DESTAQUES

Últimas Notícias

3584 notícias
Governança & IA Bleeping Computer 🇺🇸

Agentic AI Has an Identity Problem and Attackers Know It

AI agents can access data, trigger workflows, and take action across enterprise systems. Token Security explains why governing these privileged identities is becoming essential for enterprise security. [...]

Ameaças Cibernéticas Bleeping Computer 🇺🇸

Critical SimpleHelp flaw exploited to deploy new stealer malware

Hackers are exploiting a recently disclosed critical vulnerability (CVE-2026-48558) in SimpleHelp to deploy Djinn Stealer, a previously undocumented cross-platform information stealer targeting Windows, macOS, and Linux. [...]

Ameaças Cibernéticas Bleeping Computer 🇺🇸

Webinar: Why business email compromise attacks keep succeeding

Business email compromise attacks increasingly rely on convincing impersonation rather than malware, making them harder for employees and traditional email defenses to detect. This webinar explores how behavioral AI can help identify sophisticated email threats and automate respo…

Governança & IA Health IT Answers 🇺🇸

The Real Reason EHR Integrations Break: Unmapped Workflow

By Lara Dixit - EHR integration frequently fails for reasons other than a weak interface engine, an inaccessible API, or a lack of technical expertise on the part of the vendor. It fails because the clinical workflow was never clearly mapped before systems were connected. The pos…

Ameaças Cibernéticas CISO Advisor 🇧🇷

Bucket hijacking redireciona logs em AWS, Azure e Google

Pesquisadores do Unit 42, laboratório de inteligência de ameaças da Palo Alto Networks, identificaram uma técnica de ataque que explora uma falha arquitetônica comum a Google Cloud, AWS e Microsoft Azure. Batizado de “bucket hijacking”, o método permite que invasores redirecionem…

Ameaças Cibernéticas Boletim Sec 🇧🇷

Amazon corrige falhas críticas em extensões do Amazon Q Developer

Uma vulnerabilidade de alta gravidade no Amazon Q Developer poderia permitir que invasores executassem comandos e roubassem credenciais de nuvem quando um desenvolvedor abrisse um repositório malicioso no ambiente de programação. As falhas foram identificadas como CVE-2026-12957 …

Gestão de Riscos The Hacker News 🇺🇸

Why Post-Quantum Cryptography Starts With Credentials

Today’s encrypted data, such as credentials, may no longer remain confidential in the future because the public-key cryptography protecting it will soon be broken by quantum computers. Although no machine today can break elliptic curve cryptography or RSA, quantum hardware is adv…

Ameaças Cibernéticas The Hacker News 🇺🇸

Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse

A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025. Slovakian cybersecurity company ESET said it observed 35 distinct spear-phishing campaigns mounted by G…

Ameaças Cibernéticas Boletim Sec 🇧🇷

Novo SharkLoader instala Cobalt Strike em campanha contra governos e empresas

Uma nova campanha de ciberataques chamada StrikeShark está usando um malware inédito, conhecido como SharkLoader, para instalar o Cobalt Strike em sistemas comprometidos. A atividade foi identificada pela Kaspersky e teve como alvos organizações governamentais, diplomáticas e emp…

Link copiado!