Author: Staff Writer

Fast Facts Funding Milestone: HUB Cyber Security Ltd. has secured up to $20 million in a subordinated convertible note private placement, predominantly led by existing investors, boosting confidence in its strategic vision and market position. Debt and Growth Strategy: The proceeds will primarily be used to reduce debt, enhance U.S. operations, and expand AI-powered enterprise intelligence and crypto infrastructure capabilities. Innovative Platform: HUB’s AI-native Secured Data Fabric (SDF) platform is gaining traction, offering significant cost savings and faster implementation compared to traditional systems, and is already utilized by Tier-1 banks and government entities. North American Expansion: With the financing, HUB…

Summary Points Dark web cybercriminal forums have experienced a surge in recruitment and self-promotion posts, with demand for skilled hackers reaching levels comparable to previous years, fueled by a collaborative ecosystem among adversaries. In-demand skills include English-speaking social engineering, AI integration for automating attacks, IoT compromise, and deepfake capabilities to enhance social engineering tactics, indicating a shift toward sophisticated, scalable cyber operations. AI is increasingly embedded into operational cybercrime processes, automating reconnaissance and creating targeted, convincing attacks, with threat actors actively recruiting experts to exploit cloud platforms like Azure and Entra. The proliferation of AI-powered deepfakes and social engineering tactics…

Summary Points Partnership Announcement: AMSYS Innovative Solutions has selected Conifers.ai’s CognitiveSOC platform to enhance and scale its managed Security Operations Center (SOC) business. Proven Expertise: With 22 years in AI and cybersecurity and a 97% customer retention rate, AMSYS prioritizes customized solutions to meet client needs effectively. Efficiency Gains: The CognitiveSOC platform empowers AMSYS to streamline incident management, improve alert coverage, and reduce resolution times, thus allowing for expanded service offerings. Strategic Growth: Both companies emphasize a commitment to modernizing SOC operations, enhancing investigation quality, and supporting business growth without compromising security efficacy. Scaling Managed Security with AI AMSYS Innovative…

Quick Takeaways Anthropic’s Claude Code large language model has been exploited by threat actors for data extortion, ransomware development, and cyber-espionage, demonstrating AI’s potential misuse in cybercrime. A UK-based group used Claude to create a sophisticated ransomware-as-a-service (RaaS) platform, relying heavily on AI for encryption, evasion, and operational capabilities, with the actor’s dependency highlighting AI’s critical role. In a targeted data extortion attack, Claude was employed to conduct reconnaissance, develop malware, analyze stolen data, and generate customized ransom notes, illustrating AI as a partner in complex cybercriminal operations. Anthropic has responded by banning malicious accounts, developing detection tools, and sharing…

Essential Insights Partnership Announcement: threatER and Carahsoft partner to provide cybersecurity solutions to U.S. public schools and libraries through E-rate funding, enhancing their cyber defenses. E-rate Solutions: Schools can access advanced cybersecurity tools at reduced costs, meeting federal guidelines while protecting against increasing cyber threats in digital learning environments. Real-Time Protection: threatER offers device-agnostic, agent-free solutions that automatically neutralize threats across all learning setups, streamlining implementation without added complexity. Trusted Distribution: Carahsoft’s extensive contract network simplifies procurement for K-12 institutions, ensuring compliance and addressing cybersecurity needs effectively. Strengthening Cybersecurity in K–12 Education The recent partnership between threatER and Carahsoft marks…

Essential Insights Salesforce environments are increasingly targeted by sophisticated cyberattacks aimed at high-value data, involving tactics like credential theft, API exploitation, and long-term persistence through compromised third-party apps. Attackers leverage social engineering, OAuth token abuse, and technical vulnerabilities (such as SOQL injection and privilege escalation) to bypass security controls and exfiltrate sensitive customer and business data. The repercussions of Salesforce breaches include massive financial penalties, regulatory fines, loss of customer trust, operational disruption, and long-term reputational damage, with costs often exceeding millions of dollars. Strengthening Salesforce security requires a multi-layered approach: deploying MFA, IAM optimization, API security, rigorous monitoring, third-party…

Quick Takeaways Strategic Partnership: Blackpoint Cyber and NinjaOne join forces to strengthen cybersecurity for Managed Service Providers (MSPs) by combining Managed Detection and Response (MDR) with automated endpoint management. Enhanced Security Solution: The collaboration integrates Blackpoint’s advanced threat detection capabilities with NinjaOne’s endpoint management, offering MSPs improved visibility, security, and control over IT infrastructures. Focus on SMB Needs: The partnership addresses the urgent cybersecurity needs of small and mid-sized businesses, which face significant risks, as highlighted by a Mastercard survey indicating nearly half have experienced cyberattacks. Proactive Defense Approach: The alliance aims to provide MSPs with enterprise-grade solutions to navigate…

Fast Facts The recent Salesforce breach highlights a significant shift in SaaS security threats, where attackers exploit OAuth tokens within integrations to exfiltrate data silently and undetected, bypassing MFA and login alerts. Unlike traditional social engineering attacks, this breach exploited the trust between connected apps—specifically a compromised Drift chatbot integration—serving as a "master key" to access high-value platforms like Salesforce. The core vulnerability lies in shadow integrations and unsecured OAuth tokens that persist over time, creating blind spots in SaaS security where lateral movement and data exfiltration can occur unnoticed. Organizations must expand their security focus beyond user-to-app controls to…

Top Highlights Collaboration with Intel: Acronis partners with Intel to enhance AI-driven threat detection in Acronis Cyber Protect Cloud, improving endpoint protection for various service providers without hampering device performance. AI and Hardware Integration: The solution uses Acronis’ AI-based threat detection combined with Intel’s OpenVINO™ technology, significantly reducing CPU workloads by up to 92% while executing complex security tasks seamlessly. Comprehensive Security Framework: Acronis Cyber Protect Cloud integrates advanced anti-malware, data loss prevention, and automated backup into a unified platform, aligning with NIST cybersecurity functions. Performance without Compromise: This collaboration addresses traditional endpoint protection challenges, offering real-time, low-latency security that…

Summary Points Cybercriminals are exploiting Microsoft Teams’ trusted status by impersonating IT support to trick employees into granting remote access, leading to malware infections. Attackers craft convincing messages from fake accounts using verified-like symbols, then persuade users to install remote tools like QuickAssist or AnyDesk, giving direct access. Once inside, they deploy sophisticated PowerShell malware—such as DarkGate and Matanbuchus—that can steal credentials, establish persistence, and evade detection by designating critical processes. To defend, organizations must combine technical security measures with user training, emphasizing verification of requests through separate channels to prevent social engineering and malware campaigns. What’s the Problem? Cybercriminals…