threats – Page 2 – CIO.works

Ransomware and Phishing Still Drive Data-Security Incidents, But AI’s Shadow Looms

By CIO / Blog / AI, phishing, ransomware, threats

The 12th annual Data Security Incident Response Report by law firm BakerHostetler reveals that ransomware demands averaged $4.24 million last year, rising 70%, while phishing caused 30% of data-security incidents. The report highlights AI's growing role in cyberattacks, evolving beyond phishing enhancement to sophisticated social engineering and automated hacking, signaling a significant shift in the cybersecurity landscape.

https://www.digitaltransactions.net/ransomware-and-phishing-still-drive-data-security-incidents-but-ais-shadow-looms/

Ransomware’s New Era: Moving at AI Speed

By CIO / Blog / AI, cybersecurity, ransomware, threats

Ransomware attacks are accelerating in speed and sophistication, with threat actors increasingly using artificial intelligence to quickly exploit valid credentials and bypass traditional security tools like endpoint detection and response (EDR). Reports from Halcyon and Arctic Wolf highlight that ransomware tactics have evolved from encrypting data to multi-extortion schemes and direct victim targeting, while AI enables automated, high-fidelity social engineering, making defense more challenging and emphasizing the need for improved access management and transparency in cybersecurity efforts.

https://www.darkreading.com/endpoint-security/ransomware-new-era-moving-ai-speed

Google Unleashes Gemini AI Agents on the Dark Web

By CIO / Blog / google, AI, cybersecurity, threats

Google has launched its Gemini AI agents in public preview to monitor the dark web, analyzing up to 10 million posts daily with 98 percent accuracy to detect relevant security threats for organizations. The tool builds detailed profiles of customers and uses advanced AI models to identify and prioritize genuine risks such as data leaks or initial access brokers, aiming to reduce false positives common in traditional dark web monitoring. Additionally, Google has integrated AI agents into its Security Operations platform to automate threat responses and investigations.

https://www.theregister.com/2026/03/23/google_dark_web_ai/

Shadow AI ‘Double Agents’ Are Outpacing Security Visibility – and That’s a Serious Concern for UK Businesses

By CIO / Blog / AI, cybersecurity, threats

UK businesses are rapidly adopting AI agents to automate tasks and boost productivity, with 62% already using them and 68% planning enterprise-wide rollouts soon. However, Microsoft’s Cyber Pulse report warns that these AI agents, acting autonomously across networks and systems, are outpacing security visibility and creating significant risks, highlighting the urgent need for robust governance, visibility, and zero trust security measures to manage and control their access safely.

https://www.techradar.com/pro/security/shadow-ai-double-agents-are-outpacing-security-visibility-and-thats-a-serious-concern-for-uk-businesses

Disinformation Security By Styx Intelligence

By CIO / Blog / threats, monitoring, tools

Styx Intelligence has launched Disinformation Security, a solution designed to provide continuous visibility into disinformation campaigns that threaten brands, leaders, and customers through false narratives and coordinated activities on public channels. This tool helps organizations detect early signs of disinformation, understand its origins and spread, and respond effectively to mitigate risks such as fraud, impersonation, reputation damage, and operational disruptions.

https://styxintel.com/blog/introducing-disinformation-security/

Shadow AI Risk: How SaaS Apps Are Quietly Enabling Massive Breaches

By CIO / Blog / security controls, threats, AI, cybersecurity

A report from Grip Security reveals that all analyzed companies operate SaaS environments embedded with AI, with a 490% year-over-year increase in public SaaS attacks, 80% involving sensitive data. The article highlights how “shadow AI”—agentic AI within SaaS apps often implemented without IT oversight—enables attackers to use stolen OAuth tokens to cascade breaches across multiple organizations, exemplified by the widespread 2025 Salesloft Drift breach, emphasizing the urgent need for better visibility, continuous governance, and risk-based controls of AI in SaaS to prevent massive cascading cybersecurity incidents.

https://www.securityweek.com/the-shadow-ai-problem-how-saas-apps-are-quietly-enabling-massive-breaches/

We Are All AI Philosophers Now

By CIO / Blog / AI, regulation, threats

The article emphasizes that AI systems inherently carry the biases and values of their creators through design choices, data, and policy decisions, meaning AI is never truly neutral. It calls on IT leaders to recognize that adopting AI is a governance decision that requires disciplined oversight, transparency, and accountability to manage risks and ensure AI-driven decisions align with organizational and societal values.

https://www.cio.com/article/4145026/we-are-all-ai-philosophers-now.html

When Geopolitics Goes Digital: How Wars Are Now Won Before the First Missile Is Fired

By CIO / Blog / threats, risk management, cybersecurity

The article discusses how modern warfare now integrates offensive cyber operations as a primary phase before kinetic strikes, exemplified by recent US-led operations in Iran and ongoing conflicts in Ukraine. It highlights the escalating cyber threat to telecommunications and critical infrastructure, particularly from Iranian state and proxy actors, underscoring the urgent need for organizations, especially those with Middle East exposure, to enhance real-time threat intelligence, resilience, and defensive measures against rapid, sophisticated cyberattacks like the destructive Stryker company incident.

https://sosintel.co.uk/when-geopolitics-goes-digital-how-wars-are-now-won-before-the-first-missile-is-fired/

Anthropic’s 500 Zero-days Tell Us Something CISOs Aren’t Ready to Hear

By CIO / Blog / AI, cybersecurity, threats

Anthropic’s discovery of 500 zero-day vulnerabilities highlights a shift in sophisticated attacks from software vulnerabilities to the exploitation of organizational trust. Attackers are leveraging AI to autonomously build behavioral profiles of organizations, targeting communication patterns and approval workflows. Security teams must focus on defending against these attacks by utilizing internal behavioral data for detection, rather than relying solely on generic threat intelligence.

https://www.scworld.com/perspective/anthropics-500-zero-days-tell-us-something-cisos-arent-ready-to-hear

Where Multi-Factor Authentication Stops and Credential Abuse Starts

By CIO / Blog / cybersecurity, authentication, threats

MFA often fails in Windows environments due to reliance on Active Directory for logins, allowing attackers to exploit valid credentials. Key vulnerabilities include local logins, RDP access, legacy NTLM, Kerberos ticket abuse, local admin credential reuse, SMB authentication, and unmonitored service accounts. To mitigate these risks, organizations should enforce strong password policies, block compromised passwords, limit legacy protocols, and audit service accounts. Effective tools like Specops can enhance security against credential abuse.

https://thehackernews.com/2026/03/where-multi-factor-authentication-stops.html