Security Boulevard

Permalink

The post United States Memorial Day 2025 appeared first on Security Boulevard.

In this episode, we explore an incident where Anthropic’s AI, Claude, didn’t just resist shutdown but allegedly blackmailed its engineers. Is this a glitch or the beginning of an AI uprising? Along with co-host Kevin Johnson, we reminisce about past episodes, discuss AI safety and ethics, and examine the implications of AI mimicking human behaviors […]

The post When AI Fights Back: Threats, Ethics, and Safety Concerns appeared first on Shared Security Podcast.

The post When AI Fights Back: Threats, Ethics, and Safety Concerns appeared first on Security Boulevard.

One-time-password (OTP) delivery remains the work-horse of passwordless and multi-factor authentication flows. Yet the 2025 market has fractured into two […]

The post OTP Authentication in 2025: How MojoAuth Stacks Up Against Twilio Verify, Auth0, Stytch & Descope appeared first on Security Boulevard.

Why is NHI Protection Crucial for Maintaining Safe Cloud Environments? How crucial is the management of Non-Human Identities (NHIs) and secrets for maintaining a safe cloud environment? The answer lies in the essence of NHIs themselves. These machine identities, comprising secrets and granted permissions, function as the keystone for securing a range of digital platforms, […]

The post Keep Your Cloud Environments Safe with NHIs appeared first on Entro.

The post Keep Your Cloud Environments Safe with NHIs appeared first on Security Boulevard.

What Makes NHI Compliance Essential in Today’s Cybersecurity Landscape? Non-Human Identities (NHIs), the machine identities in cybersecurity are created by combining a secret (an encrypted password, token, or key) and the permissions granted by a destination server. This unique amalgamation of ‘tourist’ and their ‘passport’ requires end-to-end protection to create a secure cloud environment, and […]

The post Feel Empowered by Mastering NHI Compliance appeared first on Entro.

The post Feel Empowered by Mastering NHI Compliance appeared first on Security Boulevard.

Are You Harnessing the Full Potential of Secure NHIs? Organizations require robust security measures to safeguard their digital assets. An often overlooked yet critical element of these measures is the management of Non-Human Identities (NHIs) and their associated secrets. A streamlined process for managing NHIs ensures an impenetrable security shield for your digital resources. Zooming […]

The post Your Assurance in Securing NHIs Properly appeared first on Entro.

The post Your Assurance in Securing NHIs Properly appeared first on Security Boulevard.

Why is NHI Management Vital in Modern Cybersecurity? The rising tide of digitalization in various industries fuels the increasing relevance of Non-Human Identities (NHIs) management in cybersecurity. With organizations race to the cloud, have you considered the potential vulnerability in your system’s NHIs and their secrets? NHIs, defined as machine-generated identities that interact, are as […]

The post Stay Reassured with Latest NHI Security Practices appeared first on Entro.

The post Stay Reassured with Latest NHI Security Practices appeared first on Security Boulevard.

Authors/Presenters: Bård Aase

Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel.

Permalink

The post BSidesLV24 – PasswordsCon – That’s Not My Name appeared first on Security Boulevard.

Overview: Akamai researchers have identified a significant privilege escalation vulnerability in Windows Server 2025, termed “BadSuccessor.” This flaw exploits the newly introduced delegated Managed Service Accounts (dMSAs) feature, allowing attackers to impersonate any Active Directory (AD) user, including domain administrators, without altering existing accounts or group memberships. Key Details: Impact: Exploitation of BadSuccessor can lead… Continue reading Cyber Heads Up: “BadSuccessor”—A Critical Active Directory Privilege Escalation Vulnerability in Windows Server 2025

The post Cyber Heads Up: “BadSuccessor”—A Critical Active Directory Privilege Escalation Vulnerability in Windows Server 2025 appeared first on Security Boulevard.

FedRAMP is the Federal Risk and Authorization Management Program, and it’s one of the most widely used governmental cybersecurity frameworks across the United States. It’s meant to serve as the gatekeeper for any contractor looking to work with the federal government to ensure that everyone across the board has a minimum level of cybersecurity in […]

The post How FedRAMP Reciprocity Works with Other Frameworks appeared first on Security Boulevard.

Are Your Non-human Identities and Secrets Secure? The security of Non-Human Identities (NHIs) and their secretive credentials has proven to be an essential dimension of data management. NHIs, as machine identities, play a crucial role in businesses, especially those operating. If not managed properly, these non-human identities can expose organizations to risks of significant security […]

The post Ensuring Stability with Robust NHI Strategies appeared first on Entro.

The post Ensuring Stability with Robust NHI Strategies appeared first on Security Boulevard.

How Relevant is NHI Security in Today’s Cloud-Dependent Society? It is becoming increasingly clear that the safe management of Non-Human Identities (NHIs) and their secrets is critical. A comprehensive approach to securing these machine identities is no longer optional but a necessity. Did you know that NHIs, when weakly managed, can become the focal point […]

The post Feel Protected: Advances in NHI Security Techniques appeared first on Entro.

The post Feel Protected: Advances in NHI Security Techniques appeared first on Security Boulevard.

 

As cryptocurrency becomes more popular and the adoption rises, we see a related increase in the number of cybercrimes, fraud, and malware schemes. Criminals like to hunt and plunder where there is money! If you hold cryptocurrency or are using Web3 platforms, you need to be careful.

Among other risks, the latest method is to use a crypto drainer! Crypto drainers are malicious code injected into software and webpages that compromise the victim’s crypto wallets or secret keys to drain the accounts.

This can be accomplished through:

· Phishing websites, emails, texts, and other social engineering practices

· Fake airdrops, contests, and ads

· Malicious digital contracts

· Fake exchanges, marketplaces, and crypto services

· And malicious or trojanized browser extensions

Crypto drainers are being productionalized for scale within the cybercriminal community, with Drainers-as-a-Service tools being offered to less savvy wannabe fraudsters. These packages include the malicious code, apps, social engineering functions, and back-end infrastructure to handle the unauthorized asset transfers at scale. Some come with management dashboards to oversee the progress of all the victimization, documentation, tutorials, system updates, and customer support!

Kits start at a mere $100, which is a low bar for many of the unscrupulous cybercriminals. The lure of high rewards, low effort, and a small investment will continue to bring many over to the dark side. Personal and corporate cybersecurity practices must be employed.

Some key recommendations for protecting crypto wallets include:

1. Enable multifactor authentication (2FA or MFA) when available on your wallets

2. Use hardware wallets or cold wallets for maximum security

3. Don’t be phished or socially engineered! Never click a questionable link, install untrusted software, or provide your private keys!

4. Avoid browser extensions! They can hijack your webpages and anything you input on them.

5. Secure your seeds and private keys in a password manager or offline.

Watch your wallets for unusual activity — although if you see any, it will likely be too late for that wallet!

Cryptocurrency is great, but like any innovative and disruptive technology, the attackers are motivated to find creative ways to victimize users! Understand the risks, act securely, and be cautious.

For more Cybersecurity Insights, follow me on:

• LinkedIn: https://www.linkedin.com/in/matthewrosenquist/ 
• YouTube: https://www.youtube.com/CybersecurityInsights 
• Substack: https://substack.com/@matthewrosenquist 
• Cybersecurity Insights: https://www.cybersecurityinsights.us/

The post Crypto Drainers are Targeting Cryptocurrency Users appeared first on Security Boulevard.

AttackIQ has released two new attack graphs that emulate the behaviors exhibited by DragonForce ransomware since its emergence in August 2023. Initially based entirely on the leaked LockBit 3.0 (Black) builder, it evolved with the introduction of a customized variant derived from the Conti V3 codebase. DragonForce operators may potentially be behind the recent cyber attacks that involved Marks & Spencer, Co-Op, and Harrods.

The post Emulating the Blazing DragonForce Ransomware appeared first on AttackIQ.

The post Emulating the Blazing DragonForce Ransomware appeared first on Security Boulevard.

U.S. authorities seized the infrastructure of the DanaBot malware and charged 16 people in an action that is part of the larger Operation Endgame, a multinational initiative launched last year to disrupt and take apart global cybercriminals operations.

The post U.S. Authorities Seize DanaBot Malware Operation, Indict 16 appeared first on Security Boulevard.

This year, we had a fantastic time meeting attendees, partners, friends, and customers at the RSA Conference Expo floor. You probably noticed this contraption attached to our coffee machine if you stopped by our booth for coffee. What was this, and how did it come to be? And what was it doing at the booth? […]

The post ColorTokens OT-in-a-Box: From Concept to Completion appeared first on ColorTokens.

The post ColorTokens OT-in-a-Box: From Concept to Completion appeared first on Security Boulevard.

Artificial intelligence (AI) and machine learning (ML) are now inextricably linked to the software supply chain. ML models, which are based on large language models (LLMs), are powering the enterprise — and offer an infinite number of solutions to organizations’ mission-critical needs. The widespread and increasing use of generative AI tools like OpenAI’s ChatGPT, in addition to developer community resources like Hugging Face – a platform dedicated to collaboration and sharing of ML projects – show how software, coding and AI/ML are now one and the same. 

But as with any new technological advancement, the pressing need for ML models has created a new and ever-evolving attack surface that the cybersecurity industry is racing to understand and mitigate. Recognizing the convergence of AI and the software supply chain, ReversingLabs (RL) researchers and engineers have taken steps to better understand the threat posed by malicious ML models. 

One such threat that RL researchers have previously flagged is the Pickle file format, a popular but insecure Python module that is used widely for serializing and deserializing ML model data. Dhaval Shah, RL’s senior director of product management, wrote recently that Pickle files open the door to malicious actors who can abuse it to inject harmful code into the model files.

That warning proved true with the discovery of nullifAI, discovered by RL threat researchers in February, in which threat actors abused ML models in the Pickle file format to distribute malicious ML models on Hugging Face. With this latest discovery, RL researchers uncovered a new malicious campaign that further proves threat actors’ newly favored method of exploiting the Pickle file format — this time on the Python Package Index (PyPI). 

Last Tuesday, RL researchers detected three, newly uploaded malicious packages that pose as a “Python SDK for interacting with Aliyun AI Labs services.” As the package description indicates, this is an attack that targets users of Alibaba AI labs. Once installed, the malicious package delivers an infostealer payload hidden inside a PyTorch model loaded from the initialization script. (PyTorch models are basically zipped Pickle files.) The malicious payload exfiltrates basic information about the infected machine and the content of the .gitconfig file.

Here’s what RL researchers discovered — and what this new malicious campaign means for the security of ML models, as well as how open-source software (OSS) platforms are still a favored supply chain attack vector.

The post Malicious attack method on hosted ML models now targets PyPI appeared first on Security Boulevard.

Author/Presenter: Jeff Deifik

Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel.

Permalink

The post BSidesLV24 – PasswordsCon – Passwords 101 appeared first on Security Boulevard.

See how Escape’s Jira integration turns security alerts into actionable tickets, speeding up issue resolution and improving collaboration.

The post From Alert to Action: Escape’s Jira Integration Explained appeared first on Security Boulevard.

It’s been a few weeks since the marketing excesses of the RSA Conference, and a quick glance at any day’s headlines confirms: attackers are collaborating and innovating faster than defenders can keep up. DeepTempo empowers security teams with purpose-built deep learning to detect threats earlier, streamline SOC workflows, and boost overall cyber resilience.

While at the show, DeepTempo won the “Advanced Threat Identification” category in Cyber Defense Magazine’s Global InfoSec Awards 2025, recognizing its significant contributions to modernizing threat detection through deep learning and MITRE ATT&CK® mapping. The judges had access to confidential success stories that we will share more broadly, at least in anonymized form, in the next month or two. This is Cyber Defense Magazine’s thirteenth year of honoring InfoSec innovators from around the Globe who believe they have a unique and compelling value proposition for their product or service. It’s recognition like this that validates our team’s efforts and the impact our customers are already seeing.

Win award, crack Dad joke

https://www.linkedin.com/posts/miliefsky_cybersecurity-gia2025-infosecchampions-activity-7324118035714236416-npxv?utm_source=share&utm_medium=member_desktop&rcm=ACoAAAAV77YBmNx6IYcPuh1n6km5MMwqF7R-xm4

The few months since we emerged from stealth mode with the launch of Tempo, our deep learning-based Snowflake Native App for cybersecurity ( available in the Snowflake Marketplace), have been amongst the most gratifying of my career. Our InfoSec Award follows successful collaborations with BNY through the Ascent Program and Snowflake’s Native App Accelerator. While I’m most excited about the success we are having in helping major enterprises and other organizations change the game in cyberdefense, the recognition we can talk about via these programs and accelerators, and awards is gratifying as well.

To learn more about DeepTempo, please download our whitepaper: DeepTempo: Revolutionizing Cybersecurity with Deep Learning or coordinate a walk-through, discussion of on-premise and on-cloud options, and demo: https://www.deeptempo.ai/contact-us.html

The post DeepTempo Wins Global InfoSec Award for Advanced Threat Identification appeared first on Security Boulevard.