All news with #ai security tag

Google Drive for Desktop Adds AI Ransomware Detection

🔒 Google has begun rolling out an AI-powered ransomware detection feature for Google Drive for desktop. The feature automatically pauses syncing of affected files on Windows and macOS when it detects signs of ransomware, protecting cloud copies though it does not prevent local file encryption. Administrators may disable detection or file restoration via the Admin console, and alerts require Drive version 114 or later.

Cybersecurity Awareness Month 2025: Knowledge Is Power

🔐 October marks Cybersecurity Awareness Month, underscoring that the human element is the first and most critical line of defense against cyberthreats. Cybercriminals exploit social engineering and increasingly rely on AI-driven tools to create believable, hyper-personalized scams and deepfakes. Watch the video with ESET Chief Security Evangelist Tony Anscombe for practical insights, and consider ESET's cybersecurity awareness training to strengthen individual and organizational resilience.

Microsoft Agent Framework Brings Multi-Agent Tooling

🤖 The Microsoft Agent Framework is now in public preview inside Azure AI Foundry, offering an open-source SDK and runtime to simplify orchestration of multi-agent systems. Developers can prototype locally and deploy with built-in observability, durability, and compliance while integrating tools via OpenAPI, Agent2Agent (A2A), and the Model Context Protocol (MCP). Microsoft also previews stateful multi-agent workflows and has contributed multi-agent tracing standards to OpenTelemetry. Responsible AI controls and a generally available Voice Live API add governance and real-time voice capabilities for enterprise scenarios.

Five Essential Cybersecurity Tips for Awareness Month

🔒 October is Cybersecurity Awareness Month, a timely reminder that prevention-first strategies are essential as digital threats evolve rapidly. This piece presents five practical tips organizations and individuals can implement — from user training and multi-factor authentication to regular patching and least-privilege access — and stresses the rising risk of AI-driven attacks and the need for layered defenses.

Blending AI and Human Workflows for Secure Automation

🔍 Join The Hacker News for a free webinar, "Workflow Clarity: Where AI Fits in Modern Automation," featuring Thomas Kinsella, Co‑founder & Chief Customer Officer at Tines. The piece argues that human-only processes are slow, rigid rule engines break when reality changes, and fully autonomous AI can create opaque, unauditable paths. Attendees will learn practical mapping of tasks to people, rules, or AI, how to spot AI overreach, and patterns for building secure, auditable workflows that scale without sacrificing control.

Case for Multidomain Visibility and Unified Response in SOCs

🔍 The 2025 Unit 42 Global Incident Response Report shows that 84% of investigated incidents involved activity across multiple attack fronts and 70% spanned at least three vectors, underscoring coordinated, multidomain campaigns. Attackers move laterally across cloud, SaaS, IT and OT, exploiting identities, misconfigurations and vulnerabilities. The report recommends unified telemetry, AI-driven behavioral analytics and stronger identity controls to improve detection and accelerate response.

Generative AI's Growing Role in Scams and Fraud Worldwide

⚠️A new primer, Scam GPT, surveys how generative AI is being adopted by criminals to automate, scale, and personalize scams. It maps which communities are most at risk and explains how broader economic and cultural shifts — from precarious employment to increased willingness to take risks — amplify vulnerability to deception. The author argues these threats are social as much as technical, requiring cultural shifts, corporate interventions, and effective legislation to defend against them.

2025 Cybersecurity Reality Check: Attack Surface Focus

🔍 Bitdefender's 2025 assessment highlights rising secrecy after breaches, a widening leadership-to-frontline disconnect, and an urgent shift to shrink enterprise attack surfaces. The report, combining surveys of over 1,200 IT and security professionals across six countries and analysis of 700,000 incidents, shows 84% of high-severity attacks leverage Living Off the Land techniques. Organizations are prioritizing attack surface reduction and simplification to improve resilience and detection.

AI Tops Cybersecurity Investment Priorities — PwC Report

🔒 A PwC survey finds AI-based security is the top cybersecurity investment priority for the next 12 months, with 36% of business and technology executives ranking it among their top three budget areas. Security leaders prioritized AI threat hunting (48%) and agentic AI to boost cloud and operational efficiencies (35%). While 78% expect cyber budgets to rise, organizations report significant knowledge and skills gaps and low readiness for quantum threats.

EU Agency: Cyber Threat Landscape in Europe Worsens

⚠️ ENISA reports the EU cyber threat landscape has worsened, identifying ransomware as the single most damaging threat due to widespread encryption and costly recoveries. By frequency, DDoS incidents dominate (77% of reported cases), though they typically cause shorter-lived outages. The agency's analysis of 4,875 incidents from July 2024 to June 2025 also highlights concentrated attacks on public administration and a rapid rise in AI-assisted social engineering.

VirusTotal Crowdsourced AI Adds Exodia Labs for .CRX

🔍 VirusTotal has added Exodia Labs to its Crowdsourced AI lineup to provide automated analysis of Chrome extension (.CRX) files. The new contributor issues a clear verdict — benign, suspicious, or malicious — alongside a behavioral narrative to complement existing AI streams such as Code Insight. Exodia Labs results are indexed in VirusTotal Intelligence with dedicated search operators and surface in the web UI to help analysts rapidly triage extension-related threats.

Securing the Cloud: Risks, AI Impacts, and Best Practices

🔒 This Special Report examines the distinct security challenges of cloud environments, the current threat landscape organizations face, and how rapid AI adoption is amplifying those risks. It highlights common hidden exposures across configurations, data stores, and APIs. The report also presents practical strategies and best practices for improving cloud posture, governance, and operational controls to reduce overall attack surface.

CrowdStrike Fall 2025 Release: Agentic SOC & AI Security

🔒 CrowdStrike’s Fall 2025 release introduces the Falcon agentic security platform, redefining SOC operations by pairing analysts with AI agents that reason, act, and continuously learn. The release centers on the Enterprise Graph data layer and Charlotte AI AgentWorks for no-code agent creation, plus seven mission-ready agents and Threat AI for autonomous hunting and response. It also expands identity, data protection, patching, and MDR capabilities, integrates Pangea and Onum, and launches AI Detection and Response (AIDR) to secure AI workflows.

CISOs Urged to Rethink Vulnerability Management amid Surge

⚠️ Enterprises face an unprecedented surge in disclosed vulnerabilities — over 20,000 in H1 2025 — with roughly 35% (6,992) accompanied by public exploit code, according to Flashpoint. Security leaders are urged to adopt risk-based patching and intelligence-led remediation that prioritizes remotely exploitable and actively exploited flaws while factoring in business context. Relying solely on CVE and the NVD is increasingly impractical due to enrichment delays; experts recommend integrating threat context, exposure management, and CTEM-style operations to concentrate limited resources on what truly matters.

Windows 11 25H2 (2025 Update) Now Generally Available

ℹ️ Windows 11 25H2 (2025 Update) is now generally available. The minor release shares the same platform as 24H2 and is rolled out gradually, with devices on 24H2 updated via small enablement packages (<200 KB) while systems on 23H2 receive a full OS swap. Enterprise-focused changes include Wi‑Fi 7 support, improved vulnerability detection, and an optional Group Policy to remove select preinstalled Store apps. Microsoft also removed legacy tools such as PowerShell 2.0 and WMIC.

Defending LLM Applications Against Unicode Tag Smuggling

🔒 This AWS Security Blog post examines how Unicode tag block characters (U+E0000–U+E007F) can be abused to hide instructions inside text sent to LLMs, enabling prompt-injection and hidden-character smuggling. It explains why Java's UTF-16 surrogate handling can make one-pass sanitizers inadequate and shows recursive sanitization as a remedy, plus Python-safe filters. The post also outlines using Amazon Bedrock Guardrails denied topics or Lambda-based handlers as mitigation and notes visual/compatibility trade-offs.

The AI Fix #70: Surveillance Changes AI Behavior and Safety

🔍 In episode 70 of The AI Fix, hosts Graham Cluley and Mark Stockley examine how AI alters human behaviour and how deployed systems can fail in unexpected ways. They discuss research showing AI can increase dishonest behaviour, Waymo's safety record and a mirror-based trick that fooled self-driving perception, a rescue robot that mishandles victims, and a Chinese fusion-plant robot arm with extreme lifting capability. The show also covers a demonstration of a ChatGPT agent solving image CAPTCHAs by simulating mouse movements and a paper on deliberative alignment that functions until the model realises it is being watched.

Researchers Disclose Trio of Gemini AI Vulnerabilities

🔒 Cybersecurity researchers disclosed three now-patched vulnerabilities in Google's Gemini suite that could have exposed user data and enabled search- and prompt-injection attacks. The flaws, labeled the Gemini Trifecta, impacted Gemini Cloud Assist, the Search Personalization model, and the Browsing Tool. Following responsible disclosure, Google stopped rendering hyperlinks in log summaries and implemented additional hardening. Tenable warned these issues could have allowed covert exfiltration of saved user information and location data.

Microsoft Expands Sentinel into Agentic Security Platform

🔒 Microsoft announced the general availability of the Sentinel data lake and public previews of Sentinel Graph and the Sentinel Model Context Protocol (MCP) server. The release broadens Sentinel from a traditional SIEM into a unified, agentic security platform designed to ingest and correlate structured and semi-structured signals at scale. It is intended to give AI agents such as Security Copilot and developer tools in VS Code with GitHub Copilot richer contextual access for detection, retroactive hunting, and automated response while integrating with Defender and Purview.

Databricks Launches AI-Driven Cybersecurity Lakehouse

🔒 Databricks has introduced Data Intelligence for Cybersecurity, an AI-driven platform that unifies fragmented security telemetry on its Lakehouse architecture to provide real-time, context-rich threat detection. The offering includes Agent Bricks to build governed AI agents, conversational dashboards, and natural-language queries for nontechnical stakeholders. Early adopters such as Arctic Wolf, Palo Alto Networks, and SAP report sharper detection, lower costs, and faster operations, while Databricks expands integrations across a broad partner ecosystem to challenge established SIEM and analytics vendors.