Nudge Security announced an expansion of its platform to address the need for organizations to mitigate AI data security risks while supporting workforce AI use. New capabilities include: AI conversation monitoring: Detect sensitive data shared via file uploads and conversations with AI chatbots including ChatGPT, Gemini, Microsoft Copilot, and Perplexity Policy enforcement via the browser: Delivery of guardrails to employees as they interact with AI tools to educate and enforce the organization’s acceptable use policy … More →
The post Nudge Security expands platform with new AI governance capabilities appeared first on Help Net Security.
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
CISA, in partnership with Federal Bureau of Investigation, the National Security Agency, Department of Energy, Environmental Protection Agency, the Department of Defense Cyber Crime Center, and other international partners published a joint cybersecurity advisory, Pro-Russia Hacktivists Create Opportunistic Attacks Against US and Global Critical Infrastructure.
This advisory, published as an addition to the joint fact sheet on Primary Mitigations to Reduce Cyber Threats to Operational Technology (OT) released in May 2025, details that pro-Russia hacktivist groups are conducting less sophisticated, lower-impact attacks against critical infrastructure entities, compared to advanced persistent threat groups. These attacks use minimally secured, internet-facing virtual network computing (VNC) connections to infiltrate or gain access to OT control devices within critical infrastructure systems.
The groups involved, including Cyber Army of Russia Reborn, Z-Pentest, NoName057(16), and Sector16, are taking advantage of the widespread prevalence of accessible VNC devices to execute attacks, resulting in varying degrees of impact, including physical damage.
These groups often seek notoriety by making false or exaggerated claims about their attacks. Their methods are opportunistic, leveraging superficial criteria such as victim availability and existing vulnerabilities. They attack a wide range of targets, from water treatment facilities to oil well systems, using similar tactics, techniques, and procedures.
Top Recommended Actions:
OT owners and operators and critical infrastructure entities should take the following steps to reduce the risk of attacks through VNC connections:
For more information on Russian state-sponsored threat actor activity, visit CISA’s Russia Cyber Threat Overview and Advisories page.
CISA released three Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review newly released ICS Advisories for technical details and mitigations.
Black Kite released its new Product Analysis module, which allows security teams to evaluate the risks of third-party software products at a granular level. As the first TPRM platform to offer this capability, Black Kite provides a more detailed view of exposure and supports better decision-making around specific products and vendor outreach. The new module delivers intelligence on software supply chain risk through deep downloadable software analysis (CPE), SaaS subdomain analysis, and SBOM analysis. “Organizations … More →
The post New Black Kite module offers product-level insight into software supply chain vulnerabilities appeared first on Help Net Security.
watchTowr announced major capability enhancements, including the launch of Active Defense, a new capability that closes the gap between discovery and protection. Active Defense delivers automated, intelligence-driven protection the moment a validated exposure is identified, providing defenders with near-instant coverage when patches or vendor guidance are unavailable. These updates advance watchTowr’s mission to stay ahead of the threat curve by reacting to emerging threats and vulnerabilities, reproducing them with precision, and empowering customers to protect … More →
The post watchTowr Active Defense delivers automated protection from exposure to defense appeared first on Help Net Security.