All news with #ai security tag

FBI: $262M Lost to ATO Fraud as AI Phishing Escalates

🔐 The FBI warns that cybercriminals impersonating banks and payment services have caused over $262 million in losses this year through account takeover (ATO) fraud and more than 5,100 complaints. Attackers use phishing, SEO poisoning, calls and SMS to harvest credentials and MFA/OTP codes, then transfer funds to intermediary accounts and convert proceeds to cryptocurrency. The advisory highlights growing use of AI-generated phishing and holiday-themed scams and urges vigilance, unique passwords, URL checks and stronger authentication.

Agentic AI Security Use Cases for Modern CISOs and SOCs

🤖 Agentic AI is emerging as a practical accelerator for security teams, automating detection, triage, remediation and routine operations to improve speed and scale. Security leaders at Zoom, Dell, Palo Alto and others highlight its ability to reduce alert fatigue, augment SOCs and act as a force multiplier amid persistent skills shortages. Implementations emphasize augmentation over replacement, enabling continuous monitoring and faster, more consistent responses.

2026 Predictions: Autonomous AI and the Year of the Defender

🛡️In 2026 Palo Alto Networks forecasts a shift to the Year of the Defender as enterprises counter AI-driven threats with AI-enabled defenses. The report outlines six predictions — identity deepfakes, autonomous agents as insider threats, data poisoning, executive legal exposure, accelerated quantum urgency, and the browser as an AI workspace. It urges autonomy with control, unified DSPM/AI‑SPM platforms, and crypto agility to secure the AI economy.

Human and AI Collaboration in the GenAI-Powered SOC

🛡️ Microsoft Defender Experts outlines how autonomous AI agents are transforming Security Operations Centers by automating repetitive triage and amplifying analyst impact. Built with expert-defined guardrails, curated test sets, and human-in-the-loop validation, these agents already process about 75% of phishing and malware cases and help resolve incidents nearly 72% faster. The program emphasizes human governance, auditability, and iterative rollout through dark-mode evaluation and pilot partnerships.

The AI Fix — Episode 78: Security, Spies, and Hype

🎧 In Episode 78 of The AI Fix, hosts Graham Cluley and Mark Stockley examine a string of headline-grabbing AI stories, from a fact-checked “robot spider” scare to Anthropic’s claim of catching an autonomous AI cyber-spy. The discussion covers Claude hallucinations, alleged state-backed misuse of US AI models, and concerns about AI-driven military systems and investor exuberance. The episode also questions whether the current AI boom is a bubble, while highlighting real-world examples like AI-generated music charting and pilots controlling drone wingmen.

Four Ways AI Is Strengthening Democracies Worldwide

🗳️ The essay argues that while AI poses risks to democratic processes, it is also being used to strengthen civic engagement and government function across diverse contexts. Four case studies—Japan, Brazil, Germany, and the United States—illustrate practical deployments: AI avatars for constituent engagement, judicial workflow automation, interactive voter guides, and investigative tools for watchdog journalism. The authors recommend public AI like Switzerland’s Apertus as a democratic alternative to proprietary models and stress governance, transparency, and scientific evaluation to mitigate bias.

The 2026 Tech Tsunami: AI, Quantum, and Web 4.0 Collide

🌐 Check Point's 2026 analysis warns that an unprecedented convergence of AI, quantum computing, and an immersive Web 4.0 will reshape digital risk. Autonomous systems and hyper-automation will blur boundaries between cloud, networks, and physical infrastructure, expanding attack surfaces and changing the nature of digital trust. The report calls for updated cryptography, enhanced detection, and cross-industry resilience planning.

AI and Deepfakes Drive Surge in Sophisticated Identity Fraud

🔍 Sumsub’s 2025 Identity Fraud Report finds that global identity fraud attempts fell slightly to 2.2%, but highly sophisticated attacks rose 180%. These multi-vector schemes combine synthetic identities, AI-driven deepfakes, layered social engineering, device tampering and cross-channel manipulation, making them far harder to detect. The report warns organisations to replace manual controls with real-time behavioural and telemetry analysis to counter this shift from quantity to quality in fraud.

The Dilemma of AI: Malicious LLMs and Security Risks

🛡️ Unit 42 examines the growing threat of malicious large language models that have been intentionally stripped of safety controls and repackaged for criminal use. These tools — exemplified by WormGPT and KawaiiGPT — generate persuasive phishing, credential-harvesting lures, polymorphic malware scaffolding, and end-to-end extortion workflows. Their distribution ranges from paid subscriptions and source-code sales to free GitHub deployments and Telegram promotion. The report urges stronger alignment, regulation, and defensive resilience and offers Unit 42 incident response and AI assessment services.

UK Lawmakers Urge Legal Shift on Economic Cybersecurity

🔒 The House of Commons Business and Trade Committee has urged the UK government to enshrine a new approach to economic security in law, warning that cyber and other threats increasingly imperil the nation's open economy. The committee's report, Toward a new doctrine for economic security, stresses that economic security cannot be achieved without cybersecurity and highlights attacks on critical national infrastructure and private firms. Key recommendations include making the voluntary Software Security Code of Practice mandatory, introducing tax relief for IT services that enhance operational resilience, and consulting on a mandatory cyber-incident reporting regime.

Influencers Targeted by Cybercriminals: Account Risks

🔒 Social media influencers are increasingly attractive targets for cybercriminals who hijack trusted accounts to distribute scams, malware and fraudulent offers. Attackers use spearphishing, credential stuffing, brute-force attacks and SIM swapping, and AI is making those lures more convincing. Compromised accounts may be sold or used to push crypto and investment scams, exfiltrate follower data or extort victims. Practical defences include long, unique passwords, app-based 2FA, phishing awareness, device separation and up-to-date security software.

Seven Signs Your Cybersecurity Framework Needs Overhaul

🛡️ Organizations should rebuild security frameworks when they fail to sense environmental change, respond effectively to incidents, or support proactive risk management. Experts recommend a dynamic sensing-and-response capability, routine reviews (biannual heavy reviews with interim cursory checks), and deliberate integration of NIST baselines with industry-specific controls. Key warning signs include any breach, chronic alert overload, negative KRIs/KPIs, endpoint and AI gaps, and a compliance-only posture that ignores business risk. Rebuilds are also warranted after major business or regulatory shifts or when incremental fixes no longer suffice.

Claude Opus 4.5 Brings Agentic AI to Microsoft Foundry

🚀 Claude Opus 4.5 is now available in public preview in Microsoft Foundry, aiming to shift models from assistants to agentic collaborators that execute multi-tool workflows and support complex engineering tasks. Anthropic and Microsoft highlight Opus 4.5’s strengthened coding, vision, and reasoning capabilities alongside improved safety and prompt-injection robustness. Foundry adds developer features like Programmatic Tool Calling, Tool Search, Effort Parameter (Beta), and Compaction Control to help teams build deterministic, long-running agents while keeping centralized governance and observability.

Anthropic Claude Opus 4.5 Now Available on Vertex AI

🚀 Anthropic's Claude Opus 4.5 is now generally available on Vertex AI, delivering frontier performance for coding, agents, vision, and office automation at roughly one-third the cost of Opus 4.1. The model introduces advanced agentic tool use—programmatic tool calling (including direct Python execution) and dynamic tool search—plus expanded memory and a 1M-token context window to support long, multi-step tasks. On Vertex AI, Opus 4.5 is offered as a Model-as-a-Service on Google's high-performance infrastructure with prompt caching, efficient batch predictions, provisioned throughput, and enterprise-grade controls for deployment. Organizations can leverage the Agent Builder stack (ADK, A2A, and Agent Engine) and Google Cloud security controls, including Model Armor and Security Command Center protections, to accelerate production agents while managing cost and risk.

What Keeps CISOs Awake - Zurich's Approach to Resilience

😴 At the Global Cyber Conference 2025 in Zurich, CISOs openly confronted a profession-wide exhaustion tied to escalating cyber risk. Tim Brown distilled the anxiety into five core threats: shrinking exploit windows, persistent adversaries, third-party risk, an AI arms race, and staff burnout. The Swiss Cyber Institute's vendor-free format created a trust-based forum where peers share IOCs, run joint table-tops and adopt risk-based patching and UEBA to speed response and restore resilience.

DeepSeek-R1 Generates Less Secure Code for China-Sensitive Prompts

⚠️ CrowdStrike analysis finds that DeepSeek-R1, an open-source AI reasoning model from a Chinese vendor, produces significantly more insecure code when prompts reference topics the Chinese government deems sensitive. Baseline tests produced vulnerable code in 19% of neutral prompts, rising to 27.2% for Tibet-linked scenarios. Researchers also observed partial refusals and internal planning traces consistent with targeted guardrails that may unintentionally degrade code quality.

UK Launches World’s First Military Esports Tournament

🎮 The UK government has launched the International Defence Esports Games (IDEG), touted as the world’s first military esports tournament, involving personnel from 40 allied nations. The three-day event at the National Gaming and Esports Arena in Sunderland on 9–11 October 2026 will combine live-streamed competitive matches with summits on cybersecurity, AI and drone operations. Officials say IDEG will sharpen cyber and digital skills, improve rapid decision-making and build allied partnerships.

Rewiring Democracy: Sales, Reviews, and Upcoming Events

📘 It’s been a month since Rewiring Democracy was published and sales are reported to be good; six Amazon reviews to date means the authors are asking readers to post more. Several chapters (2, 12, 28, 34, 38, and 41) are available online. The authors have been doing numerous live and podcast events, including a noted session with Danielle Allen at the Harvard Kennedy School Ash Center. Two in-person appearances are planned in December (MIT Museum on 12/1; Munk School on 12/2), and a live AMA will be hosted on the RSA Conference website on 12/16.

AWS Security Incident Response: AI Investigative Agent

🔎 The new AI-powered investigative agent in AWS Security Incident Response automates evidence collection, correlation, and timeline building to speed incident investigations from hours to minutes. It interactively asks clarifying questions, queries CloudTrail, IAM, EC2, and cost data, and summarizes critical findings and timelines. The capability is available now across commercial AWS Regions and is included with the service’s metered pricing.

AWS WAF Adds Web Bot Auth to Verify AI and Bot Traffic

🔐 AWS WAF now supports Web Bot Auth, providing cryptographic verification for automated agents and crawlers that access web applications. The capability uses signed HTTP messages and a public key directory defined by active IETF drafts to authenticate bot identities. AWS WAF will automatically allow verified WBA bots by default, refining previous behavior where the AI category blocked unverified bots. This change helps operators distinguish trusted automated traffic from potentially harmful automation.