Skip to main content

Tag: telemetry

43 articles

Zero trust: Must-Have Best Practices for SLED Security

Zero trust: Must-Have Best Practices for SLED Security

As ransomware and credential-stuffing rise, SLED IT leaders are combining AI-driven zero trust with gamified training to tighten defenses and turn staff and students into an active line of defense.

Analyst 207
malicious npm code: Critical Risk, Must-Have Defenses

malicious npm code: Critical Risk, Must-Have Defenses

Think supply chain attacks are theoretical? Wiz found malicious npm code in about 10% of cloud environments — proof a single tainted dependency can ripple across services. Treat dependencies like security controls: use SBOMs, provenance checks, and runtime defenses to keep builds safe without slowing teams down.

Analyst 207
AI-powered operations: Stunning Exposure, Defender Win

AI-powered operations: Stunning Exposure, Defender Win

An attacker’s bid for stealth backfired when legitimate security software exposed their AI‑assisted playbook — Huntress telemetry captured model‑like artifacts that turned a covert campaign into a forensic treasure trove, proving AI speeds attacks but also leaves telltale traces defenders can use.

Analyst 207
Axios user agent Dangerous Surge: Must-Have Defense

Axios user agent Dangerous Surge: Must-Have Defense

A routine Axios user‑agent has been weaponized — ReliaQuest found a 241% surge in phishing that spoofs the header to evade filters and increase clicks. Security teams need to stop trusting user‑agent strings alone and adopt layered defenses before attackers scale this trick further.

Analyst 207
GhostRedirector: Exclusive Dangerous China-Aligned Threat

GhostRedirector: Exclusive Dangerous China-Aligned Threat

A newly discovered group called GhostRedirector quietly breached 65 Windows servers using custom tools and stealthy redirection techniques, and its infrastructure and tradecraft point to China-aligned objectives. Treat this as a wake-up call to move beyond signature-based detection, hunt for anomalous behavior, and harden your systems now.

Analyst 207
data leaks: Must-Have Critical Detection Tips

data leaks: Must-Have Critical Detection Tips

A single exposed ClickHouse instance showed how quiet misconfigurations can hand attackers the breadcrumbs they need; detecting leaks early turns that slow-burning risk into a manageable incident. Start with inventory, automated scans, and clear playbooks to stop a minor misstep from becoming a full-blown disaster.

Analyst 207
signed driver Dangerous: Stunning ValleyRAT Risk

signed driver Dangerous: Stunning ValleyRAT Risk

Imagine a trusted vendor’s driver used as a battering ram—Silver Fox has been abusing Microsoft‑signed kernel drivers to slip past endpoint defenses and install the ValleyRAT backdoor for stealthy, long‑term access and data theft. Tighten driver policies, add kernel‑level telemetry, and vet supply chains before digital trust becomes the next attack surface.

Analyst 207
Scattered Spider: Must-Have Defense for Risky Browser Attacks

Scattered Spider: Must-Have Defense for Risky Browser Attacks

The browser is now the workplace front door—and groups like Scattered Spider are exploiting it with social engineering and account-takeover tricks. Enterprises can keep cloud-first convenience without handing over the keys by layering phishing‑resistant MFA, locking down extensions and OAuth grants, and monitoring browser telemetry.

Analyst 207
AIOps platforms: Must-Have Best Practices & Insights

AIOps platforms: Must-Have Best Practices & Insights

Struggling to keep sprawling hybrid IT systems running as change outpaces human monitoring? Forrester’s Wave shows how AIOps—blending machine learning, streaming telemetry, and automation—cuts noise, speeds triage and remediation, and scales operations while flagging real concerns around governance, explainability, and security.

Analyst 207
SIEM rules fail: Stunning Risks and Fixes

SIEM rules fail: Stunning Risks and Fixes

If your SIEM only spots one in seven simulated attacks, the Picus Blue Report’s 160M+ simulations are a wake‑up call that gaps in telemetry, brittle rules, and alert fatigue are creating a dangerous illusion of security. The fix is practical: treat detection as continuous measurement—improve instrumentation, run regular attack simulations, and adopt disciplined detection engineering to turn that wake‑up call into measurable improvement.

Analyst 207
cloud providers: Stunning Privacy Risk Exposed

cloud providers: Stunning Privacy Risk Exposed

When a DDoS bot tied to a rapper’s online persona was unmasked, it wasn’t a darknet mastermind but major cloud platforms that helped federal agents follow the trail—raising urgent questions about privacy, accountability and the growing role of cloud firms as both protectors and informants.

Analyst 207
poisoned inputs: Risky AIOps Threat – Must-Have Fixes

poisoned inputs: Risky AIOps Threat – Must-Have Fixes

AIOps promises faster fixes, but researchers warn that poisoned logs and telemetry can fool LLM-driven automation into harmful or destructive actions. Treat telemetry integrity as mission-critical—use signed data, human review gates, and adversarial testing before letting automation act.

Analyst 207
post-compromise remediation: Exclusive Risky Tactic

post-compromise remediation: Exclusive Risky Tactic

Imagine an attacker who breaks in, then fixes the very hole they used — not to help you, but to keep other intruders out. By patching exploited Linux vulnerabilities on compromised cloud hosts, adversaries turn easy targets into exclusive, harder-to-detect assets, forcing defenders to rethink patching, logging, and image hygiene.

Analyst 207
FortiSIEM vulnerability: Critical, Risky Exploit Emerges

FortiSIEM vulnerability: Critical, Risky Exploit Emerges

A critical FortiSIEM flaw with exploit code now circulating turns your SIEM into a prime target. Patch, tighten access, and hunt for signs of compromise immediately to protect visibility and contain risk.

Analyst 207
FortiSIEM CVE-2025-25256 Exclusive Critical Alert

FortiSIEM CVE-2025-25256 Exclusive Critical Alert

Heads up: FortiSIEM CVE-2025-25256 is a critical 9.8-rated OS command injection with exploit code already in the wild, meaning exposed or unpatched instances can let attackers run commands, pivot, and erase evidence. Patch immediately, isolate affected systems, and hunt for indicators of compromise to avoid a catastrophic breach.

Analyst 207
AI Zero Trust Security: Must-Have Best Practices

AI Zero Trust Security: Must-Have Best Practices

AI Zero Trust turns verification and least‑privilege into a proactive, adaptive defense that spots, predicts, and responds to threats in real time—reducing friction for legitimate users while tightening security. Do it right by investing in clean telemetry, explainable models, privacy safeguards, and human oversight to avoid bias and stay ahead of adversaries.

Analyst 207
AI Zero Trust Security: Must-Have, Risky Reality

AI Zero Trust Security: Must-Have, Risky Reality

AI-powered Zero Trust promises smarter, faster defenses—adaptive risk scoring, real-time responses, and less analyst fatigue—but also introduces risks like biased models, data poisoning, and tricky governance challenges. Balancing those trade-offs with quality data, transparent policies, and human oversight is essential to make AI Zero Trust both effective and trustworthy.

Analyst 207
Hacking Trains: Stunning Dangerous Risks Revealed

Hacking Trains: Stunning Dangerous Risks Revealed

What if a cheap radio signal could throw a freight train off schedule—or worse, off its rails? Our decades-old, unencrypted rail tech makes that frighteningly possible, and without upgrades like encryption, mutual authentication, and better monitoring, lives, supply chains, and the economy are all at risk.

Analyst 207
Zero Trust Must-Have: Stunning Best NIST Blueprint

Zero Trust Must-Have: Stunning Best NIST Blueprint

Ready to stop breaches before they start? NIST’s 19-step Zero Trust blueprint turns “never trust, always verify” into a practical roadmap—focusing on identity, micro‑segmentation, and continuous monitoring to cut risk, accelerate detection, and protect your most critical assets.

Analyst 207