Monday 9/29
The emerging use of malware invoking AI (Wiz)
AI has been used by threat actors for all sorts of use cases for the past few years where victims have received the output of AI (such as LLM generated phishing emails), but in this latest evolution we’re seeing the payload contains prompts to LLMs and executes the output in the victim environment.
https://www.wiz.io/blog/the-emerging-use-of-malware-invoking-ai
Persuasion engineering: how to influence humans, LLMs, and AI agents (CyberArk)
Since LLMs are wired with similar “psychological” vulnerabilities to humans, AI models are conduits for persuasion and targets of it themselves. And, just like the research shows, LLMs fold fast in the face of effective rhetoric.
https://www.cyberark.com/resources/blog/persuasion-engineering-how-to-influence-humans-llms-and-ai-agents
Tuesday 9/30
CIS Safeguard 6.7: Centralize Access Control
https://www.gothamtg.com/blog/cis-safeguard-67-centralize-access-control
From Noise to Insight: How AI Turns User-Reported Emails into a SOC Strength (Abnormal AI)
Traditional SOC processes make it nearly impossible to sift through submissions at scale, let alone use them to educate employees or detect campaigns proactively. As a result, the potential value of user reports is often lost in a sea of manual triage and delayed responses.
https://abnormal.ai/blog/ai-user-reported-emails-soc-strength
Wednesday 10/1
Future-Proof Your Business with SASE and Zero Trust (Cato Networks)
Digital transformation, cloud migration, hybrid work, and M&A are moving faster than most IT organizations can keep up with. While the business demands speed and agility, IT and security teams are often constrained by fragmented tools, legacy systems, and skill shortages.
https://www.catonetworks.com/blog/future-proof-your-business-with-sase-and-zero-trust/
How to Defend Against Credential Attacks with a Hybrid Mesh Architecture (Check Point)
Hybrid Mesh isn’t just an architectural concept — it actively stops credential abuse. By combining prevention, remediation, and rapid response, it disrupts every stage of the attack lifecycle.
https://blog.checkpoint.com/securing-the-network/how-to-defend-against-credential-attacks-with-a-hybrid-mesh-architecture/
Thursday 10/2
Navigating Enterprise AI Implementation: Risks, Rewards, and Where to Start (Snyk)
Whether you’re in the early planning stages or already experimenting, here are some of the most important considerations and high-impact starting points for AI implementation in your organization.
https://snyk.io/blog/navigating-enterprise-ai-implementation-risks-rewards-and-where-to-start/
The New Ransomware Reality: How Criminal Enterprises Are Weaponizing Your Recovery Strategy (Pure Storage)
While ransomware attacks are still in the spotlight, the story has fundamentally shifted. Traditional file encryption has evolved into a sophisticated ecosystem of criminal enterprises that treat backup systems, AI training data, and recovery infrastructure as primary targets.
https://blog.purestorage.com/perspectives/who-are-ransomware-attackers-and-what-are-they-after/
Friday 10/3
Collaboration and Data Security in Today’s Agentic Workspace (Proofpoint)
In the agentic workspace, people and agents face similar risks: from social and prompt engineering attacks to the intentional or accidental disclosure of sensitive information. This is because AI doesn’t just connect collaborators, it consumes, generates, and interacts with data at a speed and scale we have never faced before.
https://www.proofpoint.com/us/blog/corporate-news/collaboration-and-data-security-todays-agentic-workspace
When Your Help Desk Call Becomes a Catastrophe (Rubrik)
When attackers also compromise your backup infrastructure—which the Verizon 2024 Data Breach Investigations Report found in 94% of ransomware attacks that attempt it—every restore point becomes suspect. Which snapshot is clean? Which contains the attacker's backdoor?
https://www.rubrik.com/blog/technology/25/10/when-your-help-desk-call-becomes-a-catastrophe