Technology

Threat Actors Are Using AI-Generated Audio to Impersonate U.S. Officials

May 27, 2025 By KnowBe4 Threat Lab In KnowBe4

The FBI is warning that threat actors are impersonating senior US officials in phishing attacks designed to compromise users’ accounts. Notably, the attackers are using AI-generated audio to convincingly spoof the voices of real people.

Read Post

KnowBe4

Read more about Threat Actors Are Using AI-Generated Audio to Impersonate U.S. Officials

Now Available: AI-Powered Data Loss Prevention for Microsoft Exchange Online

May 27, 2025 By Anant Mahajan In Nightfall

Organizations investing in Microsoft 365 E5 licensing expect enterprise-grade email protection. Yet despite premium security features, customer feedback reveals persistent challenges with Microsoft Purview DLP across Exchange Online environments. Microsoft deployment specialists report seeing clients deploy Purview on their own, discover a wealth of false positives, and turn off the policies or set them to audit mode. Policies never become useful.

Read Post

Nightfall

Read more about Now Available: AI-Powered Data Loss Prevention for Microsoft Exchange Online

TLS Certificate Validity Cut from 398 to 47 Days: Why Automation Is Now Essential for IoT Security. The alternative is the cost of human error.

May 27, 2025 By Louise José In Device Authority

In a significant shift for digital identity management, the maximum lifespan of public TLS certificates is set to be reduced to just 47 days, following a new policy from Apple’s Root Program. With Google expected to follow suit, the clock is ticking faster than ever on certificate validity and that has profound implications for businesses relying on manual processes.

Read Post

Device Authority

Read more about TLS Certificate Validity Cut from 398 to 47 Days: Why Automation Is Now Essential for IoT Security. The alternative is the cost of human error.

CRUD API vs REST API - Beyond the Basics to Strategic Security Implications

May 27, 2025 By AppSentinels In AppSentinels

The conversation around API design often defaults to technical preferences—developers choosing CRUD APIs for simplicity or REST APIs for structure. However, for enterprise leaders responsible for risk, compliance, and digital resilience, the implications of this choice are far more profound. The CRUD vs. REST debate is not merely architectural; it’s strategic.

Read Post

AppSentinels

Read more about CRUD API vs REST API - Beyond the Basics to Strategic Security Implications

Accelerating Security Operations with Splunk and Foundation AI's First Open-Source Security Model

May 27, 2025 By Huaibo Zhao In Splunk

Cisco Foundation AI’s Foundation-sec-8b model brings a new wave of innovations and efficiency to security operations. As a purpose-built, open-weight Large Language Model (LLM) designed specifically for cybersecurity, Foundation-sec-8b enables security teams to act faster, reduce fatigue, and scale operations without compromising accuracy.

Read Post

Splunk

Read more about Accelerating Security Operations with Splunk and Foundation AI's First Open-Source Security Model

Securing the Future: Ebikes in the Age of Smart Mobility

May 27, 2025 By SecuritySenses In SecuritySenses

As cities get smarter and traffic gets worse, more people are turning to better ways of getting around. One option that's gaining speed fast is the ebike. These electric bikes are changing how we think about daily travel, offering a cleaner, quicker, and more affordable way to move. Whether it's cutting down on gas costs, avoiding traffic jams, or reducing your carbon footprint, ebikes are more than a trend, they're a smart solution for modern mobility.

Read Post

SecuritySenses

Read more about Securing the Future: Ebikes in the Age of Smart Mobility

Charlotte AI - Agentic Workflows - Hunting Fake CAPTCHAs

May 26, 2025 By CrowdStrike In CrowdStrike

Adversaries are faking CAPTCHAs to trick users into running malicious commands—and using AI to make it convincing. See how CrowdStrike’s Charlotte AI and Agentic Workflows detect these threats, automate response with context-aware actions, and adapt based on risk. CrowdStrike Charlotte AI: ► Work smarter, not harder. Turn hours of work into minutes, or even seconds, with a conversational AI assistant.

View Video

CrowdStrike

AI
Security

Read more about Charlotte AI - Agentic Workflows - Hunting Fake CAPTCHAs

Introducing Aikido AI Cloud Search

May 26, 2025 By Charlie Eriksen In Aikido

Gain instant visibility into your cloud environment with Aikido Cloud Search. Search your cloud like a database. Whether you want to identify exposed databases, vulnerable virtual machines, or over-permissive IAM roles — Aikido gives you the power to uncover risk in seconds. No query language required, no waiting on devops. Just describe what you’re looking for, like “Give me all VMs with CVE-2025-32433 that have port 22 open.” Scroll down to "How It Works" to get technical.

Read Post

Aikido

Read more about Introducing Aikido AI Cloud Search

How AI Is Making Phishing Attacks More Dangerous

May 26, 2025 By Keeper Security In Keeper

Artificial Intelligence (AI) is making phishing attacks smarter and harder to spot. Learn how cybercriminals are using AI to create convincing scams and how you can protect yourself by watching this short video.

View Video

Keeper

Read more about How AI Is Making Phishing Attacks More Dangerous

Is Windsurf's SWE-1 Model a Game Changer? Let's See...

May 26, 2025 By Snyk In Snyk

In this episode of my ongoing series testing AI coding tools, I put Windsurf’s latest model, SWE-1, to the test. The challenge? Build a secure note-taking app from scratch. I’m looking at everything from how it handles authentication and encryption to whether the code is clean, usable, and actually secure. If you're curious about how SWE-1 stacks up against other AI dev tools like GPT-4 or Claude, this video is for you.

View Video