AI is changing cybersecurity faster than many defenders realize. Attackers are already using AI to automate reconnaissance, generate sophisticated phishing lures, and exploit vulnerabilities before security teams can react. Meanwhile, defenders are overwhelmed by massive amounts of data and alerts, struggling to process information quickly enough to identify real threats. AI offers a way to […]
Author Archives: Onsite Computing, Inc.
A threat actor with ties to Pakistan has been observed targeting various sectors in India with various remote access trojans like Xeno RAT, Spark RAT, and a previously undocumented malware family called CurlBack RAT. The activity, detected by SEQRITE in December 2024, targeted Indian entities under railway, oil and gas, and external affairs ministries, marking […]
A threat actor has claimed responsibility for the alleged politically motivated attack and has uploaded the stolen data to a Dark Web forum. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
OpenAI is working on yet another AI model, reportedly called GPT-4.1, a successor to GPT-4o. […] Go to Source Author: Mayank Parmar
Phishing-as-a-service (PhaaS) platform Tycoon2FA, known for bypassing multi-factor authentication on Microsoft 365 and Gmail accounts, has received updates that improve its stealth and evasion capabilities. […] Go to Source Author: Bill Toulas
A new class of supply chain attacks named ‘slopsquatting’ has emerged from the increased use of generative AI tools for coding and the model’s tendency to “hallucinate” non-existent package names. […] Go to Source Author: Bill Toulas
Nations continue to sign the Code of Practice for States in an effort to curb commercial spyware, yet implementation and enforcement concerns have yet to be figured out. Go to Source Author: Arielle Waldman
The threat actor, also known as Goffee, has been active since at least 2022 and has changed its tactics and techniques over the years while targeting Russian organizations. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
Microsoft is testing a new Defender for Endpoint capability that will block traffic to and from undiscovered endpoints to thwart attackers’ lateral network movement attempts. […] Go to Source Author: Sergiu Gatlan
Fortinet has revealed that threat actors have found a way to maintain read-only access to vulnerable FortiGate devices even after the initial access vector used to breach the devices was patched. The attackers are believed to have leveraged known and now-patched security flaws, including, but not limited to, CVE-2022-42475, CVE-2023-27997, and CVE-2024-21762. “A threat actor […]