Biztonsági szemle

Using artificial intelligence in operational technology environments could be a bumpy ride full of trust issues and security challenges.

Agentic CX isn’t coming, it’s here. The 2025 Cisco AI Readiness Index shows the tremendous potential and real challenges organizations face as they race to capture its power.

The segmentation journey starts with visibility, goes through identity context, policy and enforcement, ultimately returning to enhanced visibility.

Microsoft puts the power of AI in the hands of everyday non-technical Joes. It's a nice idea, and a surefire recipe for security issues.

Several months ago, I got a Nucbox K8 Plus minicomputer to use as a Proxmox 9 server. At the time of this acquisition, I didn't realize this minicomputer had an artificial intelligence (AI) engine [ 1] build in the CPU that could be used to...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The initial access broker has been weaponizing endpoint detection and response (EDR) platforms and Windows utilities in recent high-precision attacks.

A new twist on the social engineering tactic is making waves, combining SEO poisoning and legitimate AI domains to install malware on victims' computers.

Last year, Kubernetes fixed a command injection vulnerability in the Kubernetes NodeLogQuery feature (%%cve:2024-9042%%) [1]. To exploit the vulnerability, several conditions had to be met:

So far the attacks, which compromise virtual network computing (VNC) connections in OT systems, have not been particularly destructive, but this could change as they evolve.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Ransomware actors have targeted manufacturers, retailers, and the Japanese government, with many organizations requiring months to recover.