Technology

TruffleNet Weaponizes Stolen Credentials to Target AWS

Nov 5, 2025 By Gabriel Avner In Apono

New details are emerging about a wave of intrusions into Amazon Web Services environments. Attackers are reportedly weaponizing AWS IAM, using it to validate stolen credentials and turn identity controls into a springboard for in-cloud abuse. According to new research from Fortinent, attackers are leveraging the open source TruffleHog tool to automate testing of stolen AWS credentials in what they are calling the TruffleNet infrastructure.

Read Post

Apono

Read more about TruffleNet Weaponizes Stolen Credentials to Target AWS

How AI prevents catastrophic mistakes in complex systems #shorts #AI #securitymatters #cybersecurity

Nov 5, 2025 By CyberArk In CyberArk

How AI prevents catastrophic mistakes in complex systems.

View Video

CyberArk

Read more about How AI prevents catastrophic mistakes in complex systems #shorts #AI #securitymatters #cybersecurity

The AI buzzword trap in compliance tools | Heard in the founder chat ft. Inflo's Tom Skelton

Nov 5, 2025 By Vanta In Vanta

“AI-powered.” “AI-native.” “End-to-end AI.” At some point, it all sounds the same—but it’s not. In this “Heard in the Founder Group Chat” episode, Tom Skelton, Information Security and Technology Lead at Inflo, shares how to spot real AI that saves time (and risk)—and how to avoid platforms that just rebrand old features.

View Video

Vanta

Read more about The AI buzzword trap in compliance tools | Heard in the founder chat ft. Inflo's Tom Skelton

Welcome to Agentic Park: What chaos theory teaches us about AI security

Nov 5, 2025 By Kaitlin Harvey In CyberArk

The first time it happened, nobody noticed. An automation reconciled a ledger, logged its success, and shut itself down. The token that made it possible looked harmless. Tidy, legacy, supposedly scoped “just enough.” But a week later, refunds ghosted, dashboards blinked, and audit logs told three different versions of the truth. And that token? Not a token at all. More like a Fabergé raptor egg sitting in a server room. Not decoration. Incubation. Of chaos.

Read Post

CyberArk

Read more about Welcome to Agentic Park: What chaos theory teaches us about AI security

New Study Warns of AI-Driven Extortion Attacks

Nov 5, 2025 By KnowBe4 Team In KnowBe4

A study from Malwarebytes has found that one in three mobile users has been targeted by an extortion scam, and one in five of these users has fallen victim. Additionally, one in six users has been targeted by sextortion, with a higher number of these attacks (38%) affecting Gen Z users.

Read Post

KnowBe4

Read more about New Study Warns of AI-Driven Extortion Attacks

CrowdStrike Leads New Evolution of Security Automation with Charlotte Agentic SOAR

Nov 5, 2025 By Paola Miranda In CrowdStrike

AI has transformed both how attackers operate and how defenders must respond. Today’s adversaries use AI to shift tactics in real time, forcing defenders to react at unprecedented speed. Many SOCs struggle to keep pace due to the limits of legacy automation. Even the most mature playbooks can’t anticipate every scenario or data variation, because playbooks are predictable — but adversaries aren’t.

Read Post

CrowdStrike

Read more about CrowdStrike Leads New Evolution of Security Automation with Charlotte Agentic SOAR

Falcon for XIoT Innovations Improve Speed and Visibility in OT Networks

Nov 5, 2025 By Dana Larson In CrowdStrike

CrowdStrike Falcon for XIoT is gaining new innovations to protect operational technology (OT) and XIoT environments as they grow larger and more interconnected. The rapid expansion of industrial systems has led to blind spots across segmented networks, unmanaged devices, and legacy infrastructure. Most OT security tools, siloed by design, fail to see which assets are connected or how they communicate.

Read Post

CrowdStrike

Read more about Falcon for XIoT Innovations Improve Speed and Visibility in OT Networks

The Business of API Security: Unpacking the Q3 API ThreatStats Report

Nov 5, 2025 By Wallarm In Wallarm

Q3 provided us with another opportunity to dig into API vulnerabilities, exploits, and breaches. We'll dive into the details, picking out the trends that impact how you defend your APIs. This quarter's report includes a special focus on business logic abuse. Join the webinar to learn.

View Video

Wallarm

API
Security

Read more about The Business of API Security: Unpacking the Q3 API ThreatStats Report

Securing the AI Browser Revolution: How Cato Helps Mitigate Risks in OpenAI Atlas

Nov 5, 2025 By Dr. Guy Waizel In Cato Networks

The launch of OpenAI Atlas, an AI-powered browser that merges ChatGPT’s intelligence with a full web experience, marks a major leap in how people interact with the internet. Instead of typing queries or clicking through pages, users can now ask, act, and automate, delegating browsing tasks to AI agents capable of retrieving data, filling in forms, or performing actions on their behalf. For businesses, Atlas represents both opportunity and risk.

Read Post

Cato Networks

Read more about Securing the AI Browser Revolution: How Cato Helps Mitigate Risks in OpenAI Atlas

No Time to Drift: How AI Is Changing the Way Security Teams Manage Configuration Drift

Nov 4, 2025 By Reach Security In Reach Security

In this episode of No Time to Drift, Reach CEO Garrett Hamilton sits down with Sebastian Goodwin (Chief Trust Officer at Autodesk), John Rasmussen (Senior Analyst at TAG Infosphere, former CISO at Syneos Health), and Ed Amoroso (CEO, TAG Infosphere) to unpack one of security’s most persistent challenges — configuration drift. They explore why drift happens quietly, how it compounds into real risk, and how AI-driven automation is helping teams detect, manage, and prevent drift faster — without losing human oversight or control.

View Video