< ciso
brief />
Tag Banner

All news with #ai security tag

756 articles · page 3 of 38

Agentic AI: When Weapons Learn to Aim Themselves

🔒 Offensive AI is shifting tools from drafting to autonomous action. Agentic systems can gather intelligence, craft tailored social engineering, and run exploit chains without human hands, expanding capability to unskilled actors while accelerating expert operations. Defenders must test protections with live adversarial use to understand real resilience and retain human judgment where agents remain prone to confident errors.
read more →

Five Eyes Urges Urgent AI-Driven Cyber Resilience

🛡️ The Five Eyes cybersecurity agencies warned on June 22 that frontier AI is already reshaping offensive and defensive cyber capabilities and urged businesses to prioritize cyber resilience. They cautioned that AI accelerates attacks by lowering barriers and shrinking the window between discovery and exploitation, while also offering defensive benefits. The group recommended a whole-of-organization response focused on basics, secure-by-design, defence in depth, and integrating AI into security operations. Practical steps included reducing attack surfaces, accelerating patching, addressing legacy systems, strengthening access controls, and preparing incident response.
read more →

OpenAI Expands Daybreak with GPT‑5.5‑Cyber Release

🔒 OpenAI is distributing an enhanced GPT‑5.5‑Cyber model to trusted defenders via the Daybreak program, claiming improved capability to find, validate, and patch software vulnerabilities across large codebases. The company also updated the Codex Security plugin to accelerate discovery, triage, and automated patch generation, and launched Patch the Planet with Trail of Bits to secure open‑source projects. These steps aim to help maintainers cope with the surge in AI‑driven vulnerability findings while preserving human oversight.
read more →

Zero Trust as the AI control plane for Southeast Asia

🔒 At Zscaler’s Zenith Live 2026 in Vienna, the vendor argued that AI agents are rapidly becoming digital workers while regulators tighten data residency and supply‑chain threats move closer to core operations. Zscaler proposes extending its Zero Trust Exchange and SASE platform to govern AI agents, unmanaged devices, multi‑cloud workloads, and B2B partners, positioning zero trust as the control plane for secure AI adoption in regulated, highly connected markets like Southeast Asia. The company emphasised an AI Broker, endpoint AI security, and an AI Access Graph to map and protect AI assets and data flows.
read more →

Shadow AI Risk Shifts from Leakage to Access Control

🛡️ Shadow AI has evolved from simple data leakage to an access control challenge as employee-built agents connect to enterprise systems. These agents — created across platforms, extensions, and scripts — can call APIs, use credentials, and perform actions in production, often with broad or forgotten permissions. Traditional controls like DLP and domain blocking miss non-human identities, so organizations must inventory agents, map ownership and credentials, and enforce automated remediation.
read more →

How AI Is Redefining the SOC Triangle

🔍 A simple framework called the SOC Triangle balances quality, consistency and cost efficiency in security operations. Human-centric workflows create trade-offs where improving one dimension often harms another. AI is changing this dynamic by automating repeatable investigative workflows, improving depth, consistency and scaling without linear headcount increases. The triangle still exists, but its constraints are loosening for machine-suitable tasks, shifting humans toward oversight and complex judgment.
read more →

SearchLeak shows broader AI prompt injection risk

🔒 A proof-of-concept called SearchLeak demonstrated a prompt injection attack against Microsoft M365 Copilot Enterprise that tricks users into clicking crafted links to exfiltrate corporate data. Researchers combined three weaknesses in Copilot Search — including URL query parameters treated as natural language prompts — to leak sensitive content. Microsoft patched the server-side flaw, but the incident highlights risks when AI services access broad corporate assets and the need for render-time sanitization and stricter CSPs.
read more →

Prisma AIRS local cloud launch in Japan

🚀 Palo Alto Networks is launching a local cloud location for Prisma® AIRS™ in Japan to secure emerging AI deployments. The expansion provides domestic data residency, low-latency processing, and phased rollout of comprehensive AI security features for models, agents, and artifacts. It aims to help Japanese organizations adopt Generative AI and agentic workflows with improved operational efficiency and cyber resilience.
read more →

Human behavior shapes cybersecurity outcomes

🛰️ Cisco Talos' Threat Source newsletter reflects on how human behavior, context, and competing priorities often override rational security decisions. The piece links a Spielberg film theme to cybersecurity, noting that knowledge alone doesn't ensure action — organizations struggle with budgets, workloads, and urgency. Talos highlights practical controls like segmentation, backups, and MFA, and showcases a new reverse-engineering method that pairs local AI agents with tools like vbdec to accelerate analysis while protecting sensitive binaries.
read more →

Building a Model-Agnostic Vulnerability Harness

🔧 This post describes how Cloudflare evolved a single-repo security skill into a fleet-scale, model-agnostic Vulnerability Discovery Harness (VDH) and a separate Vulnerability Validation System (VVS). It explains why single-agent prompts fail at scale and why treating models as interchangeable components improves coverage. The article outlines stages like Recon, Hunt, Validate, Trace, Dedup, Gapfill, and Feedback and emphasizes persistence, strict context controls, and cross-repo reasoning.
read more →

ThreatsDay: AI Abuse, Fileless Mac Attacks, and More

📰 This week's ThreatsDay roundup highlights a range of active campaigns and emerging risks, from DoH adoption in Windows Server 2025 to search-hijacking Chrome extensions and fileless macOS infections. Researchers uncovered abuse of shared AI chat features to deliver credential stealers, large-scale WhatsApp booking fraud, and memory-only stealers targeting banks. Vendors and agencies are responding with mitigations, advisories, and new product timelines to address quantum and AI-driven threats.
read more →

Cybercriminals Worried AI Will Displace Roles

🔎 Sophos CTU research finds cybercriminals debating the risks and benefits of AI tools across underground forums, marketplaces and messaging apps. Sellers are offering AI kits for phishing, malware automation, deepfake creation and social engineering, while some threat actors fear losing work to automated toolsets. The research highlights divided views, a spike in discussion after the release of Claude Mythos Preview, and advice for defenders to prioritize patching, MFA and visibility.
read more →

Spyware embeds forbidden text to foil AI analysis

🛡️ At least one malware author is inserting large comment blocks with policy-triggering content about nuclear and biological weapons into JavaScript payloads to disrupt AI-driven analysis. The decoy text sits inside comments so execution is unchanged while early-stage LLM-based triage can be confused or refuse to process the file. Traditional detection methods like YARA rules, entropy checks, and deobfuscation remain effective. This tactic targets naive pipelines that expose untrusted file starts to language models.
read more →

Five new SOC roles emerging from AI evolution

🔒 The rise of AI-driven SOCs is reshaping security operations and creating new specialist roles rather than simply replacing people. Today's AI-SOC automates Tier 1 triage and is moving into Tier 2 investigation and remediation, prompting demand for skills in data engineering, agent orchestration, model training, threat hunting, and AI-savvy red teaming. Organizations will need professionals who can integrate diverse telemetry, manage agent swarms, fine-tune models, hunt adversary intent, and test AI-specific weaknesses.
read more →

AI Forces Security to Shift From Predictability

🛡️ AI is reshaping cybersecurity by breaking the long-held assumption of predictable, deterministic systems. Traditional prevention-focused controls remain important but are insufficient as AI agents, LLMs and automated development accelerate runtime change and attacker capabilities. Organizations must prioritize runtime visibility, use AI to augment defensive operations, rebuild vulnerability management and emphasize resilience and containment to manage evolving AI-driven risks.
read more →

Employee uploads to AI tools nearly double enterprise risk

📈 The Zscaler 2026 AI Threat Report warns that sensitive enterprise data uploaded to AI and ML applications nearly doubled year-over-year, driven largely by tools like Grammarly and ChatGPT. The report found a 93% increase in enterprise data transfers and identified over 410 million DLP violations tied to ChatGPT and 242 million for Codium, exposing PII, financials, source code and healthcare data. Zscaler recommends inventorying GenAI apps, disabling risky defaults, enforcing zero trust for model interactions and applying inline inspection to protect sensitive information.
read more →

Survey Finds AI Attacks Top Concern for Security Leaders

🔍 A Filigran survey of 168 security leaders at Infosecurity Europe 2026 found AI-powered attacks are the leading worry, cited by 41% of respondents, outpacing supply chain and unknown threats. Teams report alert fatigue as a major time sink, with chasing false positives (26%) and validating risks (25%) common. Trust in threat intelligence and AI decision-making remains low, and only 28% have a continuous exposure management program.
read more →

Challenges and Practical Paths for Autonomous SOCs

🔒 The promise of a fully autonomous SOC—where collection, analysis, investigation, and response happen without human intervention—attracts organizations facing talent shortages and a growing threat landscape. Vendors show value in alert enrichment and noise reduction, but autonomous decision-making and response have delivered limited ROI. Real-world obstacles include poor source data quality, tool integration gaps, analyst distrust, context deficits, AI hallucinations, compliance issues, and the need for human control.
read more →

Four Lessons That Shaped AI Threat Defense

🛡️ In his first Cloud CISO Perspectives, Chris Betz outlines four lessons guiding Google Cloud’s AI Threat Defense: Prepare, Scan and Prioritize, Remediate, and Monitor. He highlights how AI accelerates vulnerability discovery and defense, the importance of operational frameworks and harnesses, and the need for centralized tracking, risk-based patching, and continuous AI-driven monitoring. The guidance emphasizes reducing attack surface, close engineering collaboration, and building resilient systems.
read more →

Public‑Private Cooperation Is Critical for AI Cyber Defense

🔒 Fortinet highlights World Economic Forum guidance showing how AI is transforming cybersecurity and why public-private cooperation matters. The piece notes that while 91% of organizations are using or testing AI security tools, skill shortages persist and create risk. The Forum’s “Empowering Defenders” paper, to which Fortinet contributed, emphasizes operational integration, governance, workforce readiness, and practical pilot-to-scale approaches for AI in security.
read more →