The CSO role is evolving fast with AI in Cyber Defense strategy
AI and cybersecurity are proving to be extremely challenging for organisations. AI is a double-edged sword – as used by threat actors and under effectively…
Category: CISOOnline
Threat intelligence by ESET is a game changer
Cyber threats have gained the upper hand on many global organizations, attacking through a relentless cycle of new phishing scams, malware attacks and deepfake incidents.…
OpenAI to acquire Promptfoo to strengthen AI agent security testing
“Red-teaming, governance, and evaluation tools are becoming the new table stakes,” said Neil Shah, VP for research at Counterpoint Research. “Security must be multi-layered, integrated…
Devs looking for OpenClaw get served a GhostClaw RAT
A malicious npm package posing as an OpenClaw Installer has been caught deploying a remote access trojan (RAT) on victim machines, according to new JFrog…
The OT security time bomb: Why legacy industrial systems are the biggest cyber risk nobody wants to fix
Segmentation first — without waiting for the big retrofit Instead of waiting a decade to replace every legacy component, I collaborate with many clients to…
Why access decisions are becoming the weakest link in identity security
The rise of the ‘digital employee’ The denominator is expanding again as organizations deploy AI-driven automation and agentic systems that act as virtual workers. These…
I replaced manual pen tests with automation. Here’s what I learned.
More accreditation and compliance requirements have been added in response to cyber incidents. While these frameworks play an important role in establishing security baselines, true…
When AI safety constrains defenders more than attackers
Security teams are being urged to adopt AI copilots for threat modeling, phishing simulations, and SOC workflows. Yet many of the most widely deployed, enterprise-approved…
Security-Tools für KI-Infrastrukturen – ein Kaufratgeber
bieten im Regelfall agentenlose Konfigurationen, greifen auf Cloud-basierte Modelle zu und belassen Daten auf den vorhandenen Plattformen. Letzteres dient sowohl der Sicherheit als auch dazu,…
Hacker abusing .arpa domain to evade phishing detection, says Infoblox
He pointed out that “.arpa” queries are typically pointer (PTR) queries for reverse lookups. In the malicious queries, normal address (A or AAAA) queries will…
CVE program funding secured, easing fears of repeat crisis
CISA ultimately stepped in at the last minute, issuing an emergency 11-month contract extension that kept the system running but left the global security community…
OpenAI says Codex Security found 11,000 high-impact bugs in a month
Flaws uncovered in proprietary and open-source projects In its first testing cycle, OpenAI said Codex Security scanned more than 1.2 million commits across external repositories,…