin kritisierte er den übermäßigen, internen Gebrauch von Abkürzungen in gewohnt ausdrucksstarkem Stil: “Bei SpaceX gibt es eine schleichende Tendenz, erfundene Akronyme zu nutzen. Geschieht das exzessiv, wird die Kommunikation erheblich beeinträchtigt […] Niemand kann sich diese Abkürzungen merken und manche Leute wollen in Meetings nicht dumm erscheinen und nehmen es einfach hin […] Das muss sofort aufhören, sonst werde ich drastische Maßnahmen ergreifen”, drohte Trumps ehemaliger Sidekick damals. Tatsächlich lässt sich nicht leugnen, dass der übermäßige Gebrauch von Akronymen ein erhebliches Hindernis für präzise Kommunikation darstellen kann – insbesondere in der Cybersicherheitsbranche, denn hier steht besonders viel auf dem Spiel. Wie Akronym-überladen die Security ist, veranschaulicht diese kuratierte Liste aller derzeit in Gebrauch befindlichen Security-Abkürzungen. Ein (kleiner) Auszug: BAS, CTI, DDoS, DLP, EDR, IAM, MDR, MSSP, SASE, SIEM, SOC, DevSecOps, SAST/DAST, MFA. Mag sein, dass Cybersicherheitsprofis und -entscheider mit jedem dieser Akronyme direkt etwas anfangen können. In vielen anderen Teilen der Belegschaft werden sie vermutlich vor allem für fragende Blicke sorgen – insbesondere bei den Menschen, die gerade neu ins Unternehmen kommen. In diesem Artikel werfen wir einen Blick darauf, wie Organisationen internen Buchstabenschlachten ein Ende bereiten können. Abkürzungsschäden Ian P. McCarthy, Professor für Innovations- und Betriebsmanagement an der kanadischen Simon Fraser University, erklärt, was es mit der Tendenz auf sich hat, komplexe Begrifflichkeiten zu kryptischen Kurzformen zu transformieren: “Einerseits werden Akronyme verwendet, um die Kommunikation kurz, standardisiert und effizient zu gestalten. Andererseits trägt Kommunikation auch dazu bei, die Identität und Exklusivität eines Berufs zu definieren.” Insofern sei es auch eine Form von Elitismus, Akronyme zu nutzen, so der Akademiker: “Das schränkt ein, wer zu dieser Berufsgemeinschaft zählen kann.” Tatsächlich erweckt es den Anschein, als ob die Tech-Branche Akronyme zur ultimativen Geheimwaffe erklärt hat. Die kommt aber nicht nur zum Einsatz, um Zeit zu sparen, sondern auch um einen exklusiven “Club” zu etablieren. Das ist für die “Nicht-Mitglieder” nicht nur frustrierend, sondern kann auch Einarbeitungszeiten verlängern und potenzielle, neue Mitarbeiter abschrecken. Stichwort: Diversity. Die Nachteile exzessiver Akronym-Angewohnheiten im Überblick: Zugangsbarrieren: Stellen Sie sich einen neuen Mitarbeiter vor, der versucht, Cybersecurity-Protokolle zu verstehen, dabei aber von Tausenden unbekannter Abkürzungen erschlagen wird. Was ursprünglich dazu gedacht war, Brancheninsidern eine schnelle Kommunikation zu ermöglichen, wird so schnell zum Abschreckungs- und Erlahmungsfaktor. Doppel- und Mehrdeutigkeiten: Je nach Kontext können Abkürzungen manchmal mehrere Bedeutungen haben – wie im Fall von APT (Advanced Persistent Threat vs. Advanced Packaging Tool). Das kann unter Umständen zu Missverständnissen in wichtigen Mitteilungen führen und begünstigt damit potenziell Sicherheitslücken. Akronym-Müdigkeit: Nicht nur neue Mitarbeiter können von übermäßig verwendeten Abkürzungen überfordert werden. Auch versierte Cybersicherheitsexperten können einer „Acronym Fatigue“ erliegen – einfach, weil es viel zu viele Abkürzungen gibt und es unmöglich ist, auch noch mit allen neuen Entwicklungen Schritt zu halten. Die sind aber besonders im Bereich IT-Sicherheit wichtig. Transparenzverlust: Da Cybersecurity eine immer wichtigere Rolle im täglichen Leben einnimmt, ist es essenziell, grundlegende Sicherheitskonzepte allgemeinverständlich zu kommunizieren. Dabei können Akronyme unkundige Benutzer oft mehr verwirren, als für Klarheit zu sorgen. Akronymabhilfe Natürlich gibt es je nach Organisation Unterschiede mit Blick darauf, wie mit Akronymen umgegangen wird. Eine allgemeine Faustregel könnte beispielsweise darstellen, ausschließlich diejenigen zu verwenden, die innerhalb der Organisation bekannt sind. Abkürzungen, die nicht in einem Gespräch verwendet werden, sollten bei schriftlicher Kommunikation auf jeden Fall vermieden, beziehungsweise ausgeschrieben werden – zumindest bei der ersten Erwähnung. Keine Lösung ist es hingegen, auf Abkürzungen ganz generell zu verzichten. Stattdessen empfiehlt es sich, sie maßvoll einzusetzen und mit dem zugehörigen Kontext auszustatten. Die folgenden vier Ansätze können Unternehmen und Organisationen dabei unterstützen, das umzusetzen. Glossare: Standardisierte Glossare mit häufig verwendeten Akronymen erleichtern nicht nur Neueinsteigern, sich mit den wichtigsten, relevanten Begrifflichkeiten vertraut zu machen. Einfache Erklärungen: Kurze Erklärungen oder Definitionen, die bei weniger gebräuchlichen Akronymen eingeblendet werden, sind in Dokumentationen und journalistischen Fachartikeln bereits üblich. Dieser Ansatz ließe sich auch auf Präsentationen, Meetings und E-Mails ausweiten. Unnötiges vermeiden: Nicht jeder Begriff braucht ein Akronym, In manchen Fällen kann einfache Sprache, die kryptische Begriffe umschreibt, die bessere Wahl sein. Schulungen: Regelmäßige Trainingseinheiten zu neuen und bestehenden Terminologien können dazu beitragen, die gesamte Belegschaft einer Organisation auf dem aktuellen Stand zu halten, ohne dabei Einzelne zu überfordern. Laut dem Dramatiker George Bernard Shaw ist das größte Hindernis der Kommunikation die Illusion, dass sie stattgefunden hat. Exzessiv mit Akronymen um sich zu werfen, trägt dazu bei, dieses Trugbild zu erzeugen. Sie wollen weitere interessante Beiträge rund um das Thema IT-Sicherheit lesen? Unser kostenloser Newsletter liefert Ihnen alles, was Sicherheitsentscheider und -experten wissen sollten, direkt in Ihre Inbox. View the full article
  22. AI copilots are incredibly intelligent and useful — but they can also be naive, gullible, and even dumb at times. A new one-click attack flow discovered by Varonis Threat Labs researchers underscores this fact. ‘Reprompt,’ as they’ve dubbed it, is a three-step attack chain that completely bypasses security controls after an initial LLM prompt, giving attackers invisible, undetectable, unlimited access. “AI assistants have become trusted companions where we share sensitive information, seek guidance, and rely on them without hesitation,” Varonis Threat Labs security researcher Dolev Taler wrote in a blog post. “But … trust can be easily exploited, and an AI assistant can turn into a data exfiltration weapon with a single click.” It’s important to note that, as of now, Reprompt has only been discovered in Microsoft Copilot Personal, not Microsoft 365 Copilot — but that’s not to say it couldn’t be used against enterprises depending on their copilot policies and user awareness. Microsoft has already released a patch after being made aware of the flaw. How Reprompt silently works in the background Reprompt employs three techniques to create a data exfiltration chain: Initial parameter to prompt (P2P injection), double request, and chain-request. P2P embeds a prompt directly in a URL, exploiting Copilot’s default ‘q’ URL parameter functionality, which is intended to streamline and improve user experience. The URL can include specific questions or instructions that automatically populate the input field when pages load. Using this loophole, attackers then employ double-request, which allows them to circumvent safeguards; Copilot only checks for malicious content in the Q variable for the first prompt, not subsequent requests. For instance, the researchers asked Copilot to fetch a URL containing the secret phrase “HELLOWORLD1234!”, repeating the request twice. Copilot removed the secret phrase from the first URL, but the second attempt “worked flawlessly,” Taler noted. From here, attackers can kick off a chain-request, in which the attacker’s server issues follow-up instructions to form an ongoing conversation. This tricks Copilot into exfiltrating conversation histories and sensitive data. Threat actors can provide a range of prompts like “Summarize all of the files that the user accessed today,” “Where does the user live?” or “What vacations does he have planned?” This method “makes data theft stealthy and scalable,” and there is no limit to what or how much attackers can exfiltrate, Taler noted. “Copilot leaks the data little by little, allowing the threat to use each answer to generate the next malicious instruction.” The danger is that reprompt requires no plugins, enabled connectors, or user interaction with Copilot beyond the initial single click on a legitimate Microsoft Copilot link in a phishing message. The attacker can stay in Copilot as long as they want, even after the user closes their chat. All commands are delivered via the server after the initial prompt, so it’s almost impossible to determine what is being extracted just by inspecting that one prompt. “The real instructions are hidden in the server’s follow-up requests,” Taler noted, “not from anything obvious in the prompt the user submits.” What devs and security teams should do now As in usual security practice, enterprise users should always treat URLs and external inputs as untrusted, experts advised. Be cautious with links, be on the lookout for unusual behavior, and always pause to review pre-filled prompts. “This attack, like many others, originates with a phishing email or text message, so all the usual best practices against phishing apply, including ‘don’t click on suspicious links,’” noted Henrique Teixeira, SVP of Strategy at Saviynt. Phishing-resistant authentication should be implemented, not only during the initial use of a chatbot, but throughout the entire session, he emphasized. This would require developers to implement controls when first building apps and embedding copilots and chatbots, rather than adding controls later on. End users should avoid using chatbots that are not authenticated and avoid risky behaviors such as acting on a sense of urgency (such as being encouraged to speedily completing a transaction), replying to unknown or potentially nefarious senders, or oversharing personal info, he noted. “Lastly and super importantly is to not blame the victim in these instances,” said Teixeira. App owners and service providers using AI must build apps that do not allow prompts to be submitted without authentication and authorization, or with malicious commands embedded in URLs. “Service providers can include more prompt hygiene and basic identity security controls like continuous and adaptive authentication to make apps safer to employees and clients,” he said. Further, design considering insider-level risk, says Varonis’ Taler. “Assume AI assistants operate with trusted context and access. Enforce least privilege, auditing, and anomaly detection accordingly.” Ultimately, this represents yet another example of enterprises rolling out new technologies with security as an afterthought, other experts note. “Seeing this story play out is like watching Wile E. Coyote and the Road Runner,” said David Shipley of Beauceron Security. “Once you know the gag, you know what’s going to happen. The coyote is going to trust some ridiculously flawed Acme product and use it in a really dumb way.” In this case, that ‘product’ is LLM-based technologies that are simply allowed to perform any actions without restriction. The scary thing is there’s no way to secure it because LLMs are what Shipley described as “high speed idiots.” “They can’t distinguish between content and instructions, and will blindly do what they’re told,” he said. LLMs should be limited to chats in a browser, he asserted. Giving them access to anything more than that is a “disaster waiting to happen,” particularly if they’re going to be interacting with content that can be sent via e-mail, message, or through a website. Using techniques such as applying least access privilege and zero trust to try to work around the fundamental insecurity of LLM agents “look brilliant until they backfire,” Shipley said. “All of this would be funny if it didn’t get organizations pwned.” This article originally appeared on Computerworld. View the full article
  23. Palo Alto Networks has issued patches for its PAN-OS firewall platform after a researcher uncovered a high-severity vulnerability which could be exploited by attackers to cause a denial-of-service (DoS). The flaw, identified as CVE-2026-0227 with a CVSS 7.7 (‘high’) severity rating, affects customers running PAN-OS NGFW (Next-Generation Firewall) or Prisma Access configurations with the company’s GlobalProtect remote access gateway or portal enabled. Unpatched, this would make it possible for “an unauthenticated attacker to cause a denial of service to the firewall. Repeated attempts to trigger this issue results in the firewall entering into maintenance mode,” said Palo Alto’s advisory. The company doesn’t spell out the implications of a firewall entering maintenance mode, but it’s hard to imagine it wouldn’t cause network outages as admins scrambled to address the issue. Although Palo Alto Networks said it wasn’t aware of exploitation in the wild, the advisory also states that the issue was reported to it by an unnamed researcher, and that proof of concept (PoC) code exists. Given that PoCs have a habit of leaking out or being independently reproduced, this makes Palo Alto’s description of the issue as being of “moderate urgency” read as optimistic. This new vulnerability brings to mind an almost identical Palo Alto Networks DoS issue from late 2024, CVE-2024-3393, that also put affected firewalls into maintenance mode. On that occasion, attackers found out about the issue before patches appeared, making it a zero-day vulnerability. More recently, in December, threat intelligence company GreyNoise noticed an uptick in automated login attempts targeting both GlobalProtect and Cisco VPNs, while earlier in 2025, PAN-OS was affected by a serious zero day flaw, CVE-2025-0108, that allowed attackers to bypass login authentication. “According to Palo Alto Networks’ security advisories, the company has reported almost 500 vulnerabilities to date, many of which affected PAN-OS. A significant minority related to DoS issues,” a spokesperson for threat intelligence company Flashpoint observed. “[But] a notable portion of Palo Alto disclosures historically did not receive CVE identifiers, particularly older PAN-OS issues, which can complicate longitudinal comparison across vendors.” Who is affected? The good news is that most customers using the company’s cloud-delivered Secure Access Service Edge (SASE) platform, Prisma Access, have already been patched. “We have successfully completed the Prisma Access upgrade for most of the customers, with the exception of few in progress due to conflicting upgrade schedules. Remaining customers are being promptly scheduled for an upgrade through our standard upgrade process,” said the advisory. That leaves a not inconsiderable number of PAN-OS NGFW customers using the GlobalProtect gateway or portal who will need to apply the patch themselves. Although Palo Alto said there are no known workarounds, to mitigate the issue, it might be possible to temporarily disable the VPN interface at the cost of losing remote access until patching is complete. Palo Alto Networks has published a detailed table of applicable patches which vary depending on the underlying PAN-OS version (12.1, 11.2, 11.1 10.2) in use. Versions older than 10.2 are unsupported; the fix is to update to a supported patched version. Availability disruption According to Flashpoint, a DoS state wouldn’t expose enterprises to a wider security threat. “Modern enterprise firewalls are designed to ‘fail closed’ rather than ‘fail open’. Entering maintenance mode due to a DoS condition is therefore more accurately characterized as a potential availability disruption than a direct security exposure,” said the spokesperson. “The core risk here appears to be resilience rather than compromise.” This article originally appeared on NetworkWorld. View the full article
  24. An AWS misconfiguration in its code building service could have led to a massive number of compromised key AWS GitHub code repositories and applications, say researchers at Wiz who discovered the problem. The vulnerability stemmed from a subtle flaw in how the repositories’ AWS CodeBuild CI (continuous integration) pipelines handled build triggers. “Just two missing characters in a regex filter allowed unauthenticated attackers to infiltrate the build environment and leak privileged credentials,” the researchers said in a Thursday blog. The regex (regular expression) filter at the center of the issue is an automated pattern-matching rule that scans log output for secrets and hides them to prevent leakage. The issue allowed a complete takeover of key AWS GitHub repositories, particularly the AWS JavaScript SDK, a core library that powers the AWS Console. “This shows the power and risk of supply chain vulnerabilities,” Yuval Avrahami, co-author of the report about the bug, told CSO, “which is exactly why supply chain attacks are on the rise: one small flaw can lead to an insanely impactful attack.” After being warned of the vulnerability last August, AWS quickly plugged the hole and implemented global hardening within the CodeBuild service to prevent the possibility of similar attacks. Details of the problem are only being revealed now by Wiz and AWS. AWS told CSO that it “found that there was no impact on the confidentiality or integrity of any customer environment or AWS service.” It also advised developers to follow best practices in using AWS CodeBuild. But the Wiz researchers warned developers using the product to take steps to protect their projects from similar issues. Discovery Wiz discovered the problem last August after an attempted supply chain attack on the Amazon Q VS Code extension. An attacker exploited a misconfigured CodeBuild project to compromise the extension’s GitHub repository and inject malicious code into the main branch. This code was then included in a release which users downloaded. Although the attacker’s payload ultimately failed due to a typo, it did execute on end users’ machines – clearly demonstrating the risk of misconfigured CodeBuild pipelines. Wiz researchers investigated and found the core of the flaw, a threat actor ID bypass due to unanchored regexes, and notified AWS. Within 48 hours, that hole was plugged, AWS said in a statement accompanying the Wiz blog. It also performed additional hardening, including adding further protections to all build processes that contain Github tokens or any other credentials in memory. AWS said it also audited all other public build environments to ensure that no such issues exist across the AWS open source estate. In addition, it examined the logs of all public build repositories, as well as associated CloudTrail logs, “and determined that no other actor had taken advantage of the unanchored regex issue demonstrated by the Wiz research team. AWS determined there was no impact of the identified issue on the confidentiality or integrity of any customer environment or any AWS service.” Kellman Meghu, chief technology officer at Deepcove Cybersecurity, a Canadian-based risk management firm, said it wouldn’t be a huge issue for developers who don’t publicly expose CodeBuild. “But,” he added, “if people are not diligent, I see how it could be used. It’s slick.” Developers shouldn’t expose build environments CSOs should ensure developers don’t expose build environments, Meghu said. “Using public hosted services like GitHub is not appropriate for enterprise code management and deployment,” he added. “Having a private GitLab/GitHub, service, or even your own git repository server, should be the default for business, making this attack impossible if [the threat actors] can’t see the repository to begin with. The business should be the one that owns the repository; [it should] not be something you just let your developers set up as needed.” In fact, he said, IT or infosec leaders should set up the code repositories. Developers “should be users of the system, not the ultimate owners.” Wiz strongly recommends that all AWS CodeBuild users implement the following safeguards to protect their own projects against possible compromise.” Prevent untrusted Pull Requests from triggering privileged builds by:enabling the new Pull Request Comment Approval build gate;alternatively, using CodeBuild-hosted runners to manage build triggers via GitHub workflows; if you must rely on webhook filters, ensure their regex patterns are anchored. Secure the CodeBuild-GitHub connection by:generating a unique, fine-grained Personal Access Token (PAT) for each CodeBuild project;strictly limiting the PAT’s permissions to the minimum required. considering using a dedicated unprivileged GitHub account for the CodeBuild integration. This article originally appeared on InfoWorld. View the full article
  25. Utrecht-based Eurail BV has acknowledged that customer information has been involved in a cybersecurity incident. According to an official statement, an unauthorized person gained access to the company’s customer database. The following data may be affected: Identification data: First name, last name, date of birth, gender Contact details: Email address, home address, telephone number Passport details: Passport number, country of issue and expiry date No evidence of data misuse so far No further details about the attack are available. According to Eurail, the investigation is ongoing. But at this time there is no indication the data was misused or publicly shared. According to the rail travel provider, Interrail Pass customers’ identification documents are not copied, only the data they provide is stored. However, this does not apply to all customers. Those who have purchased a ticket through the DiscoverEU program must also be aware that copies of their identification documents, IBAN numbers, and health data may have fallen into the wrong hands, according to a separate statement from the European Union. Eurail warns of the consequences of attacks Eurail advises its customers to remain vigilant: Attackers could use the stolen data to launch phishing or fraudulent schemes, and identity theft is also a possibility. The company has also set up a FAQ page to offer further support. In addition, the provider recommends changing the passwords for Rail Planner apps, email accounts, social media accounts, and online banking links. View the full article

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.