Newly observed malware campaign likely combines AI and ClickFix
Using the techniques in tandem helps hackers evade detection, a security firm said. Source link
Category: CyberSecurityDive
Citrix NetScaler products confirmed to be under exploitation
Security researchers at watchTowr warn that multiple flaws are involved in the early stages of a hacking spree that could rival the 2023 CitrixBleed campaign.…
Why user behavior is the primary entry point for cyberattacks
Human error still drives 60% of breaches — here’s why attackers keep targeting users. Source link
Identity is the first line of defense, especially in an AI-fueled threat landscape
Two new reports illustrate why companies need to do a better job of scrutinizing what their human employees and AI agents are doing. Source link
Espionage campaign targets telecom with stealthy Linux-based backdoor
A China-nexus actor has been able to gain long-term access in a bid to gather intel on government agencies and critical infrastructure providers. Source link
Congress wants details from White House on cyber strategy, Iran resilience measures
Lawmakers’ aides from both parties say they want to be kept in the loop on implementation. Source link
‘Do not shift budgets to AI’: How businesses should and shouldn’t respond to evolving threats
Experts said companies rushing to buy AI services risked letting their existing, still-vital defensive measures deteriorate. Source link
Iran-linked ransomware operation targeted US healthcare provider
The Pay2Key group may have shifted its aims from extortion to destruction. Source link
FCC bans import of consumer-grade routers amid national security concerns
The decision follows years of escalating attacks against the U.S. from state-linked threat groups targeting routers and edge devices. Source link
Companies face difficult choices in blaming hackers for an attack
Publicly naming a hacking group can affect everything from retaliation to insurance coverage. Source link
The CVE Program, a bedrock of global cyber defense, is teetering on the brink
A funding scare, AI and similar international initiatives are raising existential questions about the program’s future. Source link
Cybercrime groups speed up initial access handoff through planning, coordination
A report by Google Threat Intelligence Group also shows voice-based phishing has surged amid a rise in social engineering tactics. Source link