Aggregator

For the latest discoveries in cyber research for the week of 14th April, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The United States Office of the Comptroller of the Currency (OCC), an independent bureau of the Department of the Treasury, has suffered a significant security breach. Threat actors have gained access to […]

The post 14th April – Threat Intelligence Report appeared first on Check Point Research.

Kidney dialysis firm DaVita disclosed Monday it suffered a weekend ransomware attack that encrypted parts of its network and impacted some of its operations. [...]

Threat actors deploy malicious NPM packages to steal PayPal credentials and hijack cryptocurrency transfers. Fortinet researchers discovered multiple malicious NPM packages that are used to target PayPal users. The packages were uploaded to the repository in early March by a threat actor known as tommyboy_h1 and tommyboy_h2, and were used to steal PayPal credentials and hijack cryptocurrency transfers. “Using PayPal-related […]

前阵子遇到一个司机，车开起来没几分钟，他就问我中关村这片的公司现在经营情况怎么样，裁员没有。

前阵子遇到一个司机，车开起来没几分钟，他就问我中关村这片的公司现在经营情况怎么样，裁员没有。

A vulnerability was found in GNOME libsoup. It has been rated as problematic. This issue affects the function soup_message_headers_get_content_disposition. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2025-32913. The attack may be initiated remotely. There is no exploit available.

Security shouldn't wait until the end of development. Wazuh brings real-time threat detection, compliance, and vulnerability scanning into your DevOps pipeline—powering a stronger DevSecOps strategy from day one. Learn more about how Wazuh can help secure your development cycle. [...]

Some of the brightest minds in the industry will discuss how to strengthen cloud security.

We’ve closed out Developer Week 2025. Here’s a quick recap of the announcements and in-depth technical explorations that went out during the week.

Боты исчезают один за другим.

The beating heart of the healthcare sector is under increased threats, and no amount of antibiotics can protect the proverbial patient. In this case, we’re referring to the vital networks healthcare systems and providers rely on to share data and treat patients. Today, the entire industry faces an unprecedented array...

Through the SYS Initiative, Prodaft is offering a secure, anonymous channel for individuals to share information about ongoing cybercrime activities

As businesses worldwide embrace digital transformation, the European Union’s General Data Protection Regulation (GDPR), enacted in 2018, remains a cornerstone of data privacy and security. A recent safety report highlighting the rapid advancement of artificial intelligence (AI) has renewed focus on GDPR compliance, particularly Article 7, which governs consent requirements for handling personal data, including […]

The post EU’s GDPR Article 7 Poses New Challenges for Businesses To Secure AI-Generated Image Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The National Social Security Fund (CNSS) of Morocco has confirmed that initial checks on leaked documents circulating on social media have revealed that much of the information is false, inaccurate, or incomplete. Officials state these documents originated from a cyber attack targeting the organization’s computer systems. The CNSS has activated security protocols, launched an internal […]

The post Morocco Investigation Major Data Breach Allegedly Claimed by Algerian Hackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft says some users might see 0x80070643 installation failures when trying to deploy the April 2025 Windows Recovery Environment (WinRE) updates. [...]

Cybersecurity researchers are calling attention to a new type of credential phishing scheme that ensures that the stolen information is associated with valid online accounts. The technique has been codenamed precision-validating phishing by Cofense, which it said employs real-time email validation so that only a select set of high-value targets are served the fake login screens. "This tactic not

Cybersecurity researchers at Cisco Talos have uncovered a large-scale smishing campaign targeting toll road users across the United States. The campaign, which has been active since October 2024, impersonates toll road payment services, luring unsuspecting victims into revealing their personal and financial information through fraudulent payment requests. The Scam Unveiled The smishing campaign revolves around […]

The post Smishing Campaign Hits Toll Road Users with $5 Payment Scam appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, we feature the first Exposure Management Academy FAQ. We’ll run these FAQs from time to time to share some of the most common questions we receive about exposure management. You can read the entire Exposure Management Academy series here.

By Team Tenable

Here at the Exposure Management Academy, we get questions all the time. So we’re inaugurating an occasional FAQ series this week with an up-close look at exposure management itself, the role of AI in exposure management and how cyber exposure management and cloud security work together. In future FAQs, we’ll cover a range of topics. Stay tuned. 

What is exposure management?

It’s the essential question that always comes first: Just what is exposure management? In our first Exposure Management Academy post we covered what exposure management is and why it matters in depth. 

But for this FAQ, we’ll keep it short. Exposure management gives teams visibility and context across the modern attack surface so they can separate the actual exposures that can have a material impact on the business from all the noise. This means that your team can minimize churn and help prevent breaches by closing the exposures (or toxic risk combinations) attackers exploit before attacks get underway.

As the natural evolution of vulnerability management, exposure management extends visibility to include all preventable risks across the attack surface: Common Vulnerabilities and Exposures, misconfigurations, excessive permissions and all asset types — multi-cloud, IT, OT, IoT, identities, applications, containers, as well as unseen and unmanaged assets. 

Unlike traditional security prioritization approaches, exposure management requires a mindset shift. Not all risk is created equal and not every risk needs to be addressed instantly. Instead, exposure management combines threat intelligence, such as accessibility and exploitability of risks, with technical and business context, including attack paths leading to crown jewels, to prioritize remediation of toxic risk that is most likely to have an impact on your organization.

How does exposure management use AI?

At the heart of exposure management is the need to unify visibility, insight and action across traditionally siloed tools, processes and staff. Solving this challenge requires more than just aggregation of data in a central repository. 

Artificial intelligence plays a critical role in exposure management by deduplicating, correlating and normalizing asset and risk data across typically siloed tools and technologies. It maps the complex data relationships needed to identify and visualize toxic risk combinations and attack paths, which prioritizes business-impacting exposures. Plus, it enriches decision making with additional context, such as threat intelligence and MITRE techniques, to provide the remediation guidance needed to quickly and effectively mobilize teams.

Exposure management platforms typically put an array of AI flavors to work, including generative artificial intelligence, deep learning, AI and machine learning to fuel its capabilities. They help improve end-user productivity and enable preventive security in three ways:

• Help explain: AI can provide succinct guidance so you can better understand product findings.
• Conduct a search: AI can simplify searching across your asset inventory, which provides complete visibility.
• Take action: AI can proactively give you insights for actions that will have the most impact on your exposures.

Exposure management platforms also offer a wide range of assessment methods that surface AI software packages, libraries and browser plugins. This capability helps you to see unauthorized AI usage, detect AI vulnerabilities and gain clarity on AI development occurring within your organization.

For Tenable, AI is integral to the functionality of the Tenable One Exposure Management Platform. Below are some examples of how we put AI to work in the product to solve other complex challenges, such as:

• Identifying vulnerabilities that attackers are likely to exploit in the short term: Machine learning-based algorithms power our Vulnerability Priority Rating (VPR). By analyzing each vulnerability regularly to determine how likely it is that an exploit could be used against it, VPR provides a score you can use to prioritize your remediation efforts.
• Predicting the operating system (OS) of an unauthenticated asset: Machine learning-based algorithms enable Tenable to use host response to TCP packet data to predict the OS of an unauthenticated asset. This increases vulnerability assessment and inventory accuracy.
• Improving the efficiency and effectiveness of common processes: Generative AI-based research tools improve the efficiency and effectiveness of processes like reverse engineering, code debugging, web app security and visibility into cloud-based tools.
• Achieving a unified view of privileges: AI-based methods deliver a holistic view of all user identities and entitlement risks, including on-premises and cloud environments.

Is exposure management cloud-based?

Yes, you should expect an exposure management solution to be cloud-based for some very strategic reasons. 

First, exposure management requires continuous assessment of the threat landscape and dynamically changing environments, such as containers and Kubernetes. That calls for a highly scalable data platform with the storage and compute power necessary to process trillions of unique asset, identity, risk and threat data points.

Exposure management platforms often collect data through API integrations with existing point security tools that are usually cloud-based, including cloud security posture management, external attack surface management, vulnerability management, identity and access management, endpoint detection and response/extended detection and response, configuration management database and cloud infrastructure and entitlement management. These integrations are far easier, faster and more robust when the platform itself is cloud-native and API-first.

In addition, exposure management requires advanced relationship mapping and analysis, such as attack path modeling, machine learning for prioritization and AI-generated remediation guidance. These compute-heavy tasks are best handled in cloud environments built for data science and real-time inference.

Organizations can deploy a SaaS-based exposure management platform in days rather than months and quickly deliver continuous improvements. It also enables continuous delivery of new capabilities, such as new risk models, threat intelligence and exposure logic.

Have a question about exposure management you’d like us to tackle?

We’re all ears. Share your question and maybe we’ll feature it in a future post.

 MktoForms2.loadForm("//info.tenable.com", "934-XQB-568", 14070);