Technology

The Shift Left of Boom: Making Cyber Threat Prevention Practical Again

Nov 5, 2025 By John Dominguez, Senior Director of Product Marketing In Reach Security

The old saying "prevention is better than cure" has lost currency in today's cybersecurity industry. Instead, security teams are advised to assume that the business has been breached and focus on threat detection, investigation, response, and recovery. Yet, during cyber incident post-mortems, it is not uncommon to find that the business owned the tool that would have protected it against the breach. The problem arose because it wasn't correctly configured before the incident happened, and no one knew this - or if they did, they didn't have the time or resources to fix it.

Read Post

Reach Security

Read more about The Shift Left of Boom: Making Cyber Threat Prevention Practical Again

Survey: Holiday scammers are getting bolder with AI, and Americans are taking the bait

Nov 5, 2025 By Rachel Sudbeck In 1Password

1Password surveyed 2,000 American adults to learn how people are protecting themselves from phishing scams this holiday season (“phishing” refers to all those scammy emails, shady texts, and fake ads, where hackers try to trick people into clicking a link that lets them steal money or information). What we learned is that holiday scams are getting bolder and harder to spot, thanks to the help of AI. Here are some of the other most eye-opening findings.

Read Post

1Password

Read more about Survey: Holiday scammers are getting bolder with AI, and Americans are taking the bait

TruffleNet Weaponizes Stolen Credentials to Target AWS

Nov 5, 2025 By Gabriel Avner In Apono

New details are emerging about a wave of intrusions into Amazon Web Services environments. Attackers are reportedly weaponizing AWS IAM, using it to validate stolen credentials and turn identity controls into a springboard for in-cloud abuse. According to new research from Fortinent, attackers are leveraging the open source TruffleHog tool to automate testing of stolen AWS credentials in what they are calling the TruffleNet infrastructure.

Read Post

Apono

Read more about TruffleNet Weaponizes Stolen Credentials to Target AWS

How AI prevents catastrophic mistakes in complex systems #shorts #AI #securitymatters #cybersecurity

Nov 5, 2025 By CyberArk In CyberArk

How AI prevents catastrophic mistakes in complex systems.

View Video

CyberArk

Read more about How AI prevents catastrophic mistakes in complex systems #shorts #AI #securitymatters #cybersecurity

The AI buzzword trap in compliance tools | Heard in the founder chat ft. Inflo's Tom Skelton

Nov 5, 2025 By Vanta In Vanta

“AI-powered.” “AI-native.” “End-to-end AI.” At some point, it all sounds the same—but it’s not. In this “Heard in the Founder Group Chat” episode, Tom Skelton, Information Security and Technology Lead at Inflo, shares how to spot real AI that saves time (and risk)—and how to avoid platforms that just rebrand old features.

View Video

Vanta

Read more about The AI buzzword trap in compliance tools | Heard in the founder chat ft. Inflo's Tom Skelton

Welcome to Agentic Park: What chaos theory teaches us about AI security

Nov 5, 2025 By Kaitlin Harvey In CyberArk

The first time it happened, nobody noticed. An automation reconciled a ledger, logged its success, and shut itself down. The token that made it possible looked harmless. Tidy, legacy, supposedly scoped “just enough.” But a week later, refunds ghosted, dashboards blinked, and audit logs told three different versions of the truth. And that token? Not a token at all. More like a Fabergé raptor egg sitting in a server room. Not decoration. Incubation. Of chaos.

Read Post

CyberArk

Read more about Welcome to Agentic Park: What chaos theory teaches us about AI security

New Study Warns of AI-Driven Extortion Attacks

Nov 5, 2025 By KnowBe4 Team In KnowBe4

A study from Malwarebytes has found that one in three mobile users has been targeted by an extortion scam, and one in five of these users has fallen victim. Additionally, one in six users has been targeted by sextortion, with a higher number of these attacks (38%) affecting Gen Z users.

Read Post

KnowBe4

Read more about New Study Warns of AI-Driven Extortion Attacks

CrowdStrike Leads New Evolution of Security Automation with Charlotte Agentic SOAR

Nov 5, 2025 By Paola Miranda In CrowdStrike

AI has transformed both how attackers operate and how defenders must respond. Today’s adversaries use AI to shift tactics in real time, forcing defenders to react at unprecedented speed. Many SOCs struggle to keep pace due to the limits of legacy automation. Even the most mature playbooks can’t anticipate every scenario or data variation, because playbooks are predictable — but adversaries aren’t.

Read Post

CrowdStrike

Read more about CrowdStrike Leads New Evolution of Security Automation with Charlotte Agentic SOAR

Falcon for XIoT Innovations Improve Speed and Visibility in OT Networks

Nov 5, 2025 By Dana Larson In CrowdStrike

CrowdStrike Falcon for XIoT is gaining new innovations to protect operational technology (OT) and XIoT environments as they grow larger and more interconnected. The rapid expansion of industrial systems has led to blind spots across segmented networks, unmanaged devices, and legacy infrastructure. Most OT security tools, siloed by design, fail to see which assets are connected or how they communicate.

Read Post

CrowdStrike

Read more about Falcon for XIoT Innovations Improve Speed and Visibility in OT Networks

The Business of API Security: Unpacking the Q3 API ThreatStats Report

Nov 5, 2025 By Wallarm In Wallarm

Q3 provided us with another opportunity to dig into API vulnerabilities, exploits, and breaches. We'll dive into the details, picking out the trends that impact how you defend your APIs. This quarter's report includes a special focus on business logic abuse. Join the webinar to learn.

View Video