%term

Multimodal Attacks and Model Drift: The Future of AI Exploitation

Nov 20, 2025 By A10 Networks In A10 Networks

Multimodal Attacks and Model Drift: The Future of AI Exploitation A10 security experts Jamison Utter, Diptanshu Purwar, and Madhav Aggarwal discuss the critical vulnerabilities emerging from multimodal AI agents (systems that perceive, decide, and act) and the absolute need for security mechanisms external to the Large Language Model (LLM) itself. The experts dive into why traditional security is failing and what the next evolution of defense must look like.

View Video

A10 Networks

Read more about Multimodal Attacks and Model Drift: The Future of AI Exploitation

The MemcycoFM Show: Ep 18 - SOC Defense Against Credential Replay Attacks

Nov 19, 2025 By Memcyco In Memcyco

In a recent blog post from @Memcyco , we discussed how credential replay remains one of the most efficient ways attackers turn stolen usernames, passwords, or tokens into real account access. Verizon’s 2024 DBIR shows that over 40% of breaches involve stolen credentials, underscoring the durability of this tactic. Even strong authentication is not immune. Techniques like pass-the-cookie and adversary-in-the-middle phishing allow attackers to replay tokens and sidestep MFA. Remote-access scams add another layer, handing fraudsters direct control of devices and sessions.

View Video

Memcyco

Read more about The MemcycoFM Show: Ep 18 - SOC Defense Against Credential Replay Attacks

Lookalike Domain Attacks Explained

Nov 18, 2025 By Revashni Moodley In UpGuard

Your potential customers could be interacting with a malicious website that resembles your company's website. This dangerous cyber risk, known as a lookalike domain, is on the rise, with 80% of registered web domains in 2024 resembling 2000 global brands. This article explains what lookalike domains are, their impact on your brand, and why these attacks are increasing, providing real-time strategies to protect your business from domain spoofing.

Read Post

UpGuard

Read more about Lookalike Domain Attacks Explained

Defeating BLOCKADE SPIDER: How CrowdStrike Stops Cross-Domain Attacks

Nov 18, 2025 By Chris Prall In CrowdStrike

Cross-domain attacks exemplify adversaries’ drive for speed and stealth. In these attacks, threat actors navigate multiple domains such as endpoint, cloud, and identity systems to maximize their reach and impact. Their goal is to exploit the weaknesses in organizations’ fast-growing and complex environments.

Read Post

CrowdStrike

Read more about Defeating BLOCKADE SPIDER: How CrowdStrike Stops Cross-Domain Attacks

What is a Salami Attack in Cyber Security? How to Detect and Prevent this Attack?

Nov 18, 2025 By SafeAeon Inc. In SafeAeon

A cyberattack is a malicious and intentional attempt by an individual or organization to compromise the information system of another individual or organization. Attackers use different methods to gain unauthorized access to the victim’s system and steal sensitive data. One of the most innovative types of cyberattacks is known as a ‘Salami attack’. In this attack, criminals steal small amounts of data and funds from multiple accounts over time without being detected.

Read Post

SafeAeon

Read more about What is a Salami Attack in Cyber Security? How to Detect and Prevent this Attack?

Prove it or Lose It: Using Attack Path Validation

Nov 18, 2025 By SafeBreach In SafeBreach

See Attack Simulation, Automated Red Teaming, and Attack Path Validation in action—this video shows how real intrusions unfold and how to stop them.

View Video

SafeBreach

Read more about Prove it or Lose It: Using Attack Path Validation

Hacked Architecture, Not Code: What is a Business Logic Attack? #businesslogic #cybersecurity

Nov 18, 2025 By Wallarm In Wallarm

Why do hackers ignore your firewalls and clean code? Because they exploit your business logic and application architecture. A Business Logic Attack (BLA) is a sophisticated manipulation that uses your own system's design against you. Learn the key difference between code flaws and architectural exploits.

View Video

Wallarm

Read more about Hacked Architecture, Not Code: What is a Business Logic Attack? #businesslogic #cybersecurity

Invisible Instructions: Multimodal AI is Already Being Tricked

Nov 17, 2025 By A10 Networks In A10 Networks

Invisible Instructions: Multimodal AI is Already Being Tricked In this clip from "Securing AI Part 4: The Rising Threat of Hidden Attacks in Multimodal AI," Diptanshu Purwar and Madhav Aggarwal respond to Jamison Utter's example of a new, well-known form of multimodal attack: abusing AI resume screeners by exploiting both text and visual processing. The Resume Attack: White-on-White Text.

View Video

A10 Networks

Read more about Invisible Instructions: Multimodal AI is Already Being Tricked

Email Bombing Followed by Teams IT Impersonation Attacks Continue

Nov 17, 2025 By Joshua Green and Josh Trinh In BlueVoyant

BlueVoyant’s Threat Fusion Cell and SOC have been tracking a significant and persistent social engineering campaign that cleverly exploits trusted communication channels to gain initial access to target networks. Since at least mid-October 2025, BlueVoyant has observed a consistent playbook where threat actors employ inbox sabotage as a pretext for highly convincing IT support impersonation over Microsoft Teams.

Read Post

BlueVoyant

Read more about Email Bombing Followed by Teams IT Impersonation Attacks Continue

Protecting your financial institution from cyberattack: Identity security solutions to real-world problems

Nov 17, 2025 By Eric Hibar Jr. In One Identity

Today’s financial institutions face evolving threats on a global scale. Online attackers without expertise (known as ‘script kiddies’) have had access to as-a-service malware for quite some time. AI is being weaponized for social engineering attacks at unprecedented speeds. And along with the potential of monetary rewards, today’s thefts also involve taking something that’s often even more profitable: Data.

Read Post