AI-powered systems are now spotting cyber threats in real time, slashing response times and easing huge workloads. Curious how automation is rewriting the playbook on cybersecurity? Check out the revolution in threat detection.
https://thedefendopsdiaries.com/the-transformative-power-of-automation-in-cybersecurity/
#cybersecurity
#automation
#ai
#machinelearning
#threatdetection
Cyberkriminelle nutzen falsch konfiguriertes KI-Tool, um KI-generierte Payloads auszuführen
#Bedrohungserkennung #Cryptominer #Cybersecurity #Fehlkonfiguration#LLM #OpenWebUI #Schwachstelle @Sysdig #ThreatDetection
New Blog Post: Kunai vs io_uring (https://why.kunai.rocks/blog/kunai-vs-io_uring)
Ever wondered how io_uring revolutionizes I/O operations in the Linux kernel? Inspired by Armo's blog post (https://www.armosec.io/blog/io_uring-rootkit-bypasses-linux-security/) about a PoC rootkit using io_uring, we explored this feature's security implications and how tools like Kunai can monitor these operations.
Key Takeaways:
io_uring boosts I/O performance by reducing system call overhead and enabling asynchronous operations Security tools struggle to monitor io_uring due to its unique handling of operations Kunai now provides visibility into io_uring operations, though blocking malicious activities remains challenging Recent kernel versions have introduced auditing and security controls for io_uring, but these are still limited
This is about to happen! Join us!
How To Detect And Mitigate Non-Human Identity And Crytographic Vulnerabilities — An ITSPmagazine Webinar With SandboxAQ
Thursday, May 15, 2025 | 1:00 PM 2:00 PM EST
Unmanaged cryptographic assets and non-human identities have left security teams blind to critical risks. These gaps have fueled vulnerabilities, breaches, compliance challenges, and operational drag across enterprise environments.
Join us to see how #AQtiveGuard transforms this landscape.
More than just visibility, AQtive Guard unifies your non-human identities and cryptographic assets into a single inventory to deliver end-to-end visibility, deeper risk analysis, and streamlined compliance in a single pane of glass—with automated discovery, real-time threat detection, and root cause analysis powered by their unique LQM.
Seamlessly integrated into your existing stack, it’s the AI-driven SaaS platform built to secure today’s systems—and tomorrow’s.
By attending, you will get to:
Discover how to gain unified visibility into cryptographic assets and non-human identities —including API keys, certificates and service accounts—in cloud environments
Explore how AQtive Guard empowers security teams with automated discovery, threat detection, and root cause analysis—enabling faster remediation, reduced risk, and stronger compliance without disrupting existing workflows.
Learn how to future-proof your security posture, with a platform designed for AI Security Operations, Post-Quantum Cryptography readiness, and seamless integration into your existing security stack.
PANELISTS
Marc Manzano
General Manager of Cybersecurity, SandboxAQ
MODERATORS
Sean Martin, CISSP Co-Founder, ITSPmagazine
Marco Ciappelli Co-Founder, ITSPmagazine
Can’t attend the live webinar? All registrants get exclusive access with a link to rewatch the recording.
Register To Attend: https://www.crowdcast.io/c/how-to-detect-and-mitigate-non-human-identity-and-crytographic-vulnerabilities-an-itspmagazine-webinar-with-sandboxaq
#cybersecurity, #cryptography, #AIsecurity, #infosec, #webinar, #securitytools, #threatdetection, #cloudsecurity, #sandboxAQ, #ITSPmagazine #tech #technology #quantum
Is static rule-based detection holding security teams back? In this On Location Briefing from #RSAC2025, we dive into why detection needs to evolve — and what the future could look like when it does.
New Briefing from #RSAC 2025: Fixing the Detection Disconnect — Rethinking Detection from Static Rules to Living Signals
At RSA Conference 2025, Sean Martin, CISSP caught up with Fred Wilmot (Co-Founder & CEO) and Sebastien Tricaud (Co-Founder & CTO) of Detecteam to talk about why detection can’t stay stuck in the past — and how “living signals” can offer a more dynamic, context-aware approach to threat identification.
How can teams move beyond brittle, static rules to real-time, adaptable detection strategies?
Find out how Detecteam is helping organizations move away from outdated IOCs toward purpose-built, testable detections that actually evolve as threats do.
Watch, listen, or read the full conversation here:
https://www.itspmagazine.com/their-stories/fixing-the-detection-disconnect-and-rethinking-detection-from-static-rules-to-living-signals-a-brand-story-with-fred-wilmot-from-detecteam-an-on-location-rsac-conference-2025-brand-story
Learn more about Detecteam’s work: https://www.itspmagazine.com/directory/detecteam
See all our RSAC 2025 coverage: https://www.itspmagazine.com/rsac25
Discover more On Location Conversations, Brand Stories, and Briefings: https://www.itspmagazine.com/brand-story
This is just one of the many incredible conversations we recorded On Location in San Francisco, as Sean Martin and Marco Ciappelli covered the event as official media partners for the 11th year in a row.
Stay tuned for more Briefings, Brand Stories, and candid conversations from RSAC 2025!
Looking ahead:
If your company would like to share your story with our audiences On Location, we’re gearing up for #InfosecurityEurope in June and #BlackHatUSA in August!
RSAC 2025 sold out fast — we expect the same for these next events.
Reserve your full sponsorship or briefing now: https://www.itspmagazine.com/purchase-programs
Some more conversations for you, straight from the floor of RSAC 2025!
New Briefing from #RSAC2025: From Overwhelmed to Informed — Strategic Threat Detection for the Future
At #RSAC Conference 2025, Sean Martin, CISSP caught up with Hugh Njemanze, Founder and CEO of Anomali, for a quick but powerful conversation about how the future of threat detection is about more than speed — it’s about strategy.
Why are #securityteams overwhelmed by traditional approaches, and how can smarter, faster, more strategic #threatintelligence change the game?
Find out how #Anomali is helping organizations move from reactive defense to proactive security strategies.
Watch, listen, or read the full conversation here: https://www.itspmagazine.com/their-stories/from-overwhelmed-to-informed-the-future-of-threat-detection-isnt-just-fasterits-strategic-a-brand-story-with-hugh-njemanze-from-anomali-an-on-location-rsac-conference-2025-brand-story
Learn more about Anomali’s work: https://www.itspmagazine.com/directory/anomali
See all our RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25
Explore more Briefings and Brand Stories from RSAC 2025: https://www.itspmagazine.com/brand-story
This is just one of the many incredible conversations we recorded On Location in San Francisco, as Sean Martin, CISSP and Marco Ciappelli covered the event as official media partners for the 11th year in a row.
Stay tuned for more Briefings, Brand Stories, and candid conversations from RSAC 2025!
Looking ahead:
If your company would like to share your story with our audiences On Location, we’re gearing up for Infosecurity Europe in June and Black Hat USA in August! RSAC 2025 sold out fast — we expect the same for these next events. Reserve your full sponsorship or briefing now: https://www.itspmagazine.com/purchase-programs
Hashtags:
#cybersecurity #infosec #infosecurity #technology #tech #society #business #threatdetection #cyberthreatintelligence #strategicsecurity #anomali
The AI Arms Race: Cybercriminals Harnessing AI While Defenders Innovate
As cybercriminals leverage AI for more sophisticated attacks, the cybersecurity industry is racing to develop countermeasures. From AI-driven phishing schemes to advanced threat detection, the battle ...
https://news.lavx.hu/article/the-ai-arms-race-cybercriminals-harnessing-ai-while-defenders-innovate
https://www.europesays.com/1838016/ Logpoint & Netheimur team up to enhance Icelandic security #acquisition #ArtificialIntelligenceAI #CloudSecurity #CyberAttacks #Cybersecurity #GeneralDataProtectionRegulation(GDPR) #iceland #island #Logpoint #ManagedSecurityServicesProvider(MSSP) #PublicSector #SecurityInformationAndEventManagement(SIEM) #ThreatActors #ThreatDetection
Kunai pushes further integration with MISP!
This week, we've made significant progress in bridging Kunai with @misp to enhance threat intelligence sharing. Our focus has been on developing kunai-to-misp, a new tool available at https://github.com/kunai-project/pykunai, which processes Kunai logs and creates MISP events to streamline collaboration.
With this, it is now possible to both update MISP from Kunai and feed Kunai from MISP using the misp-to-kunai tool. Here's a practical workflow example:
Analyze a #linux malware sample with Kunai Sandbox (https://github.com/kunai-project/sandbox)
Use kunai-to-misp on the collected Kunai logs
(Optional) Review attributes' IDS flag to maximize detections and reduce false positives
Use misp-to-kunai to distribute the results across all Kunai endpoints
Additionally, we're leveraging MISP’s data model to craft meaningful MISP objects and relationships, offering a clear visual representation of events inside MISP.
Try it out and let us know what you think!
Corelight’s NOC team faced a unique challenge at Black Hat USA 2024—detecting SSHAMBLE, a new SSH scanner introduced by HD Moore. By tapping into existing logs and Zeek metadata, we identified the tool’s fingerprint in real-time.
What happened next?
Real-time detection. Discovering threats using old logs. 
Zeek metadata making sense of encrypted traffic.
Head to the blog to learn more: https://corelight.com/blog/black-hat-usa-2024-noc-learnings?utm_source=mstdn&utm_medium=organic-social&utm_campaign=blog&utm_adgroup=blackhat2024noc&utm_content=SSI
openSquat - An open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.
#WorkSurveillance #Surveillance #WageSlavery #SIEM #UEBA #CyberSecurity #ThreatDetection #BehaviorProfiling: "This case study explores, examines and documents how employers can use software that analyzes extensive personal data on employee behavior and communication for cybersecurity, insider threat detection and compliance purposes. To illustrate wider practices, it investigates software for “security information and event management” (SIEM), “user and entity behavior analytics” (UEBA), insider risk management and communication monitoring from two major vendors. First, it looks into cybersecurity and risk profiling systems offered by Forcepoint, a software vendor that was until recently owned by the US defense giant Raytheon. Second, it investigates in detail how employers can use cybersecurity and risk profiling software sold by Microsoft, whose “Sentinel” and “Purview” systems provide SIEM, UEBA, insider risk management and communication monitoring functionality. Combined, these systems can monitor everything employees do or say, profile their behavior and single them out for further investigation. Similar to predictive policing technologies, they promise not only to detect incidents but to prevent them before they occur. While organizations can use these software systems for legitimate purposes, this study focuses on their potential implications for employees."
https://crackedlabs.org/en/data-work/publications/securityriskprofiling
From ISD and CASM, a study of identification of Wikipedia sockpuppetry using semantic clustering.
https://www.isdglobal.org/isd-publications/identifying-sock-puppets-on-wikipedia-a-semantic-clustering-approach/
News from #CNCF! Falco – the tool designed for Linux systems and a de facto #Kubernetes threat-detection engine - has officially graduated!
Learn more about this achievement: https://bit.ly/3wToTXt
Read more: 
