Enterprise Security Tech

Between August 8 and August 18, a threat actor tracked as UNC6395 leveraged stolen OAuth tokens from Salesloft Drift, an AI-powered sales assistant, to siphon off data from hundreds of organizations worldwide. Google's Threat Intelligence Group says the spree was both opportunistic and industrialized, targeting anyone with the misfortune of linking Drift to Salesforce. Lawrence Pingree, technical evangelist at Dispersive Holdings, Inc..io, put it bluntly: “The most notable thing is the use of automation to cascade the breach across multiple entities. A wide scale breach like this is an essential feature of a failure to bring security properly to the cloud and SaaS. We must realize that all these new cloud services are just that, new, and they have potentially new vulnerabilities. Attackers take advantage of the scale and duplicity in code to scale out and breach many targets instead of just one organization. That's always been the downside of monoculture protection.” Read more: https://lnkd.in/gZAVjrGB

The FBI has confirmed that Salt Typhoon, a Chinese-backed hacking collective already linked to a string of telecom intrusions, has compromised at least 200 American companies in one of the most far-reaching espionage campaigns ever attributed to Beijing. Peter Luban, Field CISO at AttackIQ, stressed the gravity of that revelation. “A joint advisory from cybersecurity agencies across 13 different countries has been released in regards to recent campaigns from threat group Salt Typhoon. The report accuses three Chinese organizations of providing Salt Typhoon with resources and intelligence to conduct attacks on critical global infrastructure.” Read more: https://lnkd.in/gHJdmv5U

ESET researchers have uncovered what may be the first ransomware family to weaponize an open-weight large language model in real time, raising the stakes in the cat-and-mouse race between attackers and defenders. “The rise of AI-powered ransomware is not a reason to panic or rip out defenses. It is a reminder that the fundamentals of security still matter, though they now need AI-aware adjustments,” said Dirk Schrader, VP of Security Research at Netwrix. Read more: https://lnkd.in/gsV-yd7n

Fraud is no longer an occasional business disruption—it’s becoming a routine operational hazard. A new report from cybersecurity firm Trustmi finds that 83.6% of enterprises were targeted by social engineering fraud in the past year, with losses often running into the millions. The research underscores an unsettling reality: the biggest vulnerability isn’t just weak technology, but fractured collaboration between finance and security teams. “GenAI has weaponized fraud into a coordinated business attack,” said Shai Gabay, CEO and co-founder of Trustmi. “Attacks now cross multiple systems, exploiting every gap between teams and tools. Without unified visibility and coordination, enterprises will continue to face threats no single control can stop.” Read more: https://lnkd.in/gYad5D8i

Every October, cybersecurity vendors, governments, and enterprises rally around Cybersecurity Awareness Month—a tradition that began in 2004 when the U.S. Department of Homeland Security and the National Cyber Security Alliance teamed up to make digital hygiene a national priority. Two decades later, the stakes are far higher, and KnowBe4 is betting that nostalgia and gamification can help drive home the basics of human risk management. “Every October, we have this incredible opportunity to reset and refocus on what really matters in cybersecurity – human risk management,” said Erich Kron, security awareness advocate at KnowBe4. “This comprehensive resource kit empowers organizations to build genuine security culture where employees understand not just what to do, but why it matters. When we empower employees with knowledge, we are not just protecting data – we are helping to ‘Secure Our World.’” Read more: https://lnkd.in/gFZYnSK6

The weakest link in enterprise security isn’t a misconfigured firewall or unpatched server—it’s people. A new report from managed security services firm LevelBlue warns that social engineering, already the most exploited vector in cybercrime, is entering a dangerous new phase as attackers lean on generative AI to craft more convincing and scalable schemes. For Theresa Lanowitz, Chief Evangelist at LevelBlue, the findings underline a structural flaw in how enterprises approach cyber risk. “Establishing a culture of cyber resilience is imperative for organizations to effectively prepare for the emergence of more sophisticated social engineering attacks,” Lanowitz said. “These attacks exploit human behavior, so without the proper investment into education and training, including cyber resilience processes and engaging cybersecurity consultants, organizations and their employees remain vulnerable.” Read more: https://lnkd.in/g9CNCp3E

Retailers rang up more than sales this Labor Day weekend—they also attracted a tidal wave of malicious digital traffic. New data from Cequence Security shows that attack attempts against retailers spiked by 96% year over year, underscoring how cybercriminals now treat seasonal promotions as opportunities for industrial-scale exploitation. “During holiday seasons, retailers often face a perfect storm of increased vulnerability,” said William Glazier, Director of Threat Research at Cequence. “Reduced staffing levels, coupled with the surge in online activity driven by sales and promotions, create a prime opportunity for cybercriminals to exploit. Retailers risk significant financial losses due to fraudulent activities without robust bot and API protection.” Read more: https://lnkd.in/gdgF2dsN

A new wave of “task scams” is hijacking the logos of U.S. household names—Delta Airlines, AMC Theatres, Universal Studios, and Epic Records among them—in a bid to lure victims into depositing cryptocurrency under the guise of becoming paid brand “agents.” Researchers at Netcraft uncovered DeltaAirlineiVIP[.]com, a fraudulent site that anchors a larger cluster of template-driven scams already tied to more than $1 million in blockchain transactions. Victims are promised commissions for completing simple digital “tasks,” like booking flights, but access to these rewards requires first paying to become a VIP member. Read more: https://lnkd.in/gUvRtMhZ

David Stuart, Sentra, echoed the concern. “AI-driven ‘vibe-hacking’ shows just how quickly the offensive use of agentic AI is moving from theoretical to operational. With a single individual able to mimic the scale of an organized attack, enterprises can no longer treat data governance as optional.” https://lnkd.in/gR49CbXP

#Ransomware groups appear to be treading water. A new analysis from NCC Group shows that global ransomware attacks climbed just 1 percent in July, rising from 371 cases in June to 376. On the surface the figures look stable, but researchers warn that a lull should not be confused with safety. https://lnkd.in/gx3mMu2J