Over Security

Over Security

33538 bookmarks
Custom sorting
Oltre la compliance: come l’AI Act trasforma la fiducia in vantaggio competitivo
Oltre la compliance: come l’AI Act trasforma la fiducia in vantaggio competitivo
L’AI Act non rappresenta un ostacolo, bensì un modello per realizzare un vantaggio competitivo duraturo. Ecco perché il futuro dell’intelligenza artificiale non apparterrà solo alle aziende che si muovono più rapidamente, ma a quelle che sapranno conquistare la fiducia del mercato, trasformandola in vantaggio competitivo
·cybersecurity360.it·
Oltre la compliance: come l’AI Act trasforma la fiducia in vantaggio competitivo
Behind The Scenes: Yarix Approach to LLM Security
Behind The Scenes: Yarix Approach to LLM Security
Large Language Models are rapidly becoming load-bearing components of modern applications. This article takes you behind the scenes of how Yarix structures an LLM Security Assessment, from threat modeling to hands-on adversarial testing, combining international standards with the kind of methodical analysis that surfaces…
·labs.yarix.com·
Behind The Scenes: Yarix Approach to LLM Security
Kemper - 269,299 breached accounts
Kemper - 269,299 breached accounts
In April 2026, the American insurance holding company Kemper Corporation was named by the ShinyHunters ransomware group in a "pay or leak" extortion campaign. The attackers allegedly accessed Kemper's Salesforce environment via social engineering as part of a broader campaign targeting hundreds of organisations using the same method. The group later published tens of gigabytes of data they claimed included internal directory data, Salesforce records and Stripe payment logs. Among the 269k unique email addresses were names, phone numbers, physical addresses and partial payment card data including the last 4 digits, expiry dates and card brands. Kemper confirmed the incident and stated they had engaged third-party cybersecurity experts and notified law enforcement.
·haveibeenpwned.com·
Kemper - 269,299 breached accounts
SEO poisoning e chatbot AI dirottati per un malware miner
SEO poisoning e chatbot AI dirottati per un malware miner
Le campagne di SEO poisoning non sono certo una novità nel panorama cybercriminale. Da decenni gli attaccanti manipolano i motori di ricerca per spingere siti malevoli tra i primi risultati, inducendo gli utenti a scaricare malware credendo di visitare pagine legittime. Ma una nuova campagna analizzata da Microsoft Security Blog mostra un’evoluzione particolarmente interessante del …
·securityinfo.it·
SEO poisoning e chatbot AI dirottati per un malware miner
Attackers Went Agentic First
Attackers Went Agentic First
Mandiant's M-Trends 2026 report puts the median time from initial access to handoff to a secondary threat group at 22 seconds in 2025. What changed is that initial access brokers started pre-staging secondary group malware before the handoff, turning what used to be a marketplace transaction into an automated delivery pipeline. The vishing-to-MFA-reset path is the cloud entry of choice now Voice phishing is the top initial access vector in cloud-specific compromises at 23%, per M-Trends 2026. This is what commoditization looks like on the attacker side: a moderately skilled operator can run enterprise-scale credential theft through software they rented this week. The bypass is session-cookie theft, which means the MFA prompt fires, the user authenticates, and the attacker wins anyway. The attacker still walked away with an authenticated session token. What MFA blocks What AiTM bypasses Credential interception (attacker captures username + password) Session-cookie interception (attacker captures authenticated session after MFA succeeds) Replay of static credentials Replay of live, valid session tokens Brute-force and spray against the password layer Post-authentication access using a stolen token the identity provider trusts That is the point about MFA worth holding onto: it is not the control that catches AiTM. The controls that catch it are session-token telemetry, conditional access policies that bind tokens to device posture and network signals, and detections tuned for anomalous token reuse from a new device or geography. Pull all of that together and the defender response that matches it is correlation across endpoint, identity, and network telemetry, anchored by analysts working campaign-shaped timelines rather than ticket-shaped events. Against a sophisticated actor running an AI-orchestrated kill chain, the assumption that an attacker still has to manually advance each step is not reliable. That is the structural shift, and it is what compressed the time window and lowered the skill floor on the attacker side. The defender response that matches this is not a faster automated triage layer on its own. Each of those is a place where attacker tooling created a gap that the corresponding defender response closes through judgment, not just throughput. That is not a story about defenders refusing to adopt. It is a story about defenders still calibrating what good looks like. The attacker side did not wait for that calibration to finish. That gap is closable, and being precise about where attacker tooling actually changed the threat is the first move toward closing it. If attacker speed is the edge AI gave the offense, the question that follows is what defenders keep human, and where. The question is what defenders optimize for in response, and whether "faster" is even the right axis.
·binarydefense.com·
Attackers Went Agentic First
Certego è nello European Cybersecurity Atlas
Certego è nello European Cybersecurity Atlas
Managed Detection & Response services (MDR) 24/7 for network, endpoint, cloud, SaaS and OT, against every type of cyber attack
·certego.net·
Certego è nello European Cybersecurity Atlas
Acn, ad aprile quadro severo: manca il monitoraggio dell’AI offensiva
Acn, ad aprile quadro severo: manca il monitoraggio dell’AI offensiva
Il monitoraggio proattivo oggi mostra una postura operativa matura e lo testimoniano le cifre. Ma dall'operational summary dell'Acn di aprile 2026 emerge uno scenario che non attenua la portata del fenomeno cyber e una dissonanza con i report dei vendor di sicurezza. Ecco perché
·cybersecurity360.it·
Acn, ad aprile quadro severo: manca il monitoraggio dell’AI offensiva
Can you enforce strong Active Directory password rules without frustrating users?
Can you enforce strong Active Directory password rules without frustrating users?
Strong Active Directory passwords don't have to come at the expense of usability. Specops Software explains how passphrases, breached password protection, and self-service resets can improve security without frustrating users.
·bleepingcomputer.com·
Can you enforce strong Active Directory password rules without frustrating users?
MediaArea heap-based buffer overflow vulnerabilities
MediaArea heap-based buffer overflow vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed four vulnerabilities in MediaArea MediaInfoLib library. The vulnerabilities mentioned in this blog post have been patched by their respective vendor, in adherence to Cisco’s third-party vulnerability disclosure policy. For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s w
·blog.talosintelligence.com·
MediaArea heap-based buffer overflow vulnerabilities
Glassworm botnet disrupted after resilient C2 infrastructure takedown
Glassworm botnet disrupted after resilient C2 infrastructure takedown
The Glassworm botnet targeting developers in software supply-chain attacks has been disrupted after researchers took down its resilient command-and-control infrastructure relying on Solana blockchain transactions and the BitTorrent DHT network.
·bleepingcomputer.com·
Glassworm botnet disrupted after resilient C2 infrastructure takedown
Football Fever Fuels Scam Campaigns Across Email and Social Media
Football Fever Fuels Scam Campaigns Across Email and Social Media
Football fans are increasingly targeted by scams exploiting club loyalty, national teams, football collectibles, streaming demand, and the growing excitement around the FIFA World Cup 2026, according to Bitdefender Labs.
·bitdefender.com·
Football Fever Fuels Scam Campaigns Across Email and Social Media
Relazione ACN 2025, più eventi cyber e meno incidenti: cosa significa davvero per le aziende
Relazione ACN 2025, più eventi cyber e meno incidenti: cosa significa davvero per le aziende
La Relazione annuale al Parlamento dell'Agenzia per la Cybersicurezza Nazionale fotografa un'Italia digitalmente più esposta ma anche più resiliente: 2.729 eventi cyber gestiti, 615 incidenti confermati e un gap crescente tra attacchi tentati e attacchi riusciti. Un'analisi tecnica dei dati, con indicazioni operative per le organizzazioni
·cybersecurity360.it·
Relazione ACN 2025, più eventi cyber e meno incidenti: cosa significa davvero per le aziende
CISA gives feds 4 days to patch actively exploited cPanel plugin flaw
CISA gives feds 4 days to patch actively exploited cPanel plugin flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. federal agencies four days to secure their servers against a critical vulnerability in the LiteSpeed cPanel user-end plugin, which is actively being exploited in attacks.
·bleepingcomputer.com·
CISA gives feds 4 days to patch actively exploited cPanel plugin flaw