All news with #adversary emulation tag

🔒 Ransomware operators are shifting from noisy, disruptive attacks to covert, long-term intrusions focused on data theft and extortion. Picus Security's Red-Teaming report—based on simulations and analysis of 1.1 million malware files and 15.5 million MITRE-mapped actions—finds most common techniques aim to remain undetected. Adversaries increasingly chain vulnerabilities, route C2 through trusted services like OpenAI and AWS, and favor persistence over immediate encryption, though some vendors dispute a reduction in overall activity.

🔐 Google’s newest GTIG AI Threat Tracker outlines rising adversarial misuse of AI, documenting how threat actors are distilling models, experimenting with agentic capabilities, and integrating AI into malware and social engineering. The report highlights activity from groups including APT31, North Korean and Iranian actors, and malware families such as HONESTCUE. It underscores growing risks from model extraction, the emergence of illicit jailbreak services like Xanthorox, and recommends that AI providers monitor API access and adopt robust defenses.

🔍 Offensive security is becoming central to enterprise defenses as CISOs increasingly add red teams and institutionalize purple teaming to surface gaps and harden controls. Practices range from traditional vulnerability management and pen testing to adversary emulation, social engineering assessments, and security-tool evasion testing. Vendors are embedding automation, analytics, and AI to boost effectiveness and lower barriers to entry. While budget, skills, and the risk of finding unfixable flaws remain obstacles, leaders say OffSec produces the data-driven evidence needed to prioritize remediation and counter more sophisticated, AI-enabled attacks.