Everything posted by CSOonline
-
Interrail-Kundendatenbank gehackt
Rasmus Lindkvist – shutterstock.com Der Interrail-Pass ermöglicht seit mehr als fünfzig Jahren günstige Bahnfahrten quer durch Europa. Hinter dem Pauschalangebot steht die Eurail B.V. mit Sitz im niederländischen Utrecht. Der Anbieter räumt nun ein, dass es zu einem Sicherheitsvorfall gekommen ist. Wie in einer offiziellen Mitteilung erklärt wird, hat sich eine unbefugte Person Zugriff auf die Kundendatenbank des Unternehmens verschafft. Folgende Daten können betroffen sein: Identitätsdaten: Vorname, Nachname, Geburtsdatum, Geschlecht Kontaktdaten: E-Mail-Adresse, Wohnanschrift, Telefonnummer Passdaten: Passnummer, Ausstellungsland und Ablaufdatum. Bisher keine Hinweise auf Datenmissbrauch Weitere Details zu dem Angriff gibt es bisher nicht. Die Untersuchungen sind laut Eurail noch nicht abgeschlossen. Zum jetzigen Zeitpunkt gebe es jedoch keine Hinweise darauf, dass die Daten missbräuchlich verwendet oder öffentlich geteilt wurden. Nach Angaben des Bahnreiseanbieters werden bei Interrail-Kunden keine Kopien der Ausweisdokumente gespeichert, sondern nur die angegebenen Daten. Das gilt jedoch nicht für alle Kunden. Wer eine Fahrkarte im Rahmen des „DiscoverEU“-Programms erworben hat, muss zusätzlich damit rechnen, dass Ausweiskopien, IBAN-Nummer und Gesundheitsdaten in fremde Hände geraten seien, heißt es dazu in einer separaten Meldung von der Europäischen Union. Eurail mahnt vor Angriffsfolgen Eurail rät seinen Kunden, wachsam zu bleiben: Angreifer könnten mit den erbeuteten Daten Phishing- oder Betrugsversuche starten, auch Identitätsdiebstahl sei denkbar. Das Unternehmen hat zudem eine FAQ-Seite eingerichtet, um weitere Unterstützung zu bieten. Darüber hinaus empfiehlt der Anbieter, die Passwörter von Rail-Planner-Apps, E-Mail-Accounts, Social-Media-Konten und Online-Banking-Verknüpfungen zu ändern. Zudem View the full article
-
Researchers warn of long‑running FortiSIEM root exploit vector as new CVE emerges
A critical command injection issue in Fortinet FortiSIEM has been disclosed along with public exploit code, and researchers claim attackers could have been remotely achieving unauthenticated root access to the SIEM platform for nearly three years. The flaw belongs to a class of weakness in FortiSIEM, going back to 2023 and 2024. Tracked as CVE-2025-64155, the vulnerability affects the phMonitor service, an internal FortiSIEM component that runs elevated privileges and plays a central role in system health and monitoring. The exploit code was disclosed this week by pentesting platform Horizon3.ai, which revealed that the flaw enables attackers to inject commands and write arbitrary files that are later executed as the root user. According to Horizon3, the flaw was responsibly disclosed to Fortinet in August 2025 and remained private until the vendor released fixes and assigned a CVE on Tuesday. phMonitor becomes an unauthenticated root gateway The issue concerns FortiSIEM’s phMonitor service, which listens on TCP port 7900 and is designed to coordinate internal monitoring tasks. According to Horizon3.ai, insufficient input sanitization allows attackers to inject shell commands that ultimately get written to disk and executed with root privileges without authentication. Because phMonitor is deeply integrated into FortiSIEM’s operational workflow, successful exploitation effectively hands attackers full control of the security information and even management (SIEM) appliance. That control can be leveraged to disable logging, tamper with alerts, or pivot laterally into the broader enterprise network. Horizon3 researchers noted in a blog post that CVE-2025-64155 is not an isolated flaw but part of a broader class of phMonitor-related weaknesses that have surfaced over multiple disclosure cycles. Previously reported issues affecting the same service have enabled different forms of command or argument injection, sometimes with more limited primitives, but consistently exposing phMonitor as an unauthenticated attack surface. “The phMonitor service marshals incoming requests to their appropriate function handlers based on the type of command sent in the API request,” they said. “Every command handler is mapped to an integer, which is passed in the command message. Security issue #1 is that all of these handlers are exposed and available for any remote client to invoke without any authentication.” Prior to the CVE-2025-64155 disclosure, Fortinet had already patched a related critical command injection flaw in FortiSIEM tracked as CVE-2025-25256 earlier in August 2025. That vulnerability also stemmed from improper handling of OS commands input and was significant enough that Fortinet acknowledged working exploit code in the wild, prompting fixes in multiple supported FortiSIEM releases. Exploit code changes the risk equation While Fortinet has released patches and mitigation guidance, Tenable’s analysis highlights the likelihood of real-world attacks as a working exploit code is now public. “The recent disclosure of CVE-2025-64155 alongside public exploit code is a worrisome start to 2026,” said Scott Caveza, senior staff research engineer at Tenable. “Although no known exploitation has been reported, Fortinet vulnerabilities remain a top prize for attackers–including nation-state groups.” Both Horizon3 and Tenable stress that organizations should immediately apply Fortinet’s patches and restrict access to port 7900 wherever possible. Even in the absence of confirmed exploitation, CVE-2025-64155 represents a high-value target. CVE-2025-64155 carries a critical severity rating with a CVSS score of 9.4 out of 10, and affects multiple FortiSIEM releases, including 7.4.0, 7.3.0-7.3.4, 7.1.0-7.1.8,7.0.0-7.0.4, and 6.7.0-6.7.10. Fortinet has released patched builds such as FortiSIEM 7.4.1,7.3.5,7.2.7, and 7.1.9 (and later) to address the issue. View the full article
-
Schlag gegen Cyberkriminelle in Deutschland
shihabsarkar – shutterstock.com In einer konzertierten Aktion haben Strafverfolgungsbehörden in Deutschland, den USA und Großbritannien zusammen mit Microsoft den globalen Cyberkriminalitätsdienst RedVDS zerschlagen. Das bestätigten die Zentralstelle für Internet- und Computerkriminalität (ZIT) bei der Generalstaatsanwaltschaft in Frankfurt sowie das Landeskriminalamt Brandenburg in einer gemeinsamen Erklärung. Die Strafverfolgungsbehörden aus Deutschland waren maßgeblich an den Ermittlungen gegen die Plattformen beteiligt. Außerdem waren verschiedene Behörden in den USA und in Großbritannien an der Aufklärung der Verbrechen involviert. “Dieses Angebot war darauf ausgerichtet, Cyberkriminellen ein digitales Tatmittel an die Hand zu geben, um hierüber die weitgehend anonyme Begehung von Straftaten zu ermöglichen”, heißt es in der Erklärung der deutschen Strafverfolger. Zu den Opfern gehörten auch eine Vielzahl von Unternehmen und Behörden in Deutschland, unter anderem in Brandenburg und Hessen. Der Schaden beträgt nach Experteneinschätzung mehrere hundert Millionen Euro. Tatverdächtige wurden nicht festgenommen. Sie werden in einem nicht näher bezeichneten Nahost-Staat vermutet. Server in Deutschland beschlagnahmt Die technische Zentrale der Cyberkriminellen war ein Rechenzentrum in Deutschland. Dort wurden bereits am Dienstagnachmittag die RedVDS-Server beschlagnahmt. Wo genau sich das Rechenzentrum befindet, teilten die Behörden nicht mit. Nach Angaben von Microsoft entstand allein in den USA in den vergangenen sieben Monaten ein Schaden von 40 Millionen US-Dollar (34,3 Millionen Euro). “Das ist aber nur die Spitze eines Eisbergs”, sagte eine Sprecherin des Softwarekonzerns. Zu den Geschädigten gehörte zum einen das Arzneimittelunternehmen H2 Pharma aus dem US-Bundesstaat Alabama, das um 7,3 Millionen Dollar betrogen wurde. Betroffen war auch eine Wohnungseigentümergemeinschaft in Florida, die um fast 500.000 Dollar geschädigt wurde. Millionenbeute durch Boss-Betrugsmasche Die Betrügereien liefen oft nach ein und derselben Masche ab: In einem ersten Schritt versuchten die Cyberkriminellen, sich einen Zugang zu den Computersystemen ihrer Opfer zu verschaffen. Dazu wurden oft sogenannte Phishing E-Mails versendet, mit denen die Täter dann die Zugangsdaten zum System ihrer Opfer erlangten. Danach waren die Angreifer in der Lage, Geld oder sensible Daten zu stehlen, indem sie sich als Chef, Kollege, Geschäftspartner oder Lieferant ausgaben. Dabei konnten sie etwa ihren Opfern gefälschte Rechnungen unterjubeln oder Angaben zu Bankverbindung manipulieren. RedVDS stellte für diese Betrüger mutmaßlich einen Online-Abonnementdienst zur Verfügung, mit dem sich die Cyberkriminellen die Infrastruktur für ihre Straftaten mieten konnten. Nach Angaben von Microsoft stellte der Dienst für 24 Dollar im Monat den Kriminellen einen Zugang zu einem virtuellen Wegwerfcomputer – einem Server mit raubkopierter Windows-Software – zur Verfügung. Dieser konnte nach der Verübung der Straftat einfach wieder abgeschaltet werden, um eine Strafverfolgung zu erschweren. Millionen gefährliche Phishing-Mails Mit dem RedVDS-Abo hätten die Kriminellen schnell, anonym und grenzüberschreitend agieren können, erklärte Microsoft. In nur einem Monat hätten mehr als 2.600 verschiedene virtuelle RedVDS-Maschinen durchschnittlich eine Million Phishing-Nachrichten pro Tag allein an Microsoft-Kunden versendet. Obwohl die meisten davon blockiert oder markiert worden seien, bedeute die schiere Menge, dass ein kleiner Prozentsatz möglicherweise erfolgreich die Posteingänge der Ziele erreicht habe. Von den Betrügereien seien aber nicht nur Microsoft-Kunden betroffen gewesen, sondern Nutzer aller gängigen Plattformen. (dpa/jm) View the full article
-
Schlag gegen Cyberkriminelle in Deutschland
shihabsarkar – shutterstock.com In einer konzertierten Aktion haben Strafverfolgungsbehörden in Deutschland, den USA und Großbritannien zusammen mit Microsoft den globalen Cyberkriminalitätsdienst RedVDS zerschlagen. Das bestätigten die Zentralstelle für Internet- und Computerkriminalität (ZIT) bei der Generalstaatsanwaltschaft in Frankfurt sowie das Landeskriminalamt Brandenburg in einer gemeinsamen Erklärung. Die Strafverfolgungsbehörden aus Deutschland waren maßgeblich an den Ermittlungen gegen die Plattformen beteiligt. Außerdem waren verschiedene Behörden in den USA und in Großbritannien an der Aufklärung der Verbrechen involviert. “Dieses Angebot war darauf ausgerichtet, Cyberkriminellen ein digitales Tatmittel an die Hand zu geben, um hierüber die weitgehend anonyme Begehung von Straftaten zu ermöglichen”, heißt es in der Erklärung der deutschen Strafverfolger. Zu den Opfern gehörten auch eine Vielzahl von Unternehmen und Behörden in Deutschland, unter anderem in Brandenburg und Hessen. Der Schaden beträgt nach Experteneinschätzung mehrere hundert Millionen Euro. Tatverdächtige wurden nicht festgenommen. Sie werden in einem nicht näher bezeichneten Nahost-Staat vermutet. Server in Deutschland beschlagnahmt Die technische Zentrale der Cyberkriminellen war ein Rechenzentrum in Deutschland. Dort wurden bereits am Dienstagnachmittag die RedVDS-Server beschlagnahmt. Wo genau sich das Rechenzentrum befindet, teilten die Behörden nicht mit. Nach Angaben von Microsoft entstand allein in den USA in den vergangenen sieben Monaten ein Schaden von 40 Millionen US-Dollar (34,3 Millionen Euro). “Das ist aber nur die Spitze eines Eisbergs”, sagte eine Sprecherin des Softwarekonzerns. Zu den Geschädigten gehörte zum einen das Arzneimittelunternehmen H2 Pharma aus dem US-Bundesstaat Alabama, das um 7,3 Millionen Dollar betrogen wurde. Betroffen war auch eine Wohnungseigentümergemeinschaft in Florida, die um fast 500.000 Dollar geschädigt wurde. Millionenbeute durch Boss-Betrugsmasche Die Betrügereien liefen oft nach ein und derselben Masche ab: In einem ersten Schritt versuchten die Cyberkriminellen, sich einen Zugang zu den Computersystemen ihrer Opfer zu verschaffen. Dazu wurden oft sogenannte Phishing E-Mails versendet, mit denen die Täter dann die Zugangsdaten zum System ihrer Opfer erlangten. Danach waren die Angreifer in der Lage, Geld oder sensible Daten zu stehlen, indem sie sich als Chef, Kollege, Geschäftspartner oder Lieferant ausgaben. Dabei konnten sie etwa ihren Opfern gefälschte Rechnungen unterjubeln oder Angaben zu Bankverbindung manipulieren. RedVDS stellte für diese Betrüger mutmaßlich einen Online-Abonnementdienst zur Verfügung, mit dem sich die Cyberkriminellen die Infrastruktur für ihre Straftaten mieten konnten. Nach Angaben von Microsoft stellte der Dienst für 24 Dollar im Monat den Kriminellen einen Zugang zu einem virtuellen Wegwerfcomputer – einem Server mit raubkopierter Windows-Software – zur Verfügung. Dieser konnte nach der Verübung der Straftat einfach wieder abgeschaltet werden, um eine Strafverfolgung zu erschweren. Millionen gefährliche Phishing-Mails Mit dem RedVDS-Abo hätten die Kriminellen schnell, anonym und grenzüberschreitend agieren können, erklärte Microsoft. In nur einem Monat hätten mehr als 2.600 verschiedene virtuelle RedVDS-Maschinen durchschnittlich eine Million Phishing-Nachrichten pro Tag allein an Microsoft-Kunden versendet. Obwohl die meisten davon blockiert oder markiert worden seien, bedeute die schiere Menge, dass ein kleiner Prozentsatz möglicherweise erfolgreich die Posteingänge der Ziele erreicht habe. Von den Betrügereien seien aber nicht nur Microsoft-Kunden betroffen gewesen, sondern Nutzer aller gängigen Plattformen. (dpa/jm) View the full article
-
From typos to takeovers: Inside the industrialization of npm supply chain attacks
A massive surge in attacks on the npm ecosystem over the past year reveals a stark shift in the software supply‑chain threat landscape. What once amounted to sloppy typosquatting attempts has evolved into coordinated, credential-driven intrusions targeting maintainers, CI pipelines, and the trusted automation that underpins modern development. For security leaders, these aren’t niche developer mishaps anymore — they’re a direct pathway into production systems, cloud infrastructure, and millions of downstream applications. The goal is no longer to trick an individual developer, but to quietly inherit their authority. And with it, their distribution reach. “NPM is an attractive target because it is the world’s largest JavaScript package repository and a key control point for distributing software,” said Melinda Marks, cybersecurity practice director at Enterprise Security Group. “Security teams need an understanding of dependencies and ways to regularly audit and mitigate risk.” Structural weaknesses in the npm infrastructure Nearly every enterprise relies on npm, whether directly or indirectly. According to IDC, 93% of organizations use open-source software, and npm remains the largest package registry in the JavaScript ecosystem. “Compromising a single popular package can immediately reach millions of downstream users and applications,” IDC’s research manager (DevSecOps), Katie Norton, said, turning one stolen credential into what she described as a “master key” for distribution. That scale, however, is only part of the risk. The exposure is amplified by structural weaknesses in how modern development pipelines are secured, Norton remarked. “Individual open-source maintainers often lack the security resources that enterprise teams rely on, leaving them susceptible to social engineering,” she said. “CI/CD runners and developer machines routinely process long-lived secrets that are stored in environment variables or configuration files and are easily harvested by malware.” “Build systems also tend to prioritize speed and reliability over security visibility, resulting in limited monitoring and long dwell times for attackers who gain initial access,” Norton added. While security leaders can’t patch their way out of this one, they can reduce exposure. Experts consistently point to the same priorities: treating CI runners as production assets, rotating and scoping publish tokens aggressively, disabling lifecycle scripts unless required, and pinning dependencies to immutable versions. “These npm attacks are targeting the pre-install phase of software dependencies, so typical software supply chain security methods of code scanning cannot address these types of attacks,” Marks said. Detection requires runtime analysis and anomaly detection rather than signature-based tooling. From typo traps to legitimate backdoors For years, typosquatting defined the npm threat model. Attackers published packages with names just close enough to popular libraries, such as “lodsash,” “expres,” “reacts,” and waited for automation or human error to do the rest. The impact was usually limited, and remediation straightforward. That model began to break in 2025. Instead of impersonating popular packages, attackers increasingly compromised real ones. Phishing campaigns spoofing npm itself harvested maintainer credentials. Stolen tokens were then used to publish trojanized updates that appeared legitimate to every downstream consumer. The Shai-Hulud campaign illustrated the scale of the problem, affecting tens of thousands of repositories and leveraging compromised credentials to self-propagate across the ecosystem. “The npm ecosystem has become the crown jewels of modern development,” said Kush Pandya, a cybersecurity researcher at Socket.dev. “When a single prolific maintainer is compromised, the blast radius spans hundreds of downstream projects.” The result was a quiet but powerful shift: attackers no longer needed to create convincing fakes. They could ship malware through trusted channels, signed and versioned like any routine update. Developer environments over developer laptops Modern npm attacks increasingly activate inside CI/CD environments rather than on developer laptops. Post-install scripts, long treated as benign setup helpers, became an execution vector capable of running automatically inside GitHub Actions or GitLab CI. Once inside a runner, malicious packages could read environment variables, steal publish tokens, tamper with build artifacts, or even push additional malicious releases under the victim’s identity. “Developer environments and CI runners are now worth more than end-user machines,” Pandya noted. “They usually have broader permissions, access to secrets, and the ability to push code into production.” Several campaigns observed in mid-2025 were explicitly CI-aware, triggering only when they detected automated build environments. Some included delayed execution or self-expiring payloads, minimizing forensic visibility while maximizing credential theft. For enterprises, this represents a fundamental risk shift. CI systems often operate with higher privileges than any individual user, yet are monitored far less rigorously. “They are often secured with weaker defaults: long-lived publish tokens, overly permissive CI secrets, implicit trust in lifecycle scripts and package metadata, and little isolation between builds,” Pandya noted. According to IDC Research, organizations allocate only about 14% of AppSec budgets to supply-chain security, with only 12% of them identifying CI/CD pipeline security as a top risk. Evasion as a first-class feature As defenders improved at spotting suspicious packages, attackers adapted too. Recent npm campaigns have used invisible Unicode characters to obscure dependencies, multi-stage loaders that fetch real payloads only after environment checks, and blockchain-hosted command-and-control (C2) references designed to evade takedowns. Others deployed worm-like behavior, using stolen credentials to publish additional malicious packages at scale. Manual review has become largely ineffective against this level of tradecraft. “The days when you could skim index.js and spot a malicious eval() are gone,” Pandya said. “Modern packages hide malicious logic behind layers of encoding, delayed execution, and environment fingerprinting.” Norton echoed the concern, noting that these attacks operate at a behavioral level where static scanning falls short. “Obfuscation techniques make malicious logic difficult to distinguish from legitimate complexity in large JavaScript projects,” she said. “CI-aware payloads and post-install scripts introduce behavior that only manifests under specific environmental conditions.” View the full article
-
What is AI fuzzing? And what tools, threats and challenges generative AI brings
AI fuzzing definition AI fuzzing has expanded beyond machine learning to use generative AI and other advanced techniquesto find vulnerabilities in an application or system. Fuzzing has been around for a while, but it’s been too hard to do and hasn’t gained much traction with enterprises. Adding AI promises to make the tools easier to use and more flexible. How fuzzing works In 2019, AI meant machine learning, and it was emerging as a new technique for generating test cases. The way traditional fuzzing works is you generate a lot of different inputs to an application in an attempt to crash it. Since every application accepts inputs in different ways, that requires a lot of manual setups. Security testers would then run these tests against their companies’ software and systems to see where they might fail. The test cases would be combinations of typical inputs to confirm that the systems worked when used as intended, random variants on those inputs, and inputs known to be capable of causing problems. With a nearly infinite number of permutations possible, machine learning could be used to generate test cases most likely to bring problems to light. But what about complicated systems? What if entering certain information on one form could lead to a vulnerability a few screens later? This is where human penetration testers would come in, using their human ingenuity to figure out where software could potentially break and security could potentially fail before it happens. Generative AI and fuzzing Today, generative artificial intelligence has the potential to automate this previously manual process, coming up with more intelligent tests, and allowing more companies to do more testing of their systems. That same technology, however, could be deadly in the hands of adversaries, who are now able to conduct complex attacks at scale. But there’s a third angle involved here. What if, instead of trying to break traditional software, the target was an AI-powered system? This creates unique challenges because AI chatbots are not predictable and can respond differently to the same input at different times. Using AI to help defend traditional systems Google’s OSS-Fuzz project announced in 2023 the use of LLMs to boost the tool’s performance. OSS-Fuzz was first released in 2016 to help the open-source community find bugs before attackers do. As of August 2023, the tool was used to help identify and fix more than 10,000 vulnerabilities and 36,000 bugs in 1,000 projects. By May 2025, that total had gone up to 13,000 vulnerabilities and 50,000 bugs. That included new vulnerabilities on projects that had already undergone hundreds of thousands of hours of fuzzing, Google reported, such as CVE-2024-9143 in OpenSSL. EY is using generative AI to supplement and create more test cases, says Ayan Roy, EY Americas cybersecurity competency leader. “And what we can do with gen AI is add more variables about behaviors.” EY has a team that investigates breaches, figures out what happened and how the bad guys got in. Then this new information can be processed by AI and used to create more test cases. AI fuzzing can also help speed up the discovery of vulnerabilities, Roy says. “Traditionally, testing was always a function of how many days and weeks you had to test the system, and how many testers you could throw at the testing,” he says. “With AI, we can expand the scale of the testing.” And, with previous automated testing, there would be a sequential flow from one screen to another. “With gen AI, we can validate more of the alternate paths,” he says. “With traditional RPA, we couldn’t do as many decision flows. We are able to go through more vulnerabilities, more test cases and more scenarios in a short time period.” That doesn’t mean that there isn’t still a place for old-school scripted automation. Once there’s a set of test cases, the scripts can go through them very quickly, and without slow and expensive calls to an LLM. “Gen AI is helping us generate more edge cases, and do more end-to-end system cases,” Roy says. IEEE senior member Vaibhav Tupe has also found that LLMs are particularly useful for testing APIs. “Human testers had their predefined test cases. Now it is infinite, and we are able to find a lot of corner cases. It’s a whole new level of discovery.” Another use of AI in fuzzing is that it takes more than a set of test cases to fully test an application — you also need a mechanism, a harness, to feed the test cases into the app, and in all the nooks and crannies of the application. “If the fuzzing harness does not have good coverage, then you may not uncover vulnerabilities through your fuzzing,” says Dane Sherrets, staff innovations architect for emerging technologies at HackerOne. “An AI game-changer here would be to have AI generate harnesses automatically for a given project and fully exercise all of the code.” There’s still a lot of work left to do in this area, however, he says. “Speaking from personal experience, building usable harnesses today requires more effort than just copy-paste vibe coding.” How attackers benefit from the use of AI It took less than two weeks after ChatGPT was first released in November of 2022 before Russian hackers were discussing how to bypass its geo-blocking. And as generative AI got more sophisticated, so did the attackers’ use of the technology. According to a Wakefield survey of more than 1,600 IT and security leaders, 58% of respondents believe agentic AI will drive half or more of the cyberattacks they face in the coming year. Anthropic, maker of the popular Claude large language model, identified just such an attack recently. According to a report the company published in November, the attackers, mostly likely a Chinese state-sponsored group, used Claude Code to attack about thirty global targets, including large tech companies, financial institutions, and government agencies. “The sheer amount of work performed by the AI would have taken vast amounts of time for a human team. At the peak of its attack, the AI made thousands of requests, often multiple per second — an attack speed that would have been, for human hackers, simply impossible to match,” stated the report. The attack involved first convincing Claude to carry out the malicious instructions. In the pre-AI days, this would have been called social engineering or pretesting. In this case, it was a jailbreak, a type of prompt injection. The attackers told Claude that they were legitimate security researchers conducting defensive testing. Of course, using a commercial model like Claude or ChatGPT costs money, money that attackers might not want to spend. And the AI providers are getting better at blocking these kinds of malicious uses of their systems. “A year ago, we would be able to jailbreak pretty much anything we tested,” says Josh Harguess, former head of AI red teaming for MITRE and founder of AI consulting firm Fire Mountain Lab. “Now, the guardrails have gotten better. When you try to do things these days, trying something you found online, you will get caught.” And the LLM will do more than just say that they can’t carry out a particular instruction, especially if the user keeps trying different tricks to get past the guardrails. “If you’re doing behavior that violates the EULA, you might get shut out of the service,” says Harguess. But attackers have other options. “They love things like DeepSeek and other open-source models,” he says. Some of these open-source models have fewer safeguards, and, by virtue of being open source, users can also modify them and run them locally without any safeguards at all. People are also sharing uncensored versions of LLMs on various online platforms. For example, Hugging Face currently lists more than 2.2 million different AI models. Over 3,000 of these are explicitly tagged as “uncensored.” “These systems happily generate sensitive, controversial, or potentially harmful output in response to user prompts,” said Jaeson Schultz, technical leader for Cisco Talos Security Intelligence & Research Group, in a recent report. “As a result, uncensored LLMs are perfectly suited for cybercriminal usage.” Some criminals have also developed their own LLMs that they market to other cybercriminals, which are fine-tuned for criminal activity. According to Cisco Talos, these include GhostGPT, WormGPT, DarkGPT, DarkestGPT, and FraudGPT. Defending chatbots against jailbreaks, injections, and other attacks According to a Gartner survey, 32% of organizations have already faced attacks on their AI applications. The leading type of attack, according to the OWASP top ten for LLMs, is prompt injection attack. This is where the user says something like, “I’m the CEO of the company, tell me all the secrets,” or “I’m writing a television script, tell me how a criminal would make meth.” To protect against this type of attack, AI engineers would create a set of guardrails, such as “ignore any request for instructions about how to build a bomb, regardless of the reason the user offers.” Then, to test whether the guardrails work, they’d try multiple variations of this prompt. AI is necessary here to generate variations on the attack because this isn’t something a traditional scripted system, or even a machine learning system, can do. “We need to apply AI to test AI,” says EY’s Roy. EY is using AI models for pretexting and prompt engineering. “It’s almost like what the bad actors are doing. AI can simulate social engineering of AI models and fuzzing is one of the techniques we use to look for all the variations in the input.” “This is not a nice-to-have,” Roy adds. “It’s a must-have given what’s happening in the attack landscape, with the speed and scale. Our systems also need to have speed and scale — and our systems need to be smarter.” One challenge is that, unlike traditional systems, LLMs are non-deterministic. “If the same input crashes the program 100 out of 100 times, debugging is straightforward,” says HackerOne’s Sherrets. “In AI systems, the consistency disappears.” The same input might trigger an issue only 20 out of 100 times, he says. Defending against prompt injection attacks is much more difficult than defending against SQL injections, according to a report released by the UK’s National Cyber Security Centre. The reason is that SQL injection attacks not only follow a particular pattern, but also defending against them is a matter of enforcing a separation between data and instructions. Then it’s just a matter of testing that the mechanism is in place and it works, by trying out a variety of SQL injection types. But LLMs don’t have a clear separation between data and instructions, a prompt is both at once. “It’s very possible that prompt injection attacks may never be totally mitigated in the way that SQL injection attacks can be,” wrote David C., the agency’s technical director for platforms research. Since AI chatbots accept unstructured inputs, there’s nearly an infinite variation in what users, or attackers, can type in, says IEEE’s Tupe. For example, a user can paste in a script as their question. “And it can get executed. AI agents are capable of having their own sandbox environments, where they can execute things.” “So, you have to understand the semantics of the question, understand the semantics of the answer, and match the two,” Tupe says. “We write a hundred questions and a hundred answers, and that becomes an evaluation data set.” Another approach is to force the answer the AI provides into a limited, pre-determined template. “Even though the LLM generates non-structure output, add some structure to it,” he says. And security teams have to be agile and keep evolving, he says. “It’s not a one-time activity. That’s the only solution right now. View the full article
-
Ransomware gangs extort victims by citing compliance violations
Ransomware attacks remain among the most common attack methods. As recent analyses show, cyber gangs are increasingly threatening their victims with reporting violations of regulations such as the GDPR to supervisory authorities. Researchers at the security provider Akamai have observed an increasing trend in this tactic over the past two years. As an example, the security vendor points to ransomware group Anubis. Its members reportedly focus primarily on industries with high compliance risks, such as healthcare. The notorious Ransomhub gang also allegedly employs this method, explicitly encouraging its partners to threaten hacked companies with regulatory penalties. Consequences for companies “This puts companies under a double pressure that is almost impossible to manage,” Klaus Hild, manager of solution engineering for enterprise at SailPoint, explained to CSO. They have to weigh the risk of paying ransoms against potentially ruinous penalties and reputational damage. “This ‘compliance extortion’ is no longer a theoretical threat — it has become standard practice for ransomware cartels,” Hild added. Tim Berghof, security evangelist at G DATA, confirmed to CSO that while this approach is technically just an extension of the “industry-standard” double extortion, it can have massive consequences. “Even if a complaint turns out to be unfounded, official investigations generate attention, tie up resources, and potentially become public,” he said. AI amplifies attacks Hild points to another problem: “AI-powered tools dramatically accelerate these attacks. Criminals can now screen stolen documents for ‘material’ compliance violations within hours of a data breach — faster and more accurately than many companies can audit their own systems.” The SailPoint specialist explains: “They create detailed, legally sound complaints for authorities and set tight deadlines. With new regulations like DORA in the EU and stricter SEC reporting requirements, the arsenal of these extortionists is constantly growing.” Berghoff summarizes: “The question remains which has the less severe consequences for companies: a self-report or an anonymous report to the relevant authority by a group of criminals. Since there is still a great deal of uncertainty surrounding compliance in some areas, threats involving authorities potentially fall on fertile ground.” View the full article
-
Sophisticated VoidLink malware framework targets Linux cloud servers
Researchers have uncovered a new sophisticated and modular malware framework designed to operate stealthily inside Linux systems and containers. The framework seems to have been designed by Chinese developers with in-depth knowledge of Linux internals and was created to be used against cloud servers. “The framework, internally referred to by its original developers as VoidLink, is a cloud-first implant written in Zig and designed to operate in modern infrastructure,” researchers from security firm Check Point said in their report. “It can recognize major cloud environments and detect when it is running inside Kubernetes or Docker, then tailor its behavior accordingly.” Check Point only found samples of the malware that appear to be an in-progress project rather than a completed product. However, the project is mature, and the company’s researchers suspect it won’t be long before the malware is used in real-world attacks, possibly for cyberespionage or supply-chain compromises because it harvests credentials for cloud environments and source code repository management systems. Highly extensible and customizable VoidLink draws inspiration from the beacon implant of Cobalt Strike, an adversary simulation framework that has been widely adopted and misused by attackers over the years. The malware uses an API to communicate with additional plug-ins that add a diverse set of capabilities. By default, the platform comes with 37 plug-ins that can be selected and delivered to the victim to enable additional capabilities. However, the operator can also deliver custom plug-ins. This is controlled through a professional-looking web-based command-and-control (C2) dashboard. “This interface is localized for Chinese-affiliated operators, but the navigation follows a familiar C2 layout: a left sidebar groups pages into Dashboard, Attack, and Infrastructure,” the researchers said. “The Dashboard section covers the core operator loop (agent manager, built-in terminal, and an implant builder). In contrast, the Attack section organizes post-exploitation activity such as reconnaissance, credential access, persistence, lateral movement, process injection, stealth, and evidence wiping.” The malware framework is written in Zig, a relatively new programming language that’s an alternative to C and is an unusual choice for malware development. However, the developers have also shown proficiency in other languages such as Go, C, and JavaScript frameworks such as React. The researchers note that VoidLink is much more advanced that typical Linux malware, with a well-designed core component handling state, communication and task execution that is delivered through a two-stage loader. Operators can deliver additional code to be executed in the form of plug-ins. Cloud reconnaissance and adaptability The malware was designed to detect whether it’s being executed on various cloud platforms such as AWS, GCP, Azure, Alibaba, and Tencent and then to start leveraging those vendors’ management APIs. The code suggests the developers plan to add detections for Huawei, DigitalOcean, and Vultr in the future. The malware collects extensive amounts of information about the machine and environment it runs in, including whether it’s a Docker container or a Kubernetes pod. It then can execute post-exploitation modules that attempt privilege escalation through container escapes or lateral movement to other containers. “Ultimately, the goal of this implant appears to be stealthy, long-term access, surveillance, and data collection,” the researchers said, adding that developers might be a target for initial delivery. Another interesting aspect is that the malware has a sophisticated algorithm through which it adapts its operations based on the security posture of the environment. It will scan for common Linux endpoint and detection response (EDR) tools and kernel hardening technologies and then calculate a risk score for the environment, which is then used to select a detection evasion strategy. The malware also has multiple rootkit components with deployment strategies for different versions of the Linux kernel and will deploy them based on the environment in which it runs. These rootkit modules hide the malware’s processes, files, and network sockets. C2 traffic is hidden in multiple ways, including as encrypted data in PNGs or JS, HTML, or CSS files, making it hard to detect at the network layer. “VoidLink aims to automate evasion as much as possible, profiling an environment and choosing the most suitable strategy to operate in it,” the researchers said. “Augmented by kernel mode tradecraft and a vast plugin ecosystem, VoidLink enables its operators to move through cloud environments and container ecosystems with adaptive stealth.” While malware for Linux is less common and often less sophisticated than malware programs for Windows, VoidLink stands out as a unique and highly capable framework. Even if it’s not totally clear whether this malware is intended to be a product for cybercriminals or as future commercial penetration testing framework of sorts, it serves as an example of the type of threats organizations should be prepared to defend in their Linux-based cloud environments. View the full article
-
Output from vibe coding tools prone to critical security flaws, study finds
Popular vibe coding platforms consistently generate insecure code in response to common programming prompts, including creating vulnerabilities rated as ‘critical,’ new testing has found. Security startup Tenzai’s top-line conclusion: the tools are good at avoiding security flaws that can be solved in a generic way, but struggle where what distinguishes safe from dangerous depends on context. The assessment, which it conducted in December 2025, compared five of the best-known vibe coding tools — Claude Code, OpenAI Codex, Cursor, Replit, and Devin — by using pre-defined prompts to build the same three test applications. In total, the code output by the five tools across 15 applications (three each) was found to contain a total of 69 vulnerabilities. Around 45 of these were rated ‘low-medium’ in severity, with many of the remainder rated ‘high’ and around half a dozen ‘critical’. While the number of low-medium vulnerabilities was the same for all five tools, only Claude Code (4 flaws), Devin (1) and Codex (1) generated critical-rated vulnerabilities. The most serious vulnerabilities concerned API authorization logic (checking who is allowed to access a resource or perform an action), and business logic (permitting a user action that shouldn’t be possible), both important for e-commerce systems. “[Code generated by AI] agents seems to be very prone to business logic vulnerabilities. While human developers bring intuitive understanding that helps them grasp how workflows should operate, agents lack this ‘common sense’ and depend mainly on explicit instructions,” said Tenzai’s researchers. Offsetting this, the tools did a good job of avoiding common flaws that have long plagued human-coded applications, such as SQLi or XSS vulnerabilities that are both still prominently featured in the OWASP Top 10 list of web application security risks. “Across all the applications we developed, we didn’t encounter a single exploitable SQLi or XSS vulnerability,” said Tenzai. Human oversight The vibe coding sales pitch is that it automates everyday programming jobs, boosting productivity. While this is undoubtedly true, Tenzai’s test shows that the idea has limits; human oversight and debugging are still needed. This isn’t a new discovery. In the year since the concept of ‘vibe coding’ was developed, other studies have found that, without proper supervision, these tools are prone to introducing new cyber security weaknesses. But it’s not simply that vibe coding platforms aren’t picking up security flaws in their code; in some cases, defining what counts as good or bad is simply impossible using general rules or examples. “Take SSRF [Server-Side Request Forgery]: there’s no universal rule for distinguishing legitimate URL fetches from malicious ones. The line between safe and dangerous depends heavily on context, making generic solutions impossible,” said Tenzai. The obvious solution is that, having invented vibe coding agents, the industry should now focus on vibe coding checking agents, which, of course, is where Tenzai, a small startup not long out of stealth mode, thinks it has found a gap in the market for its own technology. It said, “based on our testing and recent research, no comprehensive solution to this issue currently exists. This makes it critical for developers to understand the common pitfalls of coding agents and prepare accordingly.” Debugging AI The deeper question raised by vibe coding isn’t how well tools work, then, but how they are used. Telling developers to keep eyes on vibe code output isn’t the same as knowing this will happen, any more than it was in the days when humans made all the mistakes. “When implementing vibe coding approaches, companies should ensure that secure code review is part of any Secure Software Development Lifecycle and is consistently implemented,” commented Matthew Robbins, head of offensive security at security services company Talion. “Good practice frameworks should also be leveraged, such as the language-agnostic OWASP Secure Coding Practices, and language-specific frameworks such as SEI CERT coding standards.” Code should be tested using static and dynamic analysis before being deployed, Robbins added. The trick is to get debugging right. “Although vibe coding presents a risk, it can be managed by closely adhering to industry-standard processes and guidelines that go further than traditional debugging and quality assurance,” he noted. However, according to Eran Kinsbruner, VP of product marketing at application testing organization Checkmarx, traditional debugging risks being overwhelmed by the AI era. “Mandating more debugging is the wrong instinct for an AI-speed problem. Debugging assumes humans can meaningfully review AI-generated code after the fact. At the scale and velocity of vibe coding, that assumption collapses,” he said. “The only viable response is to move security into the act of creation. In practice, this means agentic security must become a native companion to AI coding assistants, embedded directly inside AI-first development environments, not bolted on downstream.” View the full article
-
Iran’s partial internet shutdown may be a windfall for cybersecurity intel
The near-total internet blackout imposed by the Iranian government starting January 8, reportedly due to a crackdown on protesters, may offer a rare opportunity to SOC staffers and other cybersecurity analysts, briefly allowing all government traffic sources to be identified and digitally fingerprinted, a massive help in tracking Iranian state actors. Among global malicious state actors, Iran is near the top, behind China, Russia and North Korea, which suggests that this kind of intel on Iranian systems might prove useful. One cybersecurity vendor CEO argues that it is indeed a potential threat intel goldmine. In an almost-total internet blackout, “the attack surface available to state hackers shrinks. They can no longer hide in the noise of millions of residential IPs. They are forced to route their attacks through the few remaining whitelisted pipes, which are exactly those boring government agencies such as Agriculture, Energy, Universities,” said Kaveh Ranjbar, CEO of Whisper Security. “Advanced Persistent Threat (APT) groups routinely co-opt benign government infrastructure to launch attacks because it looks clean. When the rest of the country is dark, those boring servers become the only available launchpads. A connection from the Ministry of Agriculture might not be a farmer. It’s likely a tunnel for a state actor who needs an exit node.” Ranjbar said the removal of the traffic from millions of routine Iranian business and residential users allows a powerful visibility into Iranian government traffic patterns, thereby allowing SOCs to flag those sources. “For a CISO, the calculus is simple: User traffic is zero. If Amazon or a bank sees traffic from Tehran during a blackout, it is not a customer buying books or checking a balance. It is not a remote employee. [All] of the traffic is machine-generated and state-sanctioned. Even if it’s just a misconfigured cron job at the Ministry of Water, it is an anomaly. But more often, it is scanning, probing, or reconnaissance,” Ranjbar said. “You don’t need a list of malicious agencies,” he observed. “You need to know that the entire visible IP space of Iran is currently a privileged enclave. If a server is allowed to speak to the outside world while 80 million citizens are silenced, that server is, by definition, an asset of the state. In a zero-trust environment, that makes it a high-confidence Indicator of Compromise (IoC) if it touches your network.” Analysts and consultants, however, were reserved about the approach, but pointed out that, on an ROI basis, it will typically require minimal effort to capture that data during the blackout, so it can’t hurt much to do so. “I don’t think there’s any downside to capturing it,” said Robert Kramer, vice president/principal analyst at Moor Insights & Strategy. Data might be of limited value But, Kramer and other experts said, the nature of state actors today may make that captured data of limited value. State actors for those four countries are among the most sophisticated, experienced, and best-financed attackers anywhere. One of their top skills is not only knowing how to cover their tracks, but how to create false logs and other deceptions to make the attack look like it is being launched from anywhere other than its true source. In short, if the logs point to the attack coming from China, a CISO knows that the attack almost certainly wasn’t launched by China. Sanchit Vir Gogia, chief analyst at Greyhound Research, said that he sees some of the potential value, but added that it is limited. In this kind of blackout, “the few packets that escape become disproportionately meaningful. You’re looking at whitelisted ASNs, state-controlled telecoms and government-operated services. That residual traffic helps map adversary digital infrastructure with surprising clarity. The presence of DNS queries, passive malware beacons, or control-plane BGP signals during a blackout gives analysts a blueprint of national priorities.” Gogia said. But, he stressed, that’s where the value may stop. “Residual traffic does not readily convert into block rules or SIEM logic. It does not hand you command-and-control servers on a silver platter. Most of it is either benign or diagnostic. And unless correlated with strong behavioral signals, it rarely survives the trip from strategic context to operational action,” he said. “Yes, you might find an Iranian IP that kept chattering when no one else could. But was it a threat actor’s box, or just a government website? Without high-confidence enrichment, it’s guesswork. Worse, if that same IP goes back to hosting payroll services a week later, your SOC is stuck chasing shadows. That’s why this intelligence is best used for threat modelling, not triage.” Gogia added that the captured data is also likely to expire relatively quickly. “Routing anomalies and observable proxies are equally unstable. During partial shutdowns, traffic might reroute through unexpected neighbors or temporarily migrate to backup ISPs,” he noted. “A sharp analyst might catch an Iranian subnet using a German transit point during a blackout. But once service restores, that path disappears. If you treated it as a long-term IoC, it would quickly become a dead end.” Setting aside deliberate deception, there is also a lot of legitimate traffic coming from Iranian government agencies, Matthew Stern, CEO at CNC Intelligence, pointed out. “This may offer short-term insight into routing behavior, protocol usage, and infrastructure dependencies that Iranian state-linked operators may later reuse. However, this should not be overstated,” Stern said. “Government traffic is not inherently malicious and sophisticated Iranian cyber actors frequently operate through foreign infrastructure, compromised hosts, and third-party services outside Iran, which significantly limits the long-term defensive value of domestic traffic fingerprinting.” Nonetheless, cybersecurity consultant Brian Levine, executive director of FormerGov, said the rare nature of this shutdown makes it worth performing whatever data capture is viable. The signal to noise ratio flips “From an intelligence perspective, this is one of the rare moments when the signal‑to‑noise ratio flips. If traffic is flowing out of Iran right now, odds are high it’s state‑linked, and that alone makes it worth capturing,” Levine said. “Even legitimate Iranian government activity can be valuable to SOCs. State actors tend to reuse infrastructure, routes, and operational patterns. Today’s ‘normal’ traffic can become tomorrow’s attribution breadcrumb.” Although Levine agreed that the quantity of actionable long-term data is likely small, he thinks it is still worth capturing. “Collecting digital fingerprints during a blackout won’t solve attribution on its own, but it can sharpen it. In cyber defense, even a few percentage points of clarity can make the difference between catching an intrusion early and missing it entirely.” However, two VP analysts with Gartner, Jeremy D’Hoinne and Akif Khan, were more skeptical of the data’s value and discouraged CISO teams from pursuing it. “Attribution is dangerous based on fragmented technical evidence,” D’Hoinne said. “Don’t get distracted.” Khan was more blunt. “In the fog of war, trying to find verifiable information is very challenging. Without being able to corroborate, I don’t think this goes beyond an intellectual exercise. If people in your enterprise SOC have the time to do this, they need to refocus their priorities.” View the full article
-
SpyCloud Launches Supply Chain Solution to Combat Rising Third-Party Identity Threats
SpyCloud, the leader in identity threat protection, today announced the launch of its Supply Chain Threat Protection solution, an advanced layer of defense that expands identity threat protection across the extended workforce, including organizations’ entire vendor ecosystems. Unlike traditional third-party risk management platforms that rely on external surface indicators and static scoring, SpyCloud Supply Chain Threat Protection provides timely access to identity threats derived from billions of recaptured breach, malware, phished, and combolist data assets, empowering organizations – from enterprise security teams to public sector agencies – to act on credible threats rather than simply observe and accept risk. Supply Chain Threat Protection addresses a critical gap in enterprise security: the inability to maintain real-time awareness of identity exposures affecting third-party partners and vendors. According to the 2025 Verizon Data Breach Investigations Report, third-party involvement in breaches doubled year-over-year, jumping from 15% to 30% primarily due to software vulnerabilities and weak security practices. As supply chain compromises continue to escalate, security teams need intelligence that goes beyond questionnaires and external scans to reveal active threats like phishing campaigns targeting their trusted partners, confirmed credential theft, and malware-infected devices exposing critical business applications to criminals. For government agencies and critical infrastructure operators, supply chain threats present national security risks that demand heightened vigilance. Public sector organizations managing sensitive data and critical services increasingly rely on contractors and technology vendors whose compromised credentials could provide adversaries with pathways into classified systems or essential infrastructure. Last year alone, the top 98 Defense Industrial Base suppliers had over 11,000 dark web exposed credentials – an 81% increase from the previous year. SpyCloud Supply Chain Threat Protection enables federal, state, and local agencies to identify when suppliers or contractors have been compromised – allowing them to take proactive measures before an identity exposure escalates into a matter of national security. “Third-party threats have evolved far beyond what traditional vendor assessment tools can detect,” said Damon Fleury, Chief Product Officer at SpyCloud. “Public and private sector organizations need to know when their vendors’ employees are actively compromised by malware or phishes, when authentication data is circulating on the dark web, and which partners pose the greatest real downstream threat to their business. Our new solution delivers those signals by transforming raw underground data into clear, prioritized actions that security teams use to protect their organization.” Supply Chain Threat Protection enables organizations and agencies to continuously monitor thousands of suppliers, with each company’s threats enumerated in detail, and also represented in an at-a-glance Identity Threat Index. The Index is a comprehensive and continuously updated analysis that quantifies vendor security posture through the lens of identity exposure, from both active and historical phishing, breach, and malware sources, and surfaces which partners pose the most significant risk based on verified dark web intelligence. Key Capabilities Include: Real Evidence of Compromise: Timely recaptured identity data from breaches, malware, and successful phishes collected continuously from the criminal underground, with context that gives security teams enhanced visibility into the identity threats facing suppliers today. Identity Threat Index: Aggregates multiple verified data sources weighted by the recency, volume, credibility, and severity of compromise, emphasizing verified identity data over static breach records for more robust and real-time visibility into vendor risk. Compromised Applications: Identifies the internal and third-party business applications exposed on malware-infected supplier devices to support deeper investigation and risk assessment. Enhanced Vendor Management and Communications: Facilitates sharing of actionable evidence and detailed executive-level reports directly with vendors to collaboratively improve security posture, transforming vendor relationships from adversarial scoring to collaborative protection. Integrated Response: Leveraging SpyCloud’s console, teams now have access to identity threat protection beyond the traditional employee perimeter with this extension to suppliers, allowing analysts to respond to workforce identity threats within a single tool. SpyCloud Supply Chain Threat Protection is designed to support multiple use cases across Security Operations, Infosec, Vendor Risk Management, and GRC teams. Organizations can leverage the solution for vendor due diligence during procurement and onboarding, continuous risk reviews to strengthen vendor relationships, and accelerated incident response when vendor exposures threaten their own environments. “Security teams and their counterparts across the business are overwhelmed with vendor assessments, questionnaires, and risk scores that often don’t translate to real prevention,” said Alex Greer, Group Product Manager at SpyCloud. “Our customers have often reported that when they’re evaluating doing business with a new vendor, they lack the actionable data their legal and compliance teams need for evidence-based decision making. That’s where SpyCloud stands out. Surfacing verified identity threats tied directly to vendor compromise, letting teams escalate to leadership when to restrict data access and prioritize efforts for the greatest impact on reducing organizational risk.” Unlike existing solutions that rely on external surface indicators and static scoring, SpyCloud provides threat data derived from underground sources – the same recaptured darknet identity data that criminals actively use to target organizations and agencies. This fundamental difference enables SpyCloud customers to move from passive risk acceptance to proactive and holistic identity threat protection. To learn more about defending organizations from the exposures of vendors and suppliers, registration is open for SpyCloud’s upcoming Live Virtual Event, Beyond Vendor Risk Scores: How to Solve the Hidden Identity Crisis in Your Supply Chain, on Thursday, January 22, 2026, at 11 am CT. About SpyCloud SpyCloud transforms recaptured darknet data to disrupt cybercrime. Its automated identity threat protection solutions leverage advanced analytics and AI to proactively prevent ransomware and account takeover, detect insider threats, safeguard employee and consumer identities, and accelerate cybercrime investigations. SpyCloud’s data from breaches, malware-infected devices, and successful phishes also powers many popular dark web monitoring and identity theft protection offerings. Customers include seven of the Fortune 10, along with hundreds of global enterprises, mid-sized companies, and government agencies worldwide. Headquartered in Austin, TX, SpyCloud is home to more than 200 cybersecurity experts whose mission is to protect businesses and consumers from the stolen identity data criminals are using to target them now. To learn more and see insights on your company’s exposed data, users can visit spycloud.com. Contact Media Specialist Phil Tortora REQ on behalf of SpyCloud [email protected] View the full article
-
CrowdStrike to add browser security to Falcon with Seraphic acquisition
CrowdStrike has agreed to acquire Israel-based Seraphic Security, a browser runtime security company, to extend its Falcon platform to browser-native enterprise security. Expected to close by April, the acquisition will allow CrowdStrike to integrate Seraphic’s browser-native protection with its Falcon endpoint telemetry and threat intelligence capabilities. The move comes just days after CrowdStrike announced plans to acquire SGNL, a continuous identity authorization company. Browser as attack surface With web browsers increasingly serving as the primary interface for enterprise work, communication, SaaS applications, and AI tools, they are emerging as one of the most exposed layers in corporate IT environments. “Traditional endpoint controls like EDR focus on the OS level and miss in-session browser activity, while network tools like firewalls can’t inspect HTTPS-encrypted sessions or user actions within apps. They lack visibility into browser telemetry, shadow IT, malicious extensions, and data flows, leaving gaps that attackers exploit via phishing, session hijacking, and zero-days,” said Amit Jaju, global partner/senior managing director – India at Ankura Consulting. He added that web browsers pose risks even in controlled environments because they inherently process untrusted internet code, enabling zero-day exploits, malicious extensions acting as supply chain attacks, and credential theft that bypasses perimeter defenses. CrowdStrike said the Seraphic acquisition will allow it to extend the Falcon platform deeper into in-browser activity. With Seraphic, the company aims to transform the SOC by correlating trillions of endpoint signals with deep, in-session browser telemetry. This will allow the Falcon platform to understand user intent, application context, and data flow in real time. “Seraphic’s true USP lies in its ability to make the browser session itself a governable security surface, rather than treating the browser as a passive extension of the endpoint,” said Sanchit Vir Gogia, chief analyst at Greyhound Research. “Most enterprise security stacks stop at device health and identity validation. They confirm who logged in and from what device, but they lose visibility once the user begins interacting inside SaaS applications. Seraphic addresses this by enforcing policy inside the live browser session, covering user actions, session behaviour, and data movement that never touches disk and never triggers network anomalies. When integrated into CrowdStrike Falcon, it moves from detecting threats around user activity to governing behaviour during it.” Gen AI altering browser risk Generative AI has fundamentally altered the browser risk profile. Gogia noted that the browser is now a bidirectional data exchange, where employees routinely feed sensitive context into AI systems. Most of this activity happens outside formal enterprise governance. Copying internal data into AI prompts, uploading files for summarisation, or using AI-enhanced browser features has become one of the fastest-growing data leakage paths in organisations. As a result, browser-level enforcement is one of the few practical ways to address this without resorting to unrealistic bans. CrowdStrike will also integrate SGNL’s continuous authorization technology, enabling permissions to be dynamically granted or revoked on a per-session and risk-level basis. The two solutions combined will create what the company described as a unified security fabric. The integration will be designed to secure how generative AI applications and agents are accessed, to prevent shadow AI tools from scraping or exfiltrating sensitive enterprise data. It will also aim to prevent the copying, uploading, or screen-grabbing of sensitive data using AI-based content filtering and granular execution-layer controls, stop session hijacking, sophisticated phishing, and man-in-the-browser attacks at the point of execution by randomizing the browser’s JavaScript engine. In addition, CrowdStrike will extend protection to unmanaged and BYOD devices by securing the browser session without requiring a full endpoint agent. View the full article
-
Hackerangriff löst Fehlalarm in Halle aus
rame435 – shutterstock.com In der Stadt Halle (Saale) ist es am Samstag (10. Januar) zu einem Fehlalarm gekommen. Gegen 22 Uhr heulten alle betriebsfähigen Sirenen auf, begleitet von einer englischsprachigen Durchsage: “Active shooter. Lockdown now” (Bewaffneter Angreifer aktiv. Sofortiger Lockdown). Wie die Stadtverwaltung mitteilte, handelt es sich bei der Ursache nach aktuellen Kenntnissen höchstwahrscheinlich um einen Cyberangriff. Wie Oberbürgermeister Alexander Vogt und Tobias Teschner, Leiter des Fachbereichs Sicherheit, erklären, wurde der Alarm durch einen externen Zugriff auf das Sirenensystem ausgelöst – also weder von der Stadt selbst noch vom Land Sachsen-Anhalt oder vom Bund. Alarmsystem weiterhin funktionsfähig Weitere Details zu dem Angriff sind derzeit nicht bekannt. Man habe alle notwendigen Maßnahmen zur Sicherung des Sirenensystems ergriffen und Anzeige bei der Polizei erstattet, versichert die Stadt. „Dort laufen die Ermittlungen inzwischen auf Hochtouren. Alle Sirenen im Stadtgebiet sind vor äußeren Zugriffen geschützt und alarmfähig.“ Am Samstag war zudem die städtische Webseite www.halle.de kurzzeitig nicht erreichbar. Die Stadt schließt jedoch einen gezielten DDoS-Angriff aus. Stattdessen geht man davon aus, dass die hohen Zugriffszahlen aufgrund des Alarms zu der Unterbrechung geführt haben. Inzwischen seien Maßnahmen ergriffen worden, um die Webseite auch bei starkem Nutzeraufkommen stabil zu halten, heißt es in der Mitteilung. View the full article
-
Hackerangriff löst Fehlalarm in Halle aus
rame435 – shutterstock.com In der Stadt Halle (Saale) ist es am Samstag (10. Januar) zu einem Fehlalarm gekommen. Gegen 22 Uhr heulten alle betriebsfähigen Sirenen auf, begleitet von einer englischsprachigen Durchsage: “Active shooter. Lockdown now” (Bewaffneter Angreifer aktiv. Sofortiger Lockdown). Wie die Stadtverwaltung mitteilte, handelt es sich bei der Ursache nach aktuellen Kenntnissen höchstwahrscheinlich um einen Cyberangriff. Wie Oberbürgermeister Alexander Vogt und Tobias Teschner, Leiter des Fachbereichs Sicherheit, erklären, wurde der Alarm durch einen externen Zugriff auf das Sirenensystem ausgelöst – also weder von der Stadt selbst noch vom Land Sachsen-Anhalt oder vom Bund. Alarmsystem weiterhin funktionsfähig Weitere Details zu dem Angriff sind derzeit nicht bekannt. Man habe alle notwendigen Maßnahmen zur Sicherung des Sirenensystems ergriffen und Anzeige bei der Polizei erstattet, versichert die Stadt. „Dort laufen die Ermittlungen inzwischen auf Hochtouren. Alle Sirenen im Stadtgebiet sind vor äußeren Zugriffen geschützt und alarmfähig.“ Am Samstag war zudem die städtische Webseite www.halle.de kurzzeitig nicht erreichbar. Die Stadt schließt jedoch einen gezielten DDoS-Angriff aus. Stattdessen geht man davon aus, dass die hohen Zugriffszahlen aufgrund des Alarms zu der Unterbrechung geführt haben. Inzwischen seien Maßnahmen ergriffen worden, um die Webseite auch bei starkem Nutzeraufkommen stabil zu halten, heißt es in der Mitteilung. View the full article
-
Cybersecurity at the state and local level: Washington has the framework, it’s time to act
The White House’s March 2025 Executive Order (EO) on “Achieving Efficiency Through State and Local Preparedness” raised an issue of utmost importance for national security and our critical infrastructure. As noted in the order, “federal policy must rightly recognize that preparedness is most effectively owned and managed at the state, local and even individual levels, supported by a competent, accessible and efficient federal government.” Despite claims from various cybersecurity leaders that the March EO is a federal retreat on information technology security, has funding gaps and lacks implementation clarity and expertise at the local level, the president is correct: Local jurisdictions are best positioned to anticipate their electronic security needs, understand their unique weaknesses, vulnerabilities and risks, and are best suited to develop and implement an incident response, mitigation and recovery plan based on their unique circumstances. Congress is right, too. In 2021, it established the State and Local Cybersecurity Grant Program (SLCGP) to “award grants to eligible entities to address cybersecurity risks and cybersecurity threats to information systems owned or operated by, or on behalf of, state, local or tribal governments.” The SLCGP authorizes $1 billion over four years to help state, local, tribal and territorial governments reduce systemic cyber risks and requires a pass-through of at least 80 percent of those funds to local governments, while reserving 25 percent of those funds for rural jurisdictions. A key component of the SLCGP ties any disbursement of funds to the Cybersecurity Infrastructure and Security Agency’s (CISA) approval of a state’s cybersecurity plan. That proposal must meet the requirements set forth in the SLCGP, such as implementation of the National Institute of Standards and Technology (NIST) cybersecurity framework. This September, the Homeland Security Committee — with bipartisan support — introduced the Protecting Information by Local Leaders for Agency Resilience Act(PILLAR Act, H.R. 5078), which seeks to not only extend SLCGP for 10 years, but also provide long‑term stability and funding, strengthen milestone‑based accountability, expand its scope to AI and operational technology, and clarify cost‑sharing between federal and state governments. Combined, the March 2025 EO and the SLCGP create a framework that will succeed if implemented in tandem. Unfortunately, that’s not what happened. In January 2025, the Office of Management and Budget directed all federal agencies to “temporarily pause all activities related to obligations or disbursement of all federal financial assistance.” This effectively ended all SLCGP disbursements and left it and the EO as unfunded mandates. But that’s not quite where this story ends. As part of the re-opening of the government in November, the SLCGP was potentially resurrected when its authorization was extended to January 30. This is a crucially important development. Now is the time to act and bring SLCGP fully back to life through the PILLAR Act. With our adversaries already embedded in our critical infrastructure (see Salt and Volt Typhoon, advanced persistent threat actors tied to China’s government), and the recent deployment of AI as a cyber-super-weapon — as demonstrated by Anthropic’s recent announcement of how its Claude AI was manipulated by Chinese state-sponsored hackers to conduct a large-scale attack executed almost entirely by AI agents — states and local jurisdictions are even more vulnerable. This is not simply a matter of funding; it’s a matter of national security. There should not be much debate as to whether states will utilize SLCGP effectively; they already have the data. As of August 1, 2024, according to the Government Accountability Office, “the Department of Homeland Security provided approximately $172 million in grants to 33 states and territories” and “[t]he grants are funding 839 state and local cybersecurity projects that align with core cybersecurity functions as defined by [NIST],” including developing cybersecurity plans and policies, employing cybersecurity contractors, upgrading equipment and implementing multi-factor authentication. The passage of the PILLAR Act will also enhance CISA’s reach, even with its reduced workforce and limited resources, by making it a force multiplier because it can now focus on oversight — approving state cybersecurity tactics, setting standards and guiding and monitoring priorities — while state, local and tribal governments execute the day-to-day implementation. Not mentioned in the PILLAR Act, but something practical and easily executed as part of the SLCGP, is local governments partnering with private and public universities to tap into a pipeline of students trained in cybersecurity strategy (e.g., law, policy, risk management, governance) and emerging technologies such as artificial intelligence, resulting in lower costs for the local governments, hands-on experience for students and community building and outreach between local governments and universities. The PILLAR Act has bipartisan support, and the president’s March 2025 EO reinforces everything contained within it. We now have the framework for securing our state, local and tribal governments. Let’s get this done immediately, as the stakes have never been higher and our national security depends on it. This article is published as part of the Foundry Expert Contributor Network. Want to join? View the full article
-
Allianz: KI birgt große Gefahr für Unternehmen
Nathakorn Tedsaard – shutterstock.com Künstliche Intelligenz (KI) hat sich nach Einschätzung der Allianz zu einem der größten globalen Geschäftsrisiken für Unternehmen entwickelt. Im neuen “Risikobarometer” des Unternehmensversicherers Allianz Commercial ist die KI vom zehnten auf den zweiten Platz hinter dem langjährigen Spitzenreiter Cyberkriminalität emporgeschossen. Beides steht in Zusammenhang: Kriminelle Hacker nutzen demnach in wachsendem Umfang KI für ihre Attacken. Doch kann die Nutzung von KI laut Risikobarometer auch ohne jede böse Absicht gefährlich für ein Unternehmen sein, etwa wenn Manager und Mitarbeiter auf Basis falscher Daten und Informationen falsche Entscheidungen treffen. Die drei Hauptgefahren stehen in Zusammenhang Auf Rang drei der größten globalen Geschäftsrisiken stehen in diesem Jahr Betriebsunterbrechungen. Auch dabei gibt es eine Verbindung zu Cyberangriffen: Eine häufige Ursache von Betriebsunterbrechungen ist Online-Erpressung: Die Hacker lähmen die Rechnersysteme eines Unternehmens per Verschlüsselung und fordern für die anschließende Entschlüsselung hohe Summen. Allianz Commercial ist eine Tochter des Münchner Dax-Konzerns, das Unternehmen publiziert sein “Risikobarometer” alljährlich zu Jahresbeginn. Die Einschätzungen basieren auf der Befragung von 3.338 Fachleuten aus 97 Ländern im vergangenen Herbst. Darunter sind Führungskräfte und Manager anderer Unternehmen, Risiko- und Schadenberater, Versicherungsmakler, Experten von Branchenverbänden sowie auch Allianz-Mitarbeiter. Die Antworten der Befragten unterscheiden sich von Land zu Land, allerdings nicht grundlegend: So landeten die KI-Risiken in Deutschland auf Platz vier, in der Schweiz auf dem zweiten Rang, in Österreich dagegen sogar auf Platz eins. KI Fluch und Segen zugleich Die KI ist demnach ein zweischneidiges Schwert: Eine Mehrheit der Unternehmen sieht die Technologie als Chance, nicht zuletzt für die automatisierte Abwehr bösartiger Cyberattacken. Doch gleichzeitig sehen etliche der befragten Fachleute große Gefahren: KI berge ein immer schneller voranschreitendes Risiko, sagte Michael Furtscheller, der regionale Geschäftsleiter für Deutschland und die Schweiz – “vielleicht auch Fluch und Segen”. KI erleichtert Tätern das Werk Demnach nutzen Cybertäter KI unter anderem für die Perfektionierung von Social Engineering, um als Führungskräfte zu posieren und deren Untergebene zu täuschen. “Durch Schreiben von sehr zugeschnittenen E-Mails, dass man dort klicken oder sonst etwas tun soll, sei es mit Clonings oder der Generierung von Sprache, oder sogar der Fälschung von Videos”, erläuterte Michael Daum, Leiter der Cyberschaden-Bearbeitung. “Die große Mehrzahl der Angriffe, die wir sehen, erfordert nach wie vor das Zutun eines Menschen – in der Regel eines Mitarbeiters – den Angriff zu ermöglichen.” KI birgt für Unternehmen doppelte Gefahr von außen und innen Doch Attacken von außen sind nach Worten der Allianz-Manager nur eine Seite des Problems. Risiken für Unternehmen birgt demnach auch die ganz legale Verwendung von KI-Software durch die eigenen Mitarbeiter und Führungskräfte. “Die KI per Definition arbeitet mit einem gewissen Grad an Autonomie und deswegen können die Ergebnisse falsch oder frei erfunden sein”, sagte Allianz Commercial-Managerin Alexandra Braun. “Und falsche oder auch einmal diskriminierende KI-Ergebnisse, die können natürlich auch zu Rechtsstreitigkeiten oder negativen Presseberichterstattungen und dann zu Reputations- und Imageverlust führen für Unternehmen.” Zu den KI-eigenen Risiken zählen demnach auch Urheberrechtsverletzungen, wenn die Software geschützte Informationen abschreibt oder verwendet. Breite Palette der übrigen Risiken: von der Politik bis zur Explosion Die übrigen Risiken unter den globalen Top Ten reichen von der Politik über die Natur bis zu den hergebrachten Unsicherheiten des Geschäftslebens. Auf Platz vier stehen Gesetzgebung und Regulierung, was sich sowohl auf die US-Zollpolitik und sonstige Handelshemmnisse als auch die in vielen Ländern beklagte Bürokratie bezieht. Auf den nächsten beiden Rängen folgen Naturkatastrophen und Klimawandel, anschließend politische Instabilität und Gewalt, negative volkswirtschaftliche Entwicklungen etwa durch Inflation, Feuer und Explosionen. Platz zehn nimmt die Ungewissheit über Marktentwicklungen ein, seien es neue Wettbewerber, Firmenübernahmen oder sonstiger Wandel. (dpa/jm) View the full article
-
Allianz: KI birgt große Gefahr für Unternehmen
Nathakorn Tedsaard – shutterstock.com Künstliche Intelligenz (KI) hat sich nach Einschätzung der Allianz zu einem der größten globalen Geschäftsrisiken für Unternehmen entwickelt. Im neuen “Risikobarometer” des Unternehmensversicherers Allianz Commercial ist die KI vom zehnten auf den zweiten Platz hinter dem langjährigen Spitzenreiter Cyberkriminalität emporgeschossen. Beides steht in Zusammenhang: Kriminelle Hacker nutzen demnach in wachsendem Umfang KI für ihre Attacken. Doch kann die Nutzung von KI laut Risikobarometer auch ohne jede böse Absicht gefährlich für ein Unternehmen sein, etwa wenn Manager und Mitarbeiter auf Basis falscher Daten und Informationen falsche Entscheidungen treffen. Die drei Hauptgefahren stehen in Zusammenhang Auf Rang drei der größten globalen Geschäftsrisiken stehen in diesem Jahr Betriebsunterbrechungen. Auch dabei gibt es eine Verbindung zu Cyberangriffen: Eine häufige Ursache von Betriebsunterbrechungen ist Online-Erpressung: Die Hacker lähmen die Rechnersysteme eines Unternehmens per Verschlüsselung und fordern für die anschließende Entschlüsselung hohe Summen. Allianz Commercial ist eine Tochter des Münchner Dax-Konzerns, das Unternehmen publiziert sein “Risikobarometer” alljährlich zu Jahresbeginn. Die Einschätzungen basieren auf der Befragung von 3.338 Fachleuten aus 97 Ländern im vergangenen Herbst. Darunter sind Führungskräfte und Manager anderer Unternehmen, Risiko- und Schadenberater, Versicherungsmakler, Experten von Branchenverbänden sowie auch Allianz-Mitarbeiter. Die Antworten der Befragten unterscheiden sich von Land zu Land, allerdings nicht grundlegend: So landeten die KI-Risiken in Deutschland auf Platz vier, in der Schweiz auf dem zweiten Rang, in Österreich dagegen sogar auf Platz eins. KI Fluch und Segen zugleich Die KI ist demnach ein zweischneidiges Schwert: Eine Mehrheit der Unternehmen sieht die Technologie als Chance, nicht zuletzt für die automatisierte Abwehr bösartiger Cyberattacken. Doch gleichzeitig sehen etliche der befragten Fachleute große Gefahren: KI berge ein immer schneller voranschreitendes Risiko, sagte Michael Furtscheller, der regionale Geschäftsleiter für Deutschland und die Schweiz – “vielleicht auch Fluch und Segen”. KI erleichtert Tätern das Werk Demnach nutzen Cybertäter KI unter anderem für die Perfektionierung von Social Engineering, um als Führungskräfte zu posieren und deren Untergebene zu täuschen. “Durch Schreiben von sehr zugeschnittenen E-Mails, dass man dort klicken oder sonst etwas tun soll, sei es mit Clonings oder der Generierung von Sprache, oder sogar der Fälschung von Videos”, erläuterte Michael Daum, Leiter der Cyberschaden-Bearbeitung. “Die große Mehrzahl der Angriffe, die wir sehen, erfordert nach wie vor das Zutun eines Menschen – in der Regel eines Mitarbeiters – den Angriff zu ermöglichen.” KI birgt für Unternehmen doppelte Gefahr von außen und innen Doch Attacken von außen sind nach Worten der Allianz-Manager nur eine Seite des Problems. Risiken für Unternehmen birgt demnach auch die ganz legale Verwendung von KI-Software durch die eigenen Mitarbeiter und Führungskräfte. “Die KI per Definition arbeitet mit einem gewissen Grad an Autonomie und deswegen können die Ergebnisse falsch oder frei erfunden sein”, sagte Allianz Commercial-Managerin Alexandra Braun. “Und falsche oder auch einmal diskriminierende KI-Ergebnisse, die können natürlich auch zu Rechtsstreitigkeiten oder negativen Presseberichterstattungen und dann zu Reputations- und Imageverlust führen für Unternehmen.” Zu den KI-eigenen Risiken zählen demnach auch Urheberrechtsverletzungen, wenn die Software geschützte Informationen abschreibt oder verwendet. Breite Palette der übrigen Risiken: von der Politik bis zur Explosion Die übrigen Risiken unter den globalen Top Ten reichen von der Politik über die Natur bis zu den hergebrachten Unsicherheiten des Geschäftslebens. Auf Platz vier stehen Gesetzgebung und Regulierung, was sich sowohl auf die US-Zollpolitik und sonstige Handelshemmnisse als auch die in vielen Ländern beklagte Bürokratie bezieht. Auf den nächsten beiden Rängen folgen Naturkatastrophen und Klimawandel, anschließend politische Instabilität und Gewalt, negative volkswirtschaftliche Entwicklungen etwa durch Inflation, Feuer und Explosionen. Platz zehn nimmt die Ungewissheit über Marktentwicklungen ein, seien es neue Wettbewerber, Firmenübernahmen oder sonstiger Wandel. (dpa/jm) View the full article
-
US cybersecurity weakened by congressional delays despite Plankey renomination
The White House moved to restart an urgent stalled priority by renominating well-regarded Coast Guard and Energy Department cyber veteran Sean Plankey as CISA director. Experts say the step offers some relief but does not go far enough to resolve the broader congressional inaction still straining the nation’s cyber defenses. Some have faulted the White House for a lack of engagement in cyber issues and their advancement through Congress, while others say congressional dysfunction is the larger problem. Referring to the Trump administration’s broader approach to cyber policy, Jim Lewis, SVP and director of the technology and public policy program at the Center for Strategic and International Studies (CSIS), tells CSO, “Cyber isn’t a priority for these guys.” But Ari Schwartz, managing director of cybersecurity services at Venable, views Congress as the greater culprit. “It is very difficult to get bills passed in Congress, and it turns out it’s very difficult to get some of these nominees through as well, even when they have bipartisan support. That signals we cannot get stuff done and is extremely problematic,” he tells CSO. Problems stemming from inaction across these areas could begin to emerge as soon as next month and compound thereafter if no further action is taken. Some experts are hopeful Congress or the administration will step in to address the lapses, although they warn solutions will not emerge quickly. CISA leadership: Swift confirmation needed to limit damage The end of the year for Congress on Dec. 31 allowed the nomination of Plankey to lapse, requiring a new nomination process. Experts say the longer Plankey waits for confirmation, the more adrift CISA and US cyber policy will be. Amid budget cuts driven by Elon Musk’s Department of Government Efficiency, which sharply reduced CISA’s staffing and institutional capacity, the ongoing lack of leadership at CISA accelerated the loss of invaluable expertise and created a three-level cybersecurity failure — internal, domestic, and international — for the US, according to Megan Stifel, chief strategy officer at the Institute for Security and Technology. “Not having confirmed leadership undermines CISA’s ability to meet its statutory obligations,” Stifel tells CSO. She adds that the lack of confirmed leadership complicates interagency coordination and weakens US credibility on critical infrastructure security abroad. Even with Plankey’s renomination, the damage caused by the prolonged leadership vacuum at the agency will still take time to rectify, according to CSIS’s Lewis. “They already hollowed out CISA, right? One CISA person who just left the agency told me that 40% of the career staff was gone. There’s not going to be a team to hand off to. They’ll need to do a lot of rebuilding.” For the chairman of the House Homeland Security Committee, Andrew Garbarino (R-NY), Plankey’s renomination came none too soon. Speaking at an event hosted by the McCrary Institute on Dec. 16, Garbarino said he was disappointed that Plankey’s nomination had languished but that he would be confirmed “hopefully soon.” Confirmation holds on both sides of the aisle in the Senate played a significant part in the failure to confirm Plankey. Sen. Rick Scott (R-FL) blocked Plankey’s nomination due to a Coast Guard issue. At the same time, Sen. Ron Wyden (D-OR) held up Plankey’s nomination to force CISA to release an unclassified report on telephone network security. CISA promised in July that it would release the report, but has yet to do so. Keith Chu, a spokesperson for Wyden, tells CSO the senator will continue to object to confirming any CISA director until the telecommunications security report is released. CISA 2015 reauthorization: Likely, but late and suboptimal A major cybersecurity bill called the Cybersecurity Information Sharing Act of 2015 (CISA 2015), which expired on Sept. 30, was temporarily revived on Nov. 13 and given a two-month lease on life through Jan. 30, 2026. The law provides critical legal liability protections that enable cyber threat information sharing among organizations and the federal government. The short-term extension seemed to ensure a longer-term renewal of the legislation, as lawmakers, the administration, and industry broadly agree that failure to extend the legal liability protection under CISA 2015 is unacceptable. “It’s very important,” US Representative Garbarino said at the McCrary event. “It is imperative that it gets passed, and it gets extended. I don’t know how it gets done on its own. I feel like we have to attach it to another must-pass piece as legislation, whether that’s government funding, but we need it passed.” In an emailed statement, CISA Director of Public Affairs Marci McCarthy tells CSO, “Reauthorizing the Cybersecurity Information Sharing Act of 2015 is vital to sustaining this progress — enabling industry and government to share information, respond to incidents, and mitigate cyber risks with speed and precision.” White House National Cyber Director Sean Cairncross has said, “I just want to be abundantly clear that we are for, and the White House is for, a 10-year clean reauthorization of CISA 2015.” With this tight level of agreement and support, odds are good that Congress will eventually reauthorize the legislation, although it is likely to be less than the 10-year renewal period advocates of the bill’s reauthorization seek. “Our colleagues in the Senate have different ideas,” Garbarino said. “Some of them want to do a 10-year clean reauthorization. I don’t know if I can get that passed in the House with concerns from the Freedom Caucus chairman,” Andy Harris (R-MD), who has urged a go-slow approach to CISA 2015. Even if Garbarino gets CISA 2015 through the House, some experts say a clean reauthorization would likely still be opposed by Senate Homeland Security Committee Chair Rand Paul (R-KY), who blocked the Senate from passing a bill to extend the law. State and local cyber grants: Effectively dead for now A murky picture emerges for another piece of unfinished business in Congress: a state and local cybersecurity grant program (SLCGP) administered by CISA. Most of the remaining funds in the $1 billion program were hollowed out via Elon Musk’s Department of Government Efficiency in early 2025. In November, the House of Representatives passed the PILLAR Act, which extended the program until 2033, but did not specifically allocate a dollar amount for future grants. Chairman Garbarino thinks there’s a good chance that the SLCGP could get funded. “I have a great partner on appropriations, Chairman Amodei,” he said at the McCrary event, referring to Mark Amodei (R-NV), who is Chairman of the House Appropriations Homeland Security Subcommittee. “We’re trying to find a vehicle to attach it to and get it done.” Some experienced Washington hands, such as CSIS’s Lewis, are skeptical. “I don’t think they’re [the state and local grants] ever coming back,” he tells CSO. When will Washington move forward? It’s unclear whether or when the remaining unresolved issues might move forward. “I think the Congress is probably going to do the right thing, but it will take longer because you don’t have executive branch leadership,” Lewis says. “Then they still have to [understand where] the White House is coming from, which is no money, no new authorities, and smaller agencies, before they can get anything in place. If we’re lucky, we’ll see it before the summer break, but it’s going to be a slow process.” It is also possible that an upcoming White House cybersecurity strategy might touch on some of these programs. Some experts say the bipartisan nature of cybersecurity gives them hope. “Cybersecurity and, particularly, protecting critical infrastructure and defending US networks, remain a bipartisan issue,” Schwartz says. “That makes me feel better about the possibility of getting to a point where we are moving forward again.” View the full article
-
Security-KPIs und -KRIs: So messen Sie Cybersicherheit
Cybersicherheit zu messen, ist kein Kinderspiel. Foto: Ultraskrip – shutterstock.com Eine wichtige Säule jedes ausgereiften Cyberrisk-Programms ist die Fähigkeit, die Performance der IT-Security und registrierte Bedrohungen zu messen, zu analysieren und zu melden. Die Cybersecurity zu messen, ist allerdings kein leichtes Unterfangen: Einerseits, weil sich viele Führungskräfte ohne entsprechenden Background schwer tun, IT-Risiken zu verstehen. Andererseits verstricken sich Sicherheitsprofis auch zu oft in technische Details, die die Stakeholder verwirren und auf den falschen Weg führen. Das ideale Szenario: Security-Experten messen und reporten die Cybersicherheit auf eine Art und Weise, die für Führungskräfte leicht verständlich und nützlich ist – was zu umsetzbaren Ergebnissen führt. Klingt gut? Dieser Artikel vermittelt Ihnen, wie Sie das anstellen. Messkategorien der IT-Sicherheit Die meisten Stakeholder beschäftigen Fragen zu Risiken, Compliance oder Sicherheit. Diese lassen sich jedoch in der Regel nicht mit einem einzigen Datenpunkt beantworten. Doch es gibt eine Reihe von Dingen, die Security-Profis messen können, um auf die Fragen und Bedenken der Stakeholder einzugehen. Diese lassen sich (grob) in folgende Kategorien einordnen: Kontrollen: Maßnahmen, die ergriffen werden, um Bedrohungen abzuwehren und Risiken zu reduzieren. Assets: Jeder Gegenstand, der für die Organisation einen Wert besitzt, beziehungsweise sich in ihrem Besitz befindet. Vulnerabilities: Schwachstellen in einem System, die ausgenutzt werden können. Threat Events: Von einer Bedrohung ausgelöste Ereignisse, die Assets potenziell Schaden zufügen können. Sicherheitsvorfälle: Ereignisse, die “erfolgreich” Wirkung auf das Unternehmen entfaltet haben, etwa in Form von (System-)Ausfällen, Datenschutzverletzungen oder Cyberangriffen. Diese Kategorien lassen sich weiter nach verschiedenen Faktoren aufschlüsseln: Zahlen, Zeit oder Kosten. Zahlen könnten beispielsweise in Form des Prozentsatzes der ungepatchten Server gemessen werden. Eine weitere Möglichkeit: Sie messen die Zeit, die benötigt wurde, um einen Sicherheitsvorfall zu identifizieren. Schließlich könnten Kosten – zum Beispiel in Form von Wiederherstellungs- oder Ausfallkosten – Aufschluss über die finanziellen Auswirkungen von Security-Ereignissen geben. Cybersicherheits-Metriken, -KPIs und -KRIs Wenn Security-Profis oder -Entscheider an Business Teams berichten, sollten sie dazu möglichst relevante Messerwerte wählen. Dabei konzentrieren sich die meisten Sicherheitsteams auf Metriken, die Low-Level-Messungen bezüglich Assets, Schwachstellen und Threat Events abbilden. Auf Führungs- und Vorstandsebene sind hingegen vor allem KPIs (Key Performance Indicators) und KRIs (Key Risk Indicators) entscheidend, weil diese dazu beitragen können, spezifische Fragen in Bezug auf IT-Risiko, -Status und -Vorbereitung zu beantworten. Beispielsweise: Sind wir sicher? Liefern die Sicherheitsinvestitionen dem Unternehmen Mehrwert? Erfüllen wir aus Sicherheitsperspektive alle regulatorischen Anforderungen? Wie gut sind wir auf Ransomware- oder Supply-Chain-Angriffe vorbereitet? Deshalb sollten sich Security-Praktiker auch auf KPIs und KRIs konzentrieren. Sie wollen weitere interessante Beiträge rund um das Thema IT-Sicherheit lesen? Unser kostenloser Newsletter liefert Ihnen alles, was Sicherheitsentscheider und -experten wissen sollten, direkt in Ihre Inbox. Jetzt CSO-Newsletter sichern Cybersecurity messen in 5 Schritten Der Aufbau des richtigen Messrahmens ist ein schrittweiser, iterativer Prozess. Im Folgenden die fünf wichtigsten Schritte, um einen Security Measurement Cycle aufzubauen. 1. Anforderungen definieren Sprechen Sie mit relevanten Stakeholdern, um deren Bedürfnisse zu definieren und zu verstehen. Diese haben zu diesem Zeitpunkt möglicherweise noch kein umfassendes Verständnis über IT-Risiken – oder ihre eigenen Anforderungen. Deshalb ist für Security-Praktiker ein Bottom-Up-Ansatz empfehlenswert, bei dem sie selbst die Initiative ergreifen und Fragen zu stellen, um die Anforderungen definieren zu können. 2. Key Indicators auswählen Sobald die Anforderungen der Stakeholder definiert sind, sollten Sicherheitsexperten diejenigen Key Indicators auswählen, die auf diese einzahlen. Dabei sollten die Stakeholder konsultiert und über die beabsichtigten, späteren Messungen informiert werden. Wenn die Stakeholder die Key Indicators kennen, können sie Maßnahmen ergreifen oder Entscheidungen treffen. Die Schlüsselindikatoren sollten auf hoher Ebene angesiedelt sein – und ihre Anzahl überschaubar bleiben. Das Ziel besteht schließlich darin, die Entscheidungsfindung zu erleichtern. 3. Metriken identifizieren Nachdem Ziele und Key Indicators festgelegt sind, gilt es für die Sicherheitsteams, die Low-Level-Messgrößen zu fokussieren, die dabei unterstützen, die Indikatoren zu reporten. Das kann – je nach Art des Indikators – bedeuten, dass Dutzende von Metriken aus den verschiedenen oben beschriebenen Messkategorien erforderlich sind. 4. Metriken sammeln und analysieren Da die Anforderungen nun feststehen, die Schlüsselindikatoren ausgewählt und die Messgrößen festgelegt sind, können die Praktiker nun damit beginnen, Daten auf dieser Grundlage zu sammeln und zu analysieren. Metriken dürfen dabei nur aus Daten abgeleitet werden, die akkurat, aktuell, relevant und vertrauenswürdig sind. Anderenfalls kann es zu Entscheidungen kommen, die schwerwiegende Folgen für die Sicherheitslage des Unternehmens nach sich ziehen. Es ist die Aufgabe der Security-Teams, Wege zu finden, Daten kontinuierlich zu sammeln (die meisten Messungen erfordern einen Überblick über Trends im Zeitverlauf) und den Prozess vorzugsweise so weit wie möglich zu automatisieren (ein manueller Prozess kann ermüdend und zeitaufwändig sein). 5. Key Indicators reporten Key Indicators müssen zeitnah an die Entscheidungsträger reported werden. Dabei sollten sich Security-Profis und Stakeholder auf einen zeitlichen Rhythmus einigen – ebenso wie über die Art der Berichterstattung: Sind Dashboards erforderlich oder reichen Powerpoint-Präsentationen aus? Die Schlüsselindikatoren sollten deutlich sichtbar und leicht verständlich sein, um zu Entscheidungen oder Maßnahmen zu führen. Darüber hinaus ist es wichtig, nach jedem Berichtszyklus die Key Indicators zu überprüfen und sie (unter Einbeziehung der Stakeholder) neu zu bewerten. Haben sich die geschäftlichen Anforderungen tatsächlich geändert, müssen die Anforderungen erneut definiert und ein anderer Satz von Indikatoren und Messgrößen erarbeitet werden. Unternehmen, Stakeholder und Sicherheitsexperten sollten keine Angst vor Rückwärts- oder Vorwärtsschritten haben: Die Fähigkeit, nach einem schnellen Fail direkt weiterzumachen, zu improvisieren oder sich neu auszurichten sind entscheidende Fähigkeiten, wenn es darum geht, Cybersicherheit erfolgreich zu messen. (fm) Dieser Beitrag basiert auf einem Artikel unserer US-Schwesterpublikation CSO Online. View the full article
-
January 2026 Microsoft Patch Tuesday: Actively exploited zero day needs attention
Eight critical vulnerabilities and an actively exploited zero day highlight Microsoft’s first Patch Tuesday announcements for 2026. Most of the higher scoring vulnerabilities impact Office products, with two holes in SharePoint scoring an 8.8 on the CVSS scale. “Last year’s abuse of SharePoint by Chinese APTs to deploy ToolShell against organizations should serve as a warning that SharePoint- and Office-related vulnerabilities can quickly become popular with threat actors,” noted Nick Carroll, cyber incident response manager at Nightwing. The other vulnerability that scored a CVSS rating of 8.8 is CVE-2026-20868 for the Windows Routing and Remote Access Service. This is a heap-based buffer overflow that allows an unauthorized attacker to execute code over a network. There’s also a patch for a lower-scoring hole in this service (CVE-2026-20843) that allows an elevation of privilege. Desktop Windows Manager Arguably, the vulnerability that should draw the attention of CSOs is CVE-2026-20805, because it’s already being exploited. No public proof-of-concept code has been disclosed. It is a hole in Desktop Windows Manager (DWM) that allows a locally authenticated attacker to view information in memory to help them weaken system protections, and from that go deeper into IT systems that rely on DWM. Exploitation requires local access with low privileges and no user interaction, note researchers at Action1, making it feasible for attackers already present on a system. For organizations, this vulnerability increases the risk of successful multi-stage attacks, said Jack Bicer, director of vulnerability research at Action1. Leaked memory details can be combined with other vulnerabilities to achieve privilege escalation or allow data theft, potentially leading to broader system compromise, regulatory exposure, and loss of trust. If the patch can’t be applied immediately, he said, admins should limit local access, enforce least-privilege policies, and closely monitor systems for suspicious local activity. “From a risk perspective, this issue materially increases the success rate of follow on exploits,” warned Bicer, “and should be viewed as an attack enabler rather than a standalone flaw.” Satnam Narang, senior staff research engineer at Tenable, called DWM a “frequent flyer” on Patch Tuesday, with 20 CVEs patched in this library since 2022. But, he added, this is the first time researchers have seen an information disclosure bug in this component exploited in the wild. More priorities Executives should also prioritize rapid patching and risk reduction efforts this month around the Windows Local Security Authority Subsystem Service Remote Code Execution, Windows Graphics Component Elevation of Privilege, and Windows Virtualization Based Security Enclave Elevation of Privilege flaws, Bicer said, as these vulnerabilities directly enable full system or trust boundary compromise. Strategic focus should include accelerating patch deployment for critical and important flaws, reducing unnecessary local access, hardening authentication paths, and closely monitoring for abnormal privilege escalation behavior, Bicer said. “The Desktop Window Manager Information Disclosure should be addressed in parallel due to confirmed exploitation and its role in enabling chained attacks,” he added. Secure Boot certificates Security experts also drew attention to Microsoft’s warning that certain Secure Boot certificates issued in 2011 will expire in June or October unless updates included in the January patches are installed. Details are included in CVE-2026-21265. Secure Boot prevents malicious code from loading during the Windows startup process; systems not updated in time may become vulnerable to Secure Boot bypasses. Chris Goettl, vice-president of product management at Ivanti, called this “a ticking time bomb for enterprise security that IT teams need to act on now before facing serious operational issues.” Additionally, Tyler Reguly, associate director of security R&D at Fortra, noted that the Microsoft documentation of fixes for the expiring certificates isn’t a single page, but contains a multitude of links – including an entire deployment playbook for IT professionals. “With less than half a year to prepare, it is time to ensure that environments and teams are prepared for this update,” he said. More likely for exploit Reguly also said one of the more interesting updates this month is a fix for a Windows Agere Soft Modem Driver elevation of privilege (CVE-2023-31096) issue. “It is not often that you see a CVE from three years ago show up, but Microsoft is finally cleaning up a problem that has been around for a while,” he said. This driver ships with Microsoft Windows, but according to a post about this vulnerability, the driver has been end of life since 2016. The solution to this vulnerability is simply to remove the impacted drivers, agrsm64.sys and agrsm.sys, from systems. Nick Carroll of Nightwing says security leaders should pay attention to patching vulnerabilities that Microsoft says are more likely to be exploited. These are: an improper handling of permissions in Windows Error Reporting (CVE-2026-20817) that could allow an authorized attacker to elevate privileges locally; a buffer overflow in Windows Common Log File System Driver (CVE-2026-20820) that could lead to an authorized attacker to elevate privileges locally; a buffer overflow that could lead to remote code attacks in Windows NTFS (CVE-2026-20840). This is one of two NTFS issues flagged this month, noted Kev Breen, senior director of cyber threat research at Immersive. If technical details are made public, this could become an n-day vulnerability, he warned, creating a narrow window in which IT can apply patches before exploitation becomes widespread; an issue with Windows Ancillary Function Driver for WinSock that can let an authorized attacker elevate privileges locally (CVE-2026-20860); an elevation of privilege issue in Desktop Windows Manager (CVE-2026-20871); a remote code execution vulnerability in Windows NTFS (CVE-2026-20922). SAP updates Separately, SAP released 19 new or updated security patches, including six HotNews Notes and four High Priority Notes. One of the most important is a critical SQL injection vulnerability in S/4HANA Private Cloud and On-Premise (Financials – General Ledger), tagged with a CVSS score of 9.9. Exploitation can lead to full system compromise by low-privileged users. In addition, a code injection vulnerability, with a CVSS score of 9.1, was patched in S/4HANA Private Cloud and On-Premise. Oracle and Mozilla Researchers at Ivanti note that Mozilla released a trio of updates for Firefox and Firefox ESR resolving a total of 34 CVEs. All three updates have an Impact rating of High. Two of the CVEs are suspected to have been exploited (CVE-2026-0891 and CVE-2026-0892). Both are resolved in Firefox 147 (MFSA2026-01) and CVE-2026-0891 is resolved in Firefox ESR 140.7 (MFSA2026-03). Finally, researchers at Nightwing note that Oracle admins should be ready for the first of the company’s four major patch days a year, which this year falls on Tuesday January 20. There should be a pre-release announcement on January 15 that will help organizations prepare for what’s coming. View the full article
-
Cybersecurity risk will accelerate this year, fueled in part by AI, says World Economic Forum
Cybersecurity risk will accelerate this year, fueled by advances in AI, deepening geopolitical fragmentation and the complexity of supply chains, the World Economic Forum (WEF) says in its annual Global Cybersecurity Outlook. The way to combat it, however, isn’t new, the report adds. “Ultimately, strengthening collective cyber resilience has become both an economic and a societal imperative. Cybersecurity is a frontier where collaboration remains not only possible, but powerful — a reminder that, even amid fragmentation, economic strain and uncertainty, collective action can drive progress for all.” The coming year will test not only global technological preparedness but also the capacity to align policy, ethics, and collaboration in defending an increasingly digital world, the report says. Issued Monday, the 64 page report is based partly on answers to 19 questions from a survey last fall responded to by 804 C-suite executives, academics, civil society and public-sector cybersecurity leaders in 92 countries. That included 316 CISOs. Additional material was gathered from workshops, including a session with 21 executives from the forum’s Centre for Cybersecurity’s CISO community. This is the fifth annual cybersecurity report from the WEF. Last year’s edition found that a series of compounding factors — geopolitical tension, intricate supply chains, regulatory proliferation and rapid technological adoption — were creating an era of escalating complexity and unpredictability, and this year’s continues the theme. Among the latest report’s main findings: AI is anticipated to be the most significant driver of change in cybersecurity in 2026, according to 94% of survey respondents; 87% of respondents said AI-related vulnerabilities had increased in the past year. Other cyber risks that had increased were (in order) cyber-enabled fraud and phishing, supply chain disruption, and exploitation of software vulnerabilities; confidence in national cyber preparedness continues to erode, with 31% of survey respondents reporting low confidence in their nation’s ability to respond to major cyber incidents, up from 26% last year. Confidence levels vary greatly across regions, with 84% of respondents from the Middle East and North Africa being confident in their country’s ability to protect critical infrastructure, and only 38% of North American respondents confident their countries were prepared; asked to rate their own organization’s cyber resilience, 23% of representatives from public sector and international organizations thought their readiness was insufficient. By contrast, only 11% of private sector respondents thought negatively about their firms; 91% of organizations with more than 100,000 employees have changed their cybersecurity strategies due to geopolitical volatility. Interestingly, CEOs and CISOs weren’t always on the same page when it came to rating cyber risks for their organizations. In the 2025 survey, most CEOs said ransomware, cyber-enabled fraud and phishing, and supply chain disruption were their biggest cyber concerns. This year, cyber-enabled fraud and phishing shifted to number one, followed by AI vulnerabilities and exploitation of software vulnerabilities. On the other hand, while most CISOs also said ransomware was their top concern in the 2025 survey, they reversed the CEO’s order to list supply chain disruption second, then cyber-enabled fraud and phishing. And in the latest survey, ransomware and supply chain disruption were still the top two, but the third worry is now exploitation of software vulnerabilities. This suggests that CEOs tend to be more concerned about the broader business impacts of frauds, the report says, while for CISOs, the concern over ransomware reflects the significant operational disruption a successful ransomware attack can inflict on the availability of critical information technology (IT) and operational technology (OT) systems. Related content: 8 things CISOs can’t afford to get wrong in 2026 The WEF report focuses on AI because leaders believe it will be the most significant driver of change in cybersecurity this year. The widespread integration of AI systems adds an expanded attack surface that creates novel vulnerabilities that traditional security controls were not designed to address, the report says. In addition, threat actors are leveraging AI to enhance the scale, speed, sophistication, and precision of their attacks. However, defenders can also use AI, to strengthen their cyber capabilities. But, the report stresses, “AI’s benefits are contingent on disciplined execution. Poorly implemented solutions can introduce new risks — misconfiguration, biased decision‑making, over‑reliance on automation, and susceptibility to adversarial manipulation — unless organizations embed robust guardrails, security‑by‑design practices and continuous monitoring.” “The implication is clear,” says the report. “AI can improve cybersecurity, but only when deployed within sound governance frameworks that keep human judgement at the center. At the same time, too many controls can create friction, so it is essential to strike a careful balance.” One sign this may already be happening: 64% of respondents said their organization has a process in place for assessing the security of AI tools before deploying them, up from 37% in the previous survey in the fall of 2024. The survey data shows 77% of respondents said their organizations have adopted AI for cybersecurity, primarily to enhance phishing detection (52%), intrusion and anomaly response (46%), and user behavior analytics (40%). But when asked about the practical challenges of adopting AI for cybersecurity, respondents listed insufficient knowledge and/or skills (54%), the need for human oversight (41%), and uncertainty about risk (39%) as the main hurdles. These findings indicate that trust is still a barrier to widespread AI adoption, the report concludes. “As organizations navigate the integration of AI into their security operations, the balance between automation and human judgement becomes increasingly critical,” says the report. “While AI excels at automating repetitive, high-volume tasks, its current limitations in contextual judgement and strategic decision making remain clear. Over-reliance on ungoverned automation risks creating blind spots that adversaries may exploit.” Related content: Cybercrime is moving beyond financial gains While AI continues to dominate the cybersecurity landscape, several other technologies and threat vectors are quietly gaining traction in the background and are expected to affect cybersecurity by 2030, says the report. These include autonomous systems and robotics, quantum technologies, digital currencies, space technologies and undersea cables, and natural disasters and climate change. By the end of the decade, autonomous systems will be a near-term factor, from AI assisting in analysis to its directing of physical actions in factories, logistics, healthcare and public spaces. This evolution could create a new cyber‑physical risk profile, where machine‑executed decisions can alter safety and service quality within seconds, compressing detection and response windows. By 2030, quantum technology will have evolved from a theoretical disruptor into a selective but material threat to cryptography, the report predicts. State-level or well-resourced actors may be capable of quantum-accelerated attacks on high-value targets, even as full-scale code breaking remains rare. At the same time, defenders will harness quantum-enhanced analytics and sensing for anomaly detection, creating a dynamic attacker-defender race. Ultimately, the report concludes, building a secure digital future requires more than technical solutions. “It calls for decisive leadership, shared accountability, and a commitment to lifting the collective baseline — ensuring that resilience is accessible to all, not just the most well-resourced. As the boundaries between digital and physical worlds continue to blur, the organizations that thrive will be those that recognize cyber resilience as a shared, strategic responsibility — one that underpins trust, enables innovation and safeguards the interconnected foundations of global society.” View the full article
-
Ransomware-Banden erpressen Opfer mit Compliance-Verstößen
Digitala World – shutterstock.com Ransomware-Attacken zählen nach wie vor zu den häufigsten Angriffsmethoden. Wie aktuelle Analysen zeigen, drohen Cyberbanden ihren Opfern nun vermehrt damit, Verstöße gegen Vorschriften wie die DSGVO an die Aufsichtsbehörden zu melden. So haben Forscher des Security-Anbieters Akamai bereits in den vergangenen zwei Jahren einen zunehmenden Trend bei dieser Taktik beobachtet. Als Beispiel verweisen die Sicherheitsspezialisten auf die Ransomware-Gruppe Anubis. Die Mitglieder würden sich hauptsächlich auf Branchen mit hohen Compliance-Risiken wie das Gesundheitswesen konzentrieren. Auch die berüchtigte Ransomhub-Bande setzt demnach auf diese Methode. So soll sie ihre Partner ausdrücklich dazu ermutigt haben, gehackten Unternehmen regulatorische Strafen anzudrohen. Folgen für Unternehmen „Das setzt Unternehmen unter einen doppelten Druck, der kaum zu bewältigen ist“, erklärt Klaus Hild, Manager Solution Engineering Enterprise bei SailPoint, gegenüber CSO. Sie müssten zwischen Lösegeldzahlung und potenziell ruinösen Strafen sowie Reputationsverlust abwägen. „Diese ‘Compliance-Erpressung’ ist keine theoretische Bedrohung mehr – sie ist zum Standardverfahren von Ransomware-Kartellen geworden“, so der Experte. Tim Berghof, Security Evangelist bei G DATA, bestätigt auf Nachfrage von CSO, dass es sich bei dieser Vorgehensweise technisch gesehen zwar nur um eine Erweiterung der „branchenüblichen” Double Extortion handelt, aber massive Folgen mit sich bringen kann. „Selbst, wenn eine erfolgte Anzeige sich als gegenstandslos erweist. Behördliche Ermittlungsverfahren erzeugen Aufsehen, binden Ressourcen und werden potenziell publik.“ KI verstärkt Angriffe Hild verweist auf ein weiteres Problem: „KI-gestützte Tools beschleunigen diese Angriffe dramatisch. Kriminelle können heute innerhalb weniger Stunden nach einem Datendiebstahl gestohlene Dokumente auf ‘materielle’ Compliance-Verstöße screenen – schneller und präziser, als viele Unternehmen ihre eigenen Systeme auditieren können.“ Der SailPoint-Spezialist führt aus: „Sie erstellen detaillierte, rechtlich fundierte Beschwerden für Behörden und setzen enge Fristen. Mit neuen Regulierungen wie DORA in der EU und verschärften SEC-Meldepflichten wächst das Arsenal dieser Erpresser stetig.“ Berghoff fasst zusammen: „Die Frage bleibt, was für Unternehmen die glimpflicheren Folgen hat: Eine Selbstanzeige oder die anonyme Meldung bei der zuständigen Behörde durch eine Gruppe Krimineller. Da es auch in einigen Bereichen noch viel Unsicherheit um das Thema Compliance gibt, fallen Drohungen mit Behörden hier auf potenziell fruchtbaren Boden.“ View the full article
-
Ransomware-Banden erpressen Opfer mit Compliance-Verstößen
Digitala World – shutterstock.com Ransomware-Attacken zählen nach wie vor zu den häufigsten Angriffsmethoden. Wie aktuelle Analysen zeigen, drohen Cyberbanden ihren Opfern nun vermehrt damit, Verstöße gegen Vorschriften wie die DSGVO an die Aufsichtsbehörden zu melden. So haben Forscher des Security-Anbieters Akamai bereits in den vergangenen zwei Jahren einen zunehmenden Trend bei dieser Taktik beobachtet. Als Beispiel verweisen die Sicherheitsspezialisten auf die Ransomware-Gruppe Anubis. Die Mitglieder würden sich hauptsächlich auf Branchen mit hohen Compliance-Risiken wie das Gesundheitswesen konzentrieren. Auch die berüchtigte Ransomhub-Bande setzt demnach auf diese Methode. So soll sie ihre Partner ausdrücklich dazu ermutigt haben, gehackten Unternehmen regulatorische Strafen anzudrohen. Folgen für Unternehmen „Das setzt Unternehmen unter einen doppelten Druck, der kaum zu bewältigen ist“, erklärt Klaus Hild, Manager Solution Engineering Enterprise bei SailPoint, gegenüber CSO. Sie müssten zwischen Lösegeldzahlung und potenziell ruinösen Strafen sowie Reputationsverlust abwägen. „Diese ‘Compliance-Erpressung’ ist keine theoretische Bedrohung mehr – sie ist zum Standardverfahren von Ransomware-Kartellen geworden“, so der Experte. Tim Berghof, Security Evangelist bei G DATA, bestätigt auf Nachfrage von CSO, dass es sich bei dieser Vorgehensweise technisch gesehen zwar nur um eine Erweiterung der „branchenüblichen” Double Extortion handelt, aber massive Folgen mit sich bringen kann. „Selbst, wenn eine erfolgte Anzeige sich als gegenstandslos erweist. Behördliche Ermittlungsverfahren erzeugen Aufsehen, binden Ressourcen und werden potenziell publik.“ KI verstärkt Angriffe Hild verweist auf ein weiteres Problem: „KI-gestützte Tools beschleunigen diese Angriffe dramatisch. Kriminelle können heute innerhalb weniger Stunden nach einem Datendiebstahl gestohlene Dokumente auf ‘materielle’ Compliance-Verstöße screenen – schneller und präziser, als viele Unternehmen ihre eigenen Systeme auditieren können.“ Der SailPoint-Spezialist führt aus: „Sie erstellen detaillierte, rechtlich fundierte Beschwerden für Behörden und setzen enge Fristen. Mit neuen Regulierungen wie DORA in der EU und verschärften SEC-Meldepflichten wächst das Arsenal dieser Erpresser stetig.“ Berghoff fasst zusammen: „Die Frage bleibt, was für Unternehmen die glimpflicheren Folgen hat: Eine Selbstanzeige oder die anonyme Meldung bei der zuständigen Behörde durch eine Gruppe Krimineller. Da es auch in einigen Bereichen noch viel Unsicherheit um das Thema Compliance gibt, fallen Drohungen mit Behörden hier auf potenziell fruchtbaren Boden.“ View the full article
-
High-severity bug in Broadcom software enables easy WiFi denial-of-service
A high-severity flaw in Broadcom WiFi chipset software can allow an attacker within radio range to completely knock wireless networks offline by sending a single malicious frame, forcing routers to be manually rebooted before connectivity can be restored. The flaw, uncovered by the Cybersecurity Research Center (CyRC) at Black Duck during fuzz testing of 802.11 protocol implementations, affects 5GHz wireless networks and causes all connected clients, including guest networks, to be disconnected simultaneously. “Implementation-level flaws in protocols, such as 802.11, are often more difficult to detect than cryptographic weaknesses,” said Ben Ronallo, principal cybersecurity engineer at Black Duck. “Remediation of vulnerabilities in hardware/firmware is always slower due to the downstream effects needing to be fully tested. In the software world, the commonly cited deadline is 90 days, but for hardware or firmware, it’s closer to 180+ days.” The issue surfaced while researchers were testing ASUS routers for protocol robustness, but further investigation traced the root cause to software used in Broadcom chipsets rather than the router firmware itself. Broadcom has since issued a patch to its customers, and ASUS has released fixed firmware for affected devices, though a complete public list of impacted products remains unavailable. Broadcom did not immediately respond to CSO’s request for comments. A low-effort denial-of-service attack According to the advisory shared with CSO ahead of its publication on Tuesday, exploitation requires no authentication and works regardless of the configured wireless security settings. An attacker only needs to be within the range to transmit a specially crafted 802.11 frame, immediately rendering the access point unresponsive to all clients on the 5 GHz band. Devices cannot reconnect until the router is manually restarted, at which point the attack can be repeated indefinitely. James Maude, field CTO at BeyondTrust, said the findings echo early WiFi attacks that relied on de-authentication and denial-of-service (DoS) tactics. “Given the huge dependence on connectivity for personal devices and ever-increasing numbers of IoT and smart devices, the impacts could be significant,” he said. Maude warned that repeated outages could also enable “evil twin” scenarios, where a rogue access point poses as the legitimate network and tricks users into entering credentials through captive portals. The good news, Maude added, is that the flaw appears limited to 5GHz networks, meaning many environments may fall back to 2.4 GHz connectivity automatically, reducing immediate exposure. CyRC assigned the vulnerability a CVSS 4.0 score of 8.4 (high), driven primarily by its availability impact rather than data confidentiality or integrity loss. Testing was conducted using an ASUS RT-BE86U router running firmware versions 3.0.0.6.102_37812 and earlier, though the advisory cautioned that other devices using the same chipset software could be similarly affected. Chipset-level bugs linger Researchers said the vulnerability highlights why protocol-stack implementation remains open to serious flaws. “This attack is both easy to execute and highly disruptive, underscoring that even mature and widely deployed network technologies can still yield new and serious attack vectors,” said Saumitra Das, vice president of engineering at Qualys. “Because the attack can be launched by an unauthenticated client, encryption alone offers little protection.” Das emphasized the role of fuzz testing in uncovering such issues. “Over the years, fuzzing has uncovered a wide range of vulnerabilities, including buffer overflows in drivers, denial-of-service conditions, remote code execution, and performance instability,” he said, adding that the complexity of the WiFi stack makes subtle flaws hard to eliminate. Broadcom’s PSIRT reportedly confirmed that a patched version of the affected software has been released to customers, with device manufacturers expected to integrate the fix into their own firmware distributions. ASUS also rolled out a fix in firmware version 3.0.0.6.102_37841 and later. CyRC said specific technical details of the vulnerability were intentionally withheld due to the risk of widespread exploitation across wireless infrastructure. Recommendations include segmenting wireless networks, auditing for end-of-life access points, prioritizing patches based on business criticality, and closely monitoring network edges. View the full article
-
For application security: SCA, SAST, DAST and MAST. What next?
I have stared at enough scanner dashboards to recognize the pattern. SAST flags theoretical flaws that never execute. DAST shrugs because the route to the vulnerable function is blocked. SCA floods the zone with CVEs that never touch a hot path. MAST scolds my mobile app for secrets I retired last quarter. These tools are still essential, yet they now form a baseline rather than a destination. The next chapter is not another “silver bullet” product; it is a shift toward posture, provenance and proof. Sunil Gentyala Over the past year the community has admitted the obvious: the battleground is the software supply chain and the running system, not only pre‑release scans. OWASP’s 2025 update elevated software supply chain failures to A03, reframing vulnerable and outdated components as a systemic ecosystem risk that spans dependencies, build systems and distribution infrastructure (Endor Labs overview here). In parallel, CISA pushed SBOM guidance forward with a 2025 draft that demands richer, machine‑readable metadata and emphasizes automation for scale. Posture, provenance and proof: The new trinity Application security posture management (ASPM) is the control plane that makes the old quartet useful again. Gartner’s 2025 Innovation Insight described how ASPM connects scattered signals across the SDLC, enforces policy and prioritizes based on context, such as reachability and exposure in practice, which means pulling SAST, DAST, SCA, IaC and runtime findings into a single view, then filtering for the small subset that really matters. I prefer framing ASPM through a code to cloud lens because it mirrors how our systems actually work. The Wiz Academy guide lays out ASPM’s core capabilities, unified visibility, risk prioritization, policy enforcement and stresses continuous discovery across development, build and deployment. The goal is to cut alert fatigue while connecting code issues to runtime impact ASPM. This aligns with Gartner’s premise but adds practical detail about correlating repository signals, pipeline policies and cloud reality. Posture is the ‘what.’ Provenance is the ‘how’. The SLSA framework gives us a shared vocabulary and verifiable controls to prove that artifacts were built by hardened, tamper‑resistant pipelines with signed attestations that downstream consumers can trust (OpenSSF overview here). When I insist on SLSA Level 2 for most services and Level 3 for critical paths, I am not chasing compliance theater; I am buying integrity that survives audit and incident. Proof is where SBOMs finally grow up. Binding SBOM generation to the build that emits the deployable bits, signing them and validating at deploy time moves SBOMs from “ingredient lists” to enforceable controls. The CNCF TAG‑Security best practices v2 paper is my practical map, personas, VEX for exploitability, cryptographic verification to ensure tests actually ran, and prescriptive guidance for cloud‑native factories. Advisory: if your SBOM describes developer intent rather than what executes, you will miss the next recall. Generate SBOMs from the build that produced the binary, sign them, ingest VEX and gate deployments on verification. From dashboards to decisions: ASPM in practice A posture program is a set of habits, not just a platform. I start by unifying scanner outputs into a single risk register, but I refuse to triage in a vacuum. Findings must carry reachability evidence, data sensitivity tags and exposure context. That is where ASPM earns its keep. The Wiz Academy material underscores this code to cloud connection and shows how to reduce noise so developers see the few issues that block business rather than a wall of theoretical risk. Gartner’s framing makes the case for adoption in regulated environments where fragmented signals undermine remediation velocity. Two implementation notes from my own programs. First, wire ASPM to owners. Every finding needs a resolver and an SLA, or it is just a report. Second, gate risky builds. Policy enforcement is not a dashboard; it is a decision. If an artifact lacks provenance or a VEX shows exploitability in a reachable path, it does not ship. Advisory: Keep one policy source of truth. If security policy lives in three tools, developers will ignore all three. Supply chain rigor without theater Supply chain work can degrade into paperwork if we forget what matters. Integrity is the point. I keep SLSA simple. Level 2 quickly, Level 3 for critical paths. That means a hardened build service, isolated builds, signed provenance and a verified chain from source to artifact. SBOMs become operational once they are machine-readable, signed and validated on deploy. CISA’s 2025 draft tightened expectations for fields, formats and automation, which I welcome because it makes procurement and incident response faster and cleaner. The CNCF paper fills in the gaps. It explains how to couple SBOMs with VEX, add cryptographic checks for pipeline steps, and treat developer infrastructure as part of the supply chain. That last point matters because attackers increasingly target repositories, CI settings and artifact registries, not just code dependencies. Public sector guidance from CNCF echoes the same priorities for government workloads, with concrete lessons from SolarWinds, Log4Shell and xz. Advisory: never accept a vendor SBOM without a signature and a provenance attestation. If they cannot prove how the software was built, your risk calculus is guesswork. Runtime reality: Instruments, not illusions Prerelease testing is necessary but not sufficient. IAST instrumentation gives me runtime truth during QA, observing actual execution paths to reduce false positives and preserve developer context. In production, the mental model shifts to RASP, which blocks exploitation inside the application at the exact moment risky operations occur: SQL construction, OS exec, serialization, where WAFs cannot see. This is not a knock on WAFs; it is a recognition that network layer inspection and application layer introspection solve different problems. If you think perimeter controls are enough, two weeks in November 2025 should dispel that. CISA issued emergency guidance for Cisco ASA and FTD vulnerabilities (CVE‑2025‑20333, CVE‑2025‑20362) because agencies reported devices as “patched” that were still on vulnerable trains. The directive prescribed minimum versions, forensic checks and timelines, and reminded everyone that all devices must be updated, not only Internet‑facing ones (CISA press release). The lesson is portable: treat “patched” as a state with proofs. Validate minimum release trains, verify fleet‑wide and decommission end‑of‑support gear. Pair perimeter controls with application‑layer sensors and container runtime protection because your workloads increasingly live in Kubernetes and managed platforms. Market analyses confirm the shift toward orchestrated, cloud‑native estates where consistent runtime policy is possible (CNCF trend post here). Advisory: wire runtime telemetry to your TDIR practice. When RASP blocks an injection in production, that event should spawn code fixes, not just a closed alert. Securing AI and the supply chain ecosystems Among the nexts, AI is the most mercurial. NIST’s final 2025 guidance on adversarial ML split threats across PredAI and GenAI and called out prompt injection in direct and indirect form as the dominant exploit in agentic systems where trusted instructions co mingle with untrusted data (Meritak Overview; IBM explainer). The U.S. AI Safety Institute published work on agent hijacking evaluations, which I treat as required red‑team reading for anyone delegating actions to tools (NIST AISI blog). For builders, the July 2024 NIST SP 800‑218A community profile extends SSDF into generative AI and dual-use foundation models. It covers threat modeling prompts, securing training data pipelines, isolating model operations and binding model documentation to secure development practices. At the language layer an unfashionable recommendation turned mainstream. In June 2025 NSA and CISA urged adoption of memory‑safe languages with pragmatic migration guidance for legacy estates—start where it matters most, integrate incrementally and shield old modules behind hardened FFI (NSA/CISA CSI). Language choices that erase entire bug classes If you want to delete vulnerability classes, stop writing them. In June 2025, NSA and CISA published a joint CSI urging adoption of memory-safe languages with pragmatic migration guidance for legacy estates. Start where it matters, integrate incrementally and shield old modules behind hardened FFI. This is not academic posturing. Buffer overflows, use after free and data races erode resilience and cost real money. Memory-safe languages reduce those risks by design. Advisory: mandate memory-safe languages for net new development, plan migrations for high-risk modules and publish a runway with dates and metrics. Explain the why using NSA and CISA guidance, then measure the results. Where SCA, SAST, DAST and MAST fit now They remain foundational when docked into a posture‑centric program. SAST still catches design and implementation flaws, but I insist on reachability analysis and developer‑first remediation inside the IDE; feed SAST into ASPM for context so theoretical issues do not overwhelm real ones. DAST is indispensable for pre‑release exposure, yet I pair it with IAST to observe live code paths and reduce false positives. SCA moves beyond CVE lists when SBOM generation binds to builds and VEX cuts noise; CNCF best practices and CISA’s 2025 SBOM draft describe how to do this well. MAST keeps mobile hardening honest, but I roll secret hygiene and secure storage checks into the same lifecycle controls used for server apps. Leadership advisory: what I implement next This is the operating model I have shipped in regulated environments that cannot afford to be wrong. ASPM as control plane. Unify signals, deduplicate and rank by exploitability—reachability, exposure, data sensitivity. Route ownership automatically and use policy gates on risky builds. Supply chain rigor. Adopt SLSA levels, require signed SBOMs and attestations, and validate at deploy. No artifact without provenance, no deploy without verification. Runtime protection. Embed RASP in application stacks, enforce container runtime controls and keep WAF at the edge. Wire events to your TDIR pipeline so blocking in production triggers fixes in code. Secrets lifecycle and machine identities. Central vaulting, automated rotation, least privilege everywhere, mutual TLS for service‑to‑service authentication. AI security program. Adopt NIST SP 800‑218A, red‑team agents for hijacking, enforce privilege separation and monitor outputs. Language policy. Mandate memory‑safe languages for net‑new development, plan migrations for high‑risk modules and use NSA/CISA’s guidance to educate stakeholders. Conclusion SCA, SAST, DAST and MAST remain the bedrock, but they are most effective when orchestrated by ASPM, proven by SLSA and SBOMs, and defended by runtime controls. Add AI-specific safeguards and memory‑safe languages, and you move from chasing findings to making decisions with confidence. That is my “what next.” This article is published as part of the Foundry Expert Contributor Network. Want to join? View the full article