< ciso
brief />
Tag Banner

All news with #ai security tag

759 articles · page 20 of 38

OpenClaw Risks and Enterprise Exposure: What CISOs Must Know

⚠️ OpenClaw is a rapidly adopted local agent orchestration tool (formerly Clawdbot/Moltbot) that integrates with chat apps, operating systems, smart-home devices, browsers and productivity platforms and can be configured to use any LLM backend. Its GitHub repo and the Moltbook social layer saw millions of visits and hundreds of thousands of agents and downloads in recent weeks. Security researchers warn the tool is insecure-by-default: exposed instances, authentication bypasses, plaintext credentials and malicious third-party skills create serious enterprise risk. Organizations are advised to block traffic, rotate credentials and restrict experimentation to isolated, managed environments.
read more →

Smashing Security #454: AI panic, Moltbook, and risks

🤖 In episode 454 of the Smashing Security podcast Graham Cluley and guest Iain Thomson examine the Moltbook saga — an AI-only social network that sparked doomsday talk but largely reflected humans role-playing as bots. They also warn that “vibe coding” can be a dangerous design choice when security researchers can easily peek into private messages, API keys and databases. The show touches on pro-Russian hacker activity around the Winter Olympics and cites reporting from Forbes, Wired, Reuters, The Record and the BBC.
read more →

Context-Aware AI Resilience Testing for Financial Services

🛡️ Google Cloud outlines an AI-driven approach to operational resilience for financial institutions, using Gemini Enterprise to generate context-aware incident scenarios based on a customer's real production data. The Technical Account Management team ingests logs, architecture, SLAs and support history to craft bespoke timelines that test cross-functional response and communication. The program supports DORA readiness and has driven immediate remediation actions and process changes.
read more →

Strategic SIEM Buyer's Guide for the Modern AI-Ready Era

🔍 The Strategic SIEM Buyer’s Guide recommends that security leaders replace fragmented toolchains with a unified, cloud‑native platform that makes it inexpensive to ingest and retain telemetry, automatically shapes data into analysis‑ready form, and enriches it with graph‑driven intelligence. It highlights accelerating detection and response through real‑time correlation, automated investigation, and adaptive orchestration so analysts and AI can act faster. The guide also stresses rapid time‑to‑value via prebuilt connectors and turnkey content, and cites Microsoft Sentinel as an example of an AI‑ready end‑to‑end platform.
read more →

AI in Cybersecurity: Skills Gap Shapes Risk and Response

🤖 AI is now central to cybersecurity strategies, accelerating detection and automation while also enabling more sophisticated attacks. The 2025 Global Cybersecurity Skills Gap report finds 97% of organizations use or plan to use AI, but 48% cite lack of AI expertise as their biggest implementation challenge. Organizations must pair AI tooling with human oversight, training, and validation to avoid misconfiguration and false confidence. Fortinet highlights training and certifications to help close the gap.
read more →

Road-sign prompt injection threatens embodied AI systems

⚠️ New research introduces CHAI, a prompt-injection technique that embeds deceptive natural-language instructions into visual inputs to hijack embodied AI agents. The method systematically searches token space, builds prompt dictionaries, and crafts Visual Attack Prompts to mislead LVLM-powered systems. Experiments on drones, autonomous driving stacks, aerial tracking, and a real robotic vehicle show CHAI outperforms prior attacks and highlights the limits of conventional adversarial robustness.
read more →

AI-Enabled Cybercrime Tabletop: From Theory to Pressure

🔐 Fortinet and UC Berkeley's CLTC led the third AI-enabled cybercrime tabletop, Operation Black Ice, to test governance and executive decision-making under compressed timelines. The exercise showed AI accelerates impersonation and extortion, turning trust dependencies into primary attack surfaces. Key lessons: identity verification must be multi-channel, third-party disclosures must be predefined, and ransom choices require rehearsed coordination rather than improvisation.
read more →

Automate AWS Incident Investigation with Tines and AI

☁️This article introduces a pre-built Tines workflow—Investigate AWS issues with CLI data using agents—that brings AWS CLI output directly into cases, removing repetitive console logins and syntax guesswork. A lightweight, read-only agent executes context-aware CLI commands and returns results safely to the workflow. Optional AI-driven formatting or Tines transformations convert dense JSON into concise, human-readable summaries. The template can be imported, connected to an AWS credential, customized, tested, and will append findings into Tines Cases for auditability and team collaboration.
read more →

January 2026: Global Attacks Rise; Ransomware, GenAI Risk

⚠️ Check Point Research reports a global increase in cyber attacks in January 2026, with organizations experiencing an average of 2,090 attacks per organization per week — a 3% increase from December and 17% above January 2025. The rise is driven by expanding ransomware operations and mounting data‑exposure risks linked to widespread GenAI adoption. Critical sectors are under intensified pressure as threat activity accelerates and adversaries move faster.
read more →

Weekly Cyber Recap: AI Skill Risks and Massive DDoS

🔐 This week's briefing highlights attackers abusing trust across AI agents, update channels, and developer ecosystems. OpenClaw announced a partnership with VirusTotal to scan ClawHub skills after researchers discovered malicious packages and explosive typosquatting growth. High‑impact incidents include a 31.4 Tbps AISURU DDoS, a Notepad++ updater compromise delivering the Chrysalis backdoor, and an RCE in Docker's Ask Gordon AI assistant. Security teams should prioritize update integrity, supply‑chain controls, and agentic AI hygiene.
read more →

OpenClaw Adds VirusTotal Scanning to ClawHub Skills

🔒 OpenClaw has integrated VirusTotal malware scanning into its ClawHub skills marketplace to automatically vet published skills. Packages are hashed and analyzed with Code Insight (powered by Gemini); benign skills are auto-approved, suspicious ones receive warnings, and confirmed malicious skills are blocked and re-scanned daily. The move responds to documented malicious extensions and unauthorized enterprise deployments, though OpenClaw stresses scanning is not a complete defense against prompt injection or logic abuse.
read more →

From Solo to Squad: Cybersecurity Training in AI Era

🛡️ Infinity Global Services reports a clear shift in cybersecurity training procurement from 2023 to 2025, with organizations moving away from individual course purchases toward team-based subscription models. Technical expertise remains essential, but the rise of AI-driven threats is driving demand for collective, SOC-wide training approaches. The data indicates a 33% decline in solo purchases and a marked increase in squad-level subscriptions, signaling a strategic pivot to collaborative workforce development.
read more →

AI-assisted breach rapidly compromises AWS environment

⚠️ Researchers at Sysdig uncovered an attack that fully compromised an AWS environment in under eight minutes by exploiting a cloud misconfiguration and using LLMs to accelerate reconnaissance and exploitation. Attackers reused credentials found in public S3 buckets, modified a Lambda function to escalate privileges, moved laterally across numerous principals, and disabled model-call logging in Amazon Bedrock. Security experts warn that AI-enabled automation compresses attack timelines and reduces defenders' reaction windows.
read more →

Glean and Prisma AIRS: Real-Time AI Security Integration

🔒 Glean and Prisma AIRS have integrated to provide real-time AI threat protection that neutralizes prompt injections, blocks toxic or biased outputs, and inspects generated code and URLs for malicious patterns. The integration enforces organizational policy across chats and agent interactions and immediately blocks risky requests while notifying users. Deployment is designed to be frictionless—enable protection in three clicks by pasting a Prisma AIRS runtime API key into the Glean admin console.
read more →

Microsoft builds scanner to detect LLM hidden backdoors

🛡️ Microsoft has developed a scanner to detect hidden backdoors in open-weight language models, focusing on triggers and malicious behaviors inserted during training or fine-tuning. The tool flags three observable signatures — attention hijacking, leakage of poisoned training fragments, and sensitivity to partial triggers — and runs using forward passes only without retraining or backpropagation. It is designed to work with most causal, GPT-style models and to serve as an added layer of supply-chain security for enterprises using third-party or open-source models.
read more →

OpenClaw Risks and Mitigations for Security Teams Guide

🔒 OpenClaw is an open-source, agentic AI assistant that can run locally or on servers, connect to LLMs and external APIs, and autonomously perform actions such as sending email or controlling browsers. Its local storage of config and broad access (files, terminals, sometimes root) makes misconfigured deployments attractive as backdoors. CrowdStrike observed rapid adoption and internet-exposed instances, and recommends discovery, runtime guardrails, and automated removal integrated into detection workflows.
read more →

Microsoft SDL Expands to Secure AI-Powered Systems

🔒 Microsoft’s SDL is expanding to secure AI-powered systems by treating AI risks as dynamic, cross-disciplinary challenges rather than a static checklist. The update highlights AI-specific threats—prompt injection, data poisoning, memory and cache leakage, and malicious tool interactions—and stresses the need for telemetry-driven detection and faster feedback loops. Microsoft emphasizes developer-friendly policy, automation, and collaborative threat modeling to integrate security into everyday engineering practice.
read more →

PostgreSQL on Azure: Optimized for AI Scale and Speed

⚡ Microsoft has expanded its managed PostgreSQL offerings on Azure to support AI-native workloads by improving performance, scalability, and developer workflows. Azure Database for PostgreSQL now integrates with Microsoft Foundry for in-database LLM calls, offers DiskANN vector indexing for similarity search, and adds Parquet support for direct SQL access to object storage. Developers benefit from VS Code provisioning, Entra ID authentication, GitHub Copilot assistance, and a new Azure HorizonDB service for ultra-low-latency scale-out.
read more →

Germany and Israel Conduct Joint Cyberattack Defense Drill

🛡️ Germany and Israel jointly conducted a first-ever exercise, called “Blue Horizon,” to practice defending against a major cyberattack as part of a recent bilateral cyber and security pact. The drill aims to familiarize experts and advance the planned construction of a German “Cyberdome”, modeled on Israeli systems that consolidate data and use AI to detect network vulnerabilities and warn organizations. The pact also foresees closer cooperation on cybercrime, artificial intelligence and drone defense.
read more →

Securing AI at Scale: Three Companies' Use of CrowdStrike

🔒 The CrowdStrike Falcon platform delivers unified protection for AI across endpoints, cloud workloads, identities, and data flows, extending proven security principles to machine‑speed operations. By combining a single lightweight sensor with integrated modules, Falcon provides visibility, identity governance, data protection, and continuous monitoring for models and AI agents. Customers use these capabilities to detect misconfigurations early, govern non‑human identities, and prevent sensitive data exfiltration while preserving developer velocity and operational scale.
read more →