The agentic SOC—Rethinking SecOps for the next decade

Every major shift in cyberattacker behavior over the past decade has followed a meaningful shift in how defenders operate. When security operation centers SOCs deployed endpoint detection and response EDR—and later extended detection and response XDR—security teams raised the bar, pushing...

The agentic SOC—Rethinking SecOps for the next decade

Every major shift in cyberattacker behavior over the past decade has followed a meaningful shift in how defenders operate. When security operation centers SOCs deployed endpoint detection and response EDR—and later extended detection and response XDR—security teams raised the bar, pushing...

SDN-SYN PoW: Intent-Aware Adaptive SDN Defense with PoW against Multi-Domain SYN Floods

The stability of Internet services is persistently challenged by the escalating scale of volumetric TCP SYN floods, as conventional defenses like SYN Cookies fail by exacerbating bandwidth depletion under modern attacks. This paper introduces SDN-SYN PoW, a novel defense architecture that...

Winning Against AI-Based Attacks Requires a Combined Defensive Approach

If there's a constant in cybersecurity, it's that adversaries are always innovating. The rise of offensive AI is transforming attack strategies and making them harder to detect. Google's Threat Intelligence Group, recently reported on adversaries using Large Language Models LLMs to both conceal...

Detecting Ambiguity Aversion in Cyberattack Behavior to Inform Cognitive Defense Strategies

Adversaries hackers attempting to infiltrate networks frequently face uncertainty in their operational environments. This research explores the ability to model and detect when they exhibit ambiguity aversion, a cognitive bias reflecting a preference for known versus unknown probabilities. We...

Trustworthy GenAI over 6G: Integrated Applications and Security Frameworks

The integration of generative artificial intelligence GenAI into 6G networks promises substantial performance gains while simultaneously exposing novel security vulnerabilities rooted in multimodal data processing and autonomous reasoning. This article presents a unified perspective on cross-doma...

Attackers Strike Back? Not Anymore -- an Ensemble of RL Defenders Awakens for APT Detection

Advanced Persistent Threats APTs represent a growing menace to modern digital infrastructure. Unlike traditional cyberattacks, APTs are stealthy, adaptive, and long-lasting, often bypassing signature-based detection systems. This paper introduces a novel framework for APT detection that unites de...

A Real-Time, Self-Tuning Moderator Framework for Adversarial Prompt Detection

Ensuring LLM alignment is critical to information security as AI models become increasingly widespread and integrated in society. Unfortunately, many defenses against adversarial attacks and jailbreaking on LLMs cannot adapt quickly to new attacks, degrade model responses to benign prompts, or...

Secure MmWave Beamforming with Proactive-ISAC Defense against Beam-Stealing Attacks

Millimeter-wave mmWave communication systems face increasing susceptibility to advanced beam-stealing attacks, posing a significant physical layer security threat. This paper introduces a novel framework employing an advanced Deep Reinforcement Learning DRL agent for proactive and adaptive defens...

SAFER-D: a Self-Adaptive Security Framework for Distributed Computing Architectures

The rise of the Internet of Things and Cyber-Physical Systems has introduced new challenges on ensuring secure and robust communication. The growing number of connected devices increases network complexity, leading to higher latency and traffic. Distributed computing architectures DCAs have gaine...

Predictive-CSM: Lightweight Fragment Security for 6LoWPAN IoT Networks

Fragmentation is a routine part of communication in 6LoWPAN-based IoT networks, designed to accommodate small frame sizes on constrained wireless links. However, this process introduces a critical vulnerability fragments are typically stored and processed before their legitimacy is confirmed,...

The vulnerability of the pskmad_64.sys driver used by Watchguard Endpoint Protection, Detection and Response (EPDR), Panda Adaptive Defense 360 (Panda AD360), and Panda Dome allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of the pskmad64.sys driver of the Watchguard Endpoint Protection, Detection, and Response EPDR, Panda Adaptive Defense 360 Panda AD360, and Panda Dome security solutions is related to an operation that occurs outside of the buffer in memory. Exploiting this vulnerability can all...

The vulnerability of the pskmad_64.sys driver used by Watchguard Endpoint Protection, Detection and Response (EPDR), Panda Adaptive Defense 360 (Panda AD360), and Panda Dome allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of the pskmad64.sys driver of the Watchguard Endpoint Protection, Detection, and Response EPDR, Panda Adaptive Defense 360 Panda AD360, and Panda Dome security solutions is related to an operation that occurs outside of the buffer in memory. Exploiting this vulnerability can all...

The vulnerability of the pskmad_64.sys driver used by Watchguard Endpoint Protection, Detection and Response (EPDR), Panda Adaptive Defense 360 (Panda AD360), and Panda Dome allows a malicious actor to gain unauthorized access to confidential information.

The vulnerability of the pskmad64.sys driver used by Watchguard Endpoint Protection, Detection and Response EPDR, Panda Adaptive Defense 360 Panda AD360, and Panda Dome involves the disclosure of information. Exploiting this vulnerability can allow an attacker to gain unauthorized access to...

PT-2024-1473 · Panda +1 · Panda Dome +2

Name of the Vulnerable Software and Affected Versions: Watchguard Endpoint Protection, Detection and Response EPDR affected versions not specified Panda Adaptive Defense 360 Panda AD360 affected versions not specified Panda Dome affected versions not specified Description: The issue is related to...

The vulnerability of the Protection Agent component in Watchguard Endpoint Protection’s Detection and Response (EPDR) and Panda Adaptive Defense 360 (Panda AD360) allows attackers to enhance their privileges.

The vulnerability of the Protection Agent component in Watchguard Endpoint Protection, Detection and Response EPDR, and Panda Adaptive Defense 360 Panda AD360 is related to access control deficiencies. Exploiting this vulnerability can allow attackers to enhance their privileges by sending...

PT-2023-5754 · Watchguard +1 · Watchguard Epdr +1

Name of the Vulnerable Software and Affected Versions: WatchGuard EPDR version 8.0.21.0002 Description: The issue is related to insufficient access control in the Protection Agent component of WatchGuard Endpoint Protection, Detection and Response EPDR and Panda Adaptive Defense 360 Panda AD360...

Utilizing the Adaptive Defense Model Against Information Stealers

Trellix Global Defenders: Utilizing the Adaptive Defense Model Against Information Stealers By Taylor Mullins · May 23, 2022 Trellix is continuing to observe the continued growth in usage and general availability of Information Stealers that have the functionality to collect passwords, cookies,...

Utilizing the Adaptive Defense Model Against Information Stealers

Trellix Global Defenders: Utilizing the Adaptive Defense Model Against Information Stealers By Taylor Mullins · May 23, 2022 Trellix is continuing to observe the continued growth in usage and general availability of Information Stealers that have the functionality to collect passwords, cookies,...

AI-driven adaptive protection against human-operated ransomware

In human-operated ransomware attacks, threat actors use predictable methods to enter a device but eventually rely on hands-on-keyboard activities to move inside a network. To fortify our existing cloud-delivered automated protection against complex attacks like human-operated ransomware, we...