Lucene search
K

25 matches found

The Hacker News
The Hacker News
added 2026/04/27 11:58 a.m.7 views

Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Side

Anthropic’s Claude Mythos Preview has dominated security discussions since its April 7 announcement. Early reporting describes a powerful cybersecurity-focused AI system capable of identifying vulnerabilities at scale and raising serious questions about how quickly organizations can validate,...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/15 11:30 a.m.7 views

Deterministic + Agentic AI: The Architecture Exposure Validation Requires

Few technologies have moved from experimentation to boardroom mandate as quickly as AI. Across industries, leadership teams have embraced its broader potential, and boards, investors, and executives are already pushing organizations to adopt it across operational and security functions. Pentera’s...

6AI score
Exploits0
Wiz blog
Wiz blog
added 2026/04/10 3:25 p.m.16 views

Claude Mythos: Preparing for a World Where AI Finds and Exploits Vulnerabilities Faster Than Ever

Anthropic's new model can autonomously discover zero-days and develop working exploits. While access is currently limited to responsible actors, now is the time to strengthen response playbooks, reduce exposure, and incorporate AI into security programs...

5.8AI score
Exploits0
MSRC
MSRC
added 2026/02/06 12:0 a.m.10 views

From points to payouts: The evolution of the Microsoft security researcher leaderboard

The global security research community plays a critical role in helping Microsoft protect customers. Through their deep technical expertise, coordinated disclosure, and collaboration, researchers help identify and remediate vulnerabilities, and shape how our security programs evolve. Many of the...

5.4AI score
Exploits0
HackRead
HackRead
added 2025/11/19 8:20 a.m.4 views

CredShields Joins Forces with Checkmarx to Bring Smart Contract Security to Enterprise AppSec Programs

Singapore, Singapore, 19th November 2025, CyberNewsWire...

7AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2025/03/06 7:22 p.m.16 views

Pentagon Cuts Threaten Programs That Secure Loose Nukes and Weapons of Mass Destruction

Documents obtained by WIRED show the US Department of Defense is considering cutting up to 75 percent of workers who stop the spread of chemical, biological, and nuclear weapons...

7.3AI score
Exploits0
Trellix
Trellix
added 2024/11/07 12:0 a.m.10 views

New Stealer Uses Invalid Cert To Compromise Systems

New Stealer Uses Invalid Cert To Compromise Systems By Mohinder Gill, Mallikarjun Wali and Sangram Mohapatro · November 07, 2024 A new Stealer has been making the rounds. Its name: Fickle. Fickle Stealer is a new Rust-based information stealer that spreads through various attack vectors, includin...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/15 2:17 p.m.60 views

New KV-Botnet Targeting Cisco, DrayTek, and Fortinet Devices for Stealthy Attacks

A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert data transfer network for advanced persistent threat actors, including the China-linked threat actor called Volt Typhoon. Dubbed KV-botnet by the Black Lotus Labs team at Lumen...

9.8CVSS9.5AI score0.85689EPSS
Exploits10
ThreatPost
ThreatPost
added 2022/07/11 8:26 p.m.38 views

Rethinking Vulnerability Management in a Heightened Threat Landscape

Mariano Nunez, CEO, Onapsis Repeated warnings from CISA and the Biden Administration on the Russian cyber threat over the last several months have heightened the state of alertness for U.S. agencies and businesses across industries, which are expecting ‘tit-for-tat’ cyberattacks from Russia in...

7.3AI score
Exploits0References5
Malwarebytes
Malwarebytes
added 2022/07/01 6:21 p.m.21 views

AstraLocker 2.0 ransomware isn’t going to give you your files back

Reversing Labs reports that the latest verison of AstraLocker ransomware is engaged in a a so-called "smash and grab" ransomware operation. Smash and grab is all about maxing out profit in the fastest time. It works on the assumption by malware authors that security software or victims will find...

0.1AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2021/02/09 1:10 a.m.12 views

AppSec Bites: Top 3 Things to Consider When Maturing Your AppSec Programs (Part 2)

Maturing security programs along with the growth of development programs are essential to ensuring a safe and efficient development lifecycle. The need to be on top of development while scaling programs is imperative to managing both risk and business opportunities. However, it is during times of...

0.6AI score
Exploits0
Imperva Blog
Imperva Blog
added 2020/12/10 5:10 p.m.26 views

Shifting from Network Security to Data Security

The world-wide events of 2020 have meant that organisations have had to simply react and adapt. More data is being moved to the cloud, applications are built in cloud environments, and more and more databases are being used to support the shift in the way we work. 59% of enterprises believe their...

Exploits0
Richard Bejtlich's blog
Richard Bejtlich's blog
added 2020/10/31 8:11 p.m.39 views

Security and the One Percent: A Thought Exercise in Estimation and Consequences

There's a good chance that if you're reading this post, you're the member of an exclusive club. I call it the security one percent, or the security 1% or securityonepercent on Twitter. This is shorthand for the assortment of people and organizations who have the personnel, processes, technology,...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/10/28 5:23 p.m.36 views

How the Pandemic is Reshaping the Bug Bounty Landscape

The pandemic has overhauled the bug-bounty landscape, both for companies looking to adopt such programs and the bounty hunters themselves. Casey Ellis, founder and CTO of Bugcrowd, said that COVID-19’s far-reaching implications — including increasing the acceptance of remote work, pushing more...

6.7AI score
Exploits0References11
Trend Micro Simply Security
Trend Micro Simply Security
added 2019/09/20 2:40 p.m.35 views

Why Should CISOs Care About XDR?

We have been collectively saying in our industry for the last 15-20 years that a layered approach to your security stack is a “best practice,” but as with all best practices, these are ideals rather than reality for so many charged with protecting their organizations. The vast majority of CISOs a...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2019/07/11 12:0 p.m.134 views

Implementing Bug Bounty Programs: The Right and Wrong Approaches

While bug-bounty programs may seem like a cure-all solution for companies looking discover vulnerabilities in their systems more efficiently, the fact remains that a program could overwhelm a firm’s internal security team and cause other major headaches if implemented the wrong way. “You have to...

7.4AI score
Exploits0References4
Carbon Black Blog
Carbon Black Blog
added 2017/09/25 3:45 p.m.80 views

Partner Perspectives: Operationalizing Data With the Carbon Black and Splunk Integration (Part 1)

Editor's Note: this blog originally appeared on RedCanary.com Over the last 5 years I have grown very close to Splunk. The product has evolved so much over the years, but the core architecture has always been easy to deploy and understand. Splunk is known for the speed at which it can search for...

7.5AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/07/31 2:47 p.m.61 views

The CIO Will Report to the CISO: The Why

Note: This article originally appeared on LinkedIn Pulse. If you disagree with me, please visit the LinkedIn post to join the comments we've gotten so far. As a community we need the open discussion to advance our collective thinking. If you agree, please like, comment and/or share the post. It’s...

7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/07/21 1:30 p.m.80 views

The CIO Will Report to the CISO

Note: This article originally appeared on LinkedIn Pulse. If you disagree with me, please visit the LinkedIn post to join the 70+ comments we've gotten so far. As a community we need the open discussion to advance our collective thinking. If you agree, please like, comment and/or share the post...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2017/03/03 12:49 p.m.11 views

HackerOne Offers Open Source Projects Free Access to Platform

HackerOne announced on Thursday the availability of a free version of its bug bounty platform called HackerOne Community Edition that will give open source projects tools for managing vulnerability submissions and creating bounty programs to improve software security. Eligible open source project...

0.3AI score
Exploits0References3
Rows per page
Query Builder