Over Security

Over Security

33618 bookmarks
Custom sorting
IT threat evolution in Q1 2026. Non-mobile statistics
IT threat evolution in Q1 2026. Non-mobile statistics
The report presents key trends and statistics on malware that targeted personal computers running Windows and macOS, as well as Internet of Things (IoT) devices, during Q1 2026.
·securelist.com·
IT threat evolution in Q1 2026. Non-mobile statistics
IT threat evolution in Q1 2026. Mobile statistics
IT threat evolution in Q1 2026. Mobile statistics
This report contains mobile threat statistics for Q1 2026, along with noteworthy discoveries and quarterly trends: new versions of SparkCat and Triada.
·securelist.com·
IT threat evolution in Q1 2026. Mobile statistics
Microsoft testing adjustable taskbar, Start menu in Windows 11
Microsoft testing adjustable taskbar, Start menu in Windows 11
Microsoft has finally brought back the resizable taskbar and Start menu to Windows 11 in the latest preview version rolling out to Insiders in the Experimental channel.
·bleepingcomputer.com·
Microsoft testing adjustable taskbar, Start menu in Windows 11
L’IA che combatte l’IA: quando la guerra cibernetica smette di avere un volto umano
L’IA che combatte l’IA: quando la guerra cibernetica smette di avere un volto umano
L’AI non è più solo uno strumento di supporto: oggi individua vulnerabilità, reagisce agli attacchi e automatizza operazioni cyber offensive. Un’evoluzione che cambia il ruolo umano nella cyber security e apre nuovi interrogativi su controllo e responsabilità
·cybersecurity360.it·
L’IA che combatte l’IA: quando la guerra cibernetica smette di avere un volto umano
MiniPlasma: la patch del 2020 su Windows che non c’è mai stata o è sparita
MiniPlasma: la patch del 2020 su Windows che non c’è mai stata o è sparita
Una vulnerabilità Windows corretta nel 2020 potrebbe non essere mai stata davvero risolta. Con MiniPlasma, il ricercatore Chaotic Eclipse dimostra che il vecchio PoC di Google Project Zero funziona ancora su sistemi Windows 11 aggiornati. Il caso evidenzia i limiti del patch management e il rischio di falle “riaperte” negli aggiornamenti successivi
·cybersecurity360.it·
MiniPlasma: la patch del 2020 su Windows che non c’è mai stata o è sparita
Introducing Group-IB Prevyn AI
Introducing Group-IB Prevyn AI
Group-IB introduces Prevyn AI, the cognitive core of the Unified Risk Platform. Rather than an isolated AI assistant or product feature, Prevyn AI is a central intelligence capability that reasons over data, coordinates specialist agents, and prepares insights in Threat Intelligence and actions in Managed XDR.
·group-ib.com·
Introducing Group-IB Prevyn AI
Microsoft confirms Windows 11 security update install issues
Microsoft confirms Windows 11 security update install issues
Microsoft has confirmed that the May 2026 Windows 11 security update (KB5089549) fails to install on some systems and triggers 0x800f0922 errors.
·bleepingcomputer.com·
Microsoft confirms Windows 11 security update install issues
Exploit available for new DirtyDecrypt Linux root escalation flaw
Exploit available for new DirtyDecrypt Linux root escalation flaw
A recently patched local privilege escalation vulnerability in the Linux kernel's rxgk module now has a proof-of-concept exploit that allows attackers to gain root access on some Linux systems.
·bleepingcomputer.com·
Exploit available for new DirtyDecrypt Linux root escalation flaw
New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released
New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released
A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed "MiniPlasma" that lets attackers gain SYSTEM privileges on fully patched Windows systems.
·bleepingcomputer.com·
New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released
Microsoft rejects critical Azure vulnerability report, no CVE issued
Microsoft rejects critical Azure vulnerability report, no CVE issued
A security researcher claims Microsoft quietly fixed an Azure Backup for AKS vulnerability after rejecting his report, and without issuing a CVE. Microsoft disputes the claim, telling BleepingComputer the behavior was expected and that "no product changes were made," despite the researcher documenting a silent fix.
·bleepingcomputer.com·
Microsoft rejects critical Azure vulnerability report, no CVE issued
The Metric to Anchor Your Agentic SOC Evaluation On
The Metric to Anchor Your Agentic SOC Evaluation On
There's one question that, once it anchors how we evaluate these products, makes the difference between picking a triage tool and picking a detection partner. The global median dwell time, days from first attacker foothold to the moment someone noticed, came in at 14 days. Triage speed doesn't close it. The IBM 2025 Cost of a Data Breach Report puts mean time to identify at around 181 days globally, down from 194 the year before. But the directional signal is consistent: detection completeness is where the next layer of value lives. Dwell time is the metric. Days from foothold to detection. What we measure today, what we don't measure yet The agentic-SOC category has standardized on a set of performance metrics that are easy to measure cleanly: per-ticket investigation time, alert closure rate, response latency on already-detected incidents. That's a different kind of measurement than triage speed, and it's the one the category hasn't fully built out yet. Here's the distinction, side by side: Metric category What it measures What it tells you about the product Triage-speed metrics (broadly available) How fast the system processes alerts that already fired How efficient your SOC becomes at handling known signal Detection-completeness metrics (still maturing) Whether the system surfaces threats it didn't already have a rule for Whether the product is meaningfully shortening attacker dwell time Both matter. That said, there's a meaningful distinction between triage speed and detection completeness, and understanding it helps you get full value from the agentic wave. The way to make sure the right 60% survives is to measure outcomes that map to the actual threat: how many days did the attacker have before detection, and did that number go down? Here's the question to anchor on: "Show me your customers' median dwell time before deployment and after. Dwell time." Pay attention to what happens next. If they pivot to triage speed, they're likely early on the measurement maturity curve, which is where most of the category is right now. If they say "dwell time is a lagging indicator that's hard to attribute to a single tool," they're being honest about a genuinely hard problem. Products built around that metric are the ones most likely to deliver on what this category can genuinely do: meaningfully shorten the time between an attacker's first move and the moment someone stops them.
·binarydefense.com·
The Metric to Anchor Your Agentic SOC Evaluation On
Interview #9 MedusaLocker
Interview #9 MedusaLocker
The following interview, which we publish in full, was conducted in May 2026 by Erez, a member of the deepdarkCTI community. The MedusaLocker ransomware gang is a persistent cybercriminal operation first observed in late 2019. It operates primarily as a Ransomware-as-a-Service (RaaS) model, where developers provide the malware to affiliates in exchange for a percentage
·deepdarkcti.com·
Interview #9 MedusaLocker