Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Rapid Advancement of Malicious AI Is Changing Cyberdefense Forevermore

AI maturation is leading to more malicious hacking attacks. Like thousands of cybersecurity thought leaders, I’ve been speaking about AI being used maliciously since OpenAI released ChatGPT in November 2022. I’m far from alone. The entire cybersecurity industry has been warning about it nonstop. We’ve known that as AI progresses, attackers would use those same productivity features, thereby harming us.

Human Error is Still a Top Contributor to Cyberattacks

Human error remains the primary exploitation vector in mobile security incidents, according to Verizon’s latest Mobile Security Index (MSI). “At 44%, user behavior is the top cited breach contributor, just ahead of app threats, network threats, and internet threats, which were each cited by 43% of survey respondents,” the report says.

Report: AI Poisoning Attacks Are Easier Than Previously Thought

Attackers can more easily introduce malicious data into AI models than previously thought, according to a new study from Antropic. Poisoned AI models can produce malicious outputs, leading to follow-on attacks. For example, attackers can train an AI model to provide links to phishing sites or plant backdoors in AI-generated code.

UN Convention Against Cybercrime Is a Huge Win!

One of the biggest reasons why cybercrime is so bad — and is increasing each year —is that so much of it is committed by foreign nationals who are not physically located in the country they are attacking. This makes it far harder for law enforcement to identify, stop and arrest cybercriminals, as often the victim country’s legal jurisdictions, warrants and courts do not apply in the criminal’s country.

When a "Contact Us" Form Becomes "Contact a Cybercriminal"

Cybercriminals want their payday. Unfortunately for the targets of phishing (and the organizations they work for) that means they’re constantly refining their tactics to create more sophisticated attacks that are harder to detect – by both email security products and people. Impersonation attacks enable cybercriminals to leverage the trusted relationships and – often – authority of people and brands that the recipient knows and trusts.

The Human-AI Partnership: Securing the New Dual-Front of Business Risk

The integration of artificial intelligence into the modern workplace represents a paradigm shift in productivity and innovation. From desktops to mobile devices, AI agents are now deeply embedded in daily workflows, augmenting human intelligence and accelerating business processes at an unprecedented scale.

Insider Risk, Ethical Walls and the Future of Data Governance in Financial Services

In the complex ecosystem of financial services, some of the greatest threats come from within. While cybersecurity for financial institutions often focuses on external threat actors, the reality is that insider risks—whether intentional or accidental—pose an equally dangerous challenge to regulatory compliance and organizational integrity.

Report: Organizations Are Struggling to Keep Up With AI-Powered Attacks

76% of organizations are struggling to keep up with the sophistication of AI-powered attacks, according to CrowdStrike’s latest State of Ransomware Survey. “Most organizations (87%) consider AI-generated social engineering tactics more convincing than traditional methods,” the report says.

Is It Or Is It Not an HP Scam?

These days it can be hard to tell if something is or isn’t a scam. Take this email I recently received. It claims to be from HP. It included a PDF file attachment: It would be great if it actually told me the product it was referring to beyond some obscure serial number. I checked the serial number. It didn’t match my HP printer sitting next to my desk. All my laptops and older desktop computers are Dell. I didn’t like how it didn’t have my full name. Just Roger. No product name.