Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

safeaeon

How the Social Engineering Toolkit Helps Red Teams

Dec 16, 2025 By SafeAeon Inc. In SafeAeon
The Social Engineering Toolkit, or SET, is a tool that security teams use to copy the tricks that attackers use. It helps them see how well a company reacts when a message or link does not look legitimate. It can also test how people respond when they land on a copied website. Most guides cover only basic SET features. This blog explains how experts use SET in real tests and how defenders notice SET activity before harm occurs.
Read Post

FAIK Everything: The Deepfake Training Playbook

Dec 16, 2025 By KnowBe4 | Human Risk Management In KnowBe4
Learn how to understand, combat, and even create synthetic media in this essential deepfake training session with Perry Carpenter, KnowBe4's Chief Human Risk Management Strategist. Deepfakes and synthetic media are no longer futuristic threats—they are here now, and organizations are already experiencing deepfake-related attacks. A May 2024 study showed that 25.9% of organizations have experienced deepfake-related attacks, with other indicators suggesting the number may be closer to 90%. It is high time to prepare people to deal with this evolving threat.
View Video
teleport

Secure AI Agent Infrastructure with Zero-Code MCP

Dec 16, 2025 By Boris Kurktchiev In Teleport
Learn how to secure AI and MCP infrastructure without writing authorization code, rewriting MCP servers, or limiting agent work with Teleport’s zero-code MCP integration. AI agents are becoming powerful participants in engineering workflows. But without meaningful authorization boundaries, they can quickly become an existential security risk. AI agents do not behave like traditional applications. Instead, they generate actions and chain together tools in unpredictable ways.
Read Post
Arctic Wolf

How To Reduce Risk This Holiday Season

Dec 16, 2025 By Adam Marrè In Arctic Wolf
The holiday season is traditionally a period of goodwill, gift giving, and time with loved ones, but if you are responsible for your enterprise’s cyber defenses it’s also a time when you should have a heightened awareness of cyber risk. Cybercriminals often treat this time of year as a prime opportunity to exploit the unprepared and unwary.
Read Post
Arctic Wolf

New Attack Technique "ConsentFix" Hijacks OAuth Consent Grants

Dec 16, 2025 By Andres Ramos In Arctic Wolf
On December 11, 2025, Push Security published research detailing a newly observed browser-based phishing technique called ConsentFix. The name ConsentFix is derived from its similarity to the previously documented ClickFix technique using fake CAPTCHA pages. ConsentFix, enables threat actors to gain cloud account access without capturing passwords, multifactor authentication (MFA) codes, or other credentials by abusing legitimate OAuth authentication and consent flows.
Read Post
knowbe4

Phishing Campaign Targets Executives With Phony Awards

Dec 16, 2025 By KnowBe4 Team In KnowBe4
A phishing campaign is targeting executives with phony offers for awards, according to researchers at Trustwave SpiderLabs. The attackers first dupe the victims into handing over their credentials, then use the ClickFix social engineering technique to trick them into installing malware. “The campaign uses a high-value executive recognition lure, ‘Cartier Recognition Program,’ to target executives,” the researchers write.
Read Post
Torq

Stop Feeding Logs to LLMs: A Multi-Agent Approach to Security Investigation

Dec 16, 2025 By Noam Cohen In Torq
See how Torq harnesses AI in your SOC to detect, prioritize, and respond to threats faster. Request a Demo Noam Cohen is a serial entrepreneur building seriously cool data and AI companies since 2018. Noam’s insights are informed by a unique combination of data, product, and AI expertise — with a background that includes winning the Israel Defense Prize for his work in leveraging data to predict terror attacks.
Read Post
vanta

How security leaders can safely and effectively implement agentic AI

Dec 16, 2025 By Vanta In Vanta
2025 began with experts warning about the dangers of agentic AI use—but that didn’t slow adoption. Our annual State of Trust Report shows that nearly 80% of organizations are either actively using or planning to use agentic AI. That acceleration is outpacing the governance required to keep these systems safe: ‍ ‍ A level of machine autonomy that would’ve been unthinkable just a few years ago is quickly becoming normalized.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.