Enterprise Security Tech

This guest post was contributed by Amit Shuster, VP Product, Vetric.io Cybercriminals have always targeted senior executives. What's changed is how effectively they can now impersonate them. Deepfake technology has matured to the point where an AI-generated video of a CEO endorsing a fraudulent investment scheme, or an audio clone directing an employee to wire funds, can be nearly indistinguishable from the real thing. Deloitte estimates deepfake-enabled fraud losses could r

The post-compromise technique abuses Windows Recovery Environment to create persistent access to BitLocker-encrypted data, with no patch currently available. According to the Cyderes Howler Cell team, a newly disclosed Windows zero-day called GreatXML can turn Microsoft Defender’s offline scanning process into a pathway for accessing BitLocker-encrypted data without a recovery key or user credentials. The technique targets the interaction between Windows Recovery Environment,

The phishing-as-a-service operation uses Microsoft device codes, stolen authentication tokens and AI-generated business email compromise messages to help attackers bypass traditional account defenses. A newly analyzed phishing platform known as Kali365 is giving cybercriminals an unusually complete toolkit for compromising Microsoft 365 accounts and converting stolen access into financial fraud. Huntress researchers uncovered the operation after detecting a spike in device co

Hackers accessed a significant amount of personal data belonging to University of Nottingham students and alumni, potentially including financial records, National Insurance numbers and protected characteristics. The university detected unauthorized activity in its Campus Solutions student records system on Tuesday and took affected systems offline. It has contacted impacted individuals and reported the incident to Action Fraud, the Information Commissioner’s Office and other

A newly disclosed Windows zero-day dubbed RoguePlanet abuses Microsoft Defender’s own quarantine process to give an ordinary user the highest level of control over a Windows 11 machine. Cyderes researchers said they reproduced the local privilege escalation exploit on a fully patched Windows 11 Pro system. The attack requires no administrator rights, kernel vulnerability or memory corruption. Instead, it chains together legitimate Windows features, including Defender scans, N

Anthropic has released Claude Fable 5, a new artificial intelligence model that brings much of its restricted Mythos technology to the public while attempting to block its most dangerous capabilities. Fable 5 generally allows users to access Mythos-class reasoning for complex tasks. When Anthropic’s systems detect requests involving high-risk areas, such as biological weapons or software exploitation, the query will instead be handled by the older Claude Opus 4.8 model. “We w