Latest news with #threatdetection
Globe and Mail
17 hours ago
- Business
- Globe and Mail
Rapid7 Access Brokers Report: New Research Reveals Depth of Compromise in Access Broker Deals, with 71% Offering Privileged Access
BOSTON, Aug. 12, 2025 (GLOBE NEWSWIRE) -- Rapid7, Inc. (NASDAQ: RPD), a leader in threat detection and exposure management, today released its 2025 Access Brokers Report, a new research analysis of illicit underground marketplaces where cybercriminals buy and sell access to corporate networks. Drawing on six months of threat intelligence from dark web forums Exploit, XSS, and BreachForums, the report uncovers new insights into how initial access to compromised businesses is being sold — often for less than $1,000 — and the steps defenders can take to disrupt the process in its earliest stages. Rapid7's threat intelligence researchers analyzed hundreds of posts by Initial Access Brokers (IABs) offering access to compromised networks across a range of industries and regions. Their findings paint a stark picture: 'initial' access doesn't necessarily equate to minimal; in many cases, this access represents a deep compromise. 'This report shows that initial access brokers aren't intent upon finding a single way into an organization's network and then quickly exiting — they're making attempts to explore the networks they've infiltrated. And they're often succeeding,' said Raj Samani, SVP and chief scientist at Rapid7. 'In doing so, the IAB can offer buyers admin privileges, multiple access types, or both. By the time a threat actor logs in using the access and privileged credentials bought from a broker, a lot of the heavy lifting has already been done for them. Therefore, it's not about if you're exposed, but whether you can respond before the intrusion escalates.' Key report findings include: The vast majority of access broker sales (71.4%) offer more than just a specific access vector; they also include a level of privilege — and in nearly 10% of those sales, it's a bundle with multiple initial access vectors and/or privileges. The average sale price hovered just over $2,700, with nearly 40% of offerings priced between $500–$1,000. VPN, Domain User, and RDP were the most common access types — the very same weak points seen in Rapid7's incident response investigations. The Access Brokers Report arrives as security teams grapple with alert fatigue, limited resources, and evolving attacker tradecraft. It supports Rapid7's growing body of evidence that exposure management and threat detection must be operationalized together, not handled in isolation. This vision underpins the company's recent launch of Incident Command, an AI-native SIEM that unifies prevention, detection, intelligence, and response within a single workflow. With its seamless integration of Intelligence Hub, Incident Command gives security teams direct access to the same curated threat insights that informed this report — now embedded into detection logic and investigation workflows. In addition to in-depth forum analysis, the report outlines concrete steps organizations can take to harden defenses and reduce attacker dwell time: Enforce MFA — especially on VPN, RDP, and user accounts that access critical infrastructure. Invest in threat-informed detection and response — including unified platforms that correlate access signals with suspicious activity. Run regular red team exercises to identify exposure paths like abandoned accounts, default credentials, and externally accessible RDP services. This research reinforces Rapid7's position that threat detection and exposure management must be fast, unified, and context-rich. As highlighted in the company's recognition in the 2025 Frost Radar for MDR, operationalizing threat intelligence, asset context, and automation isn't just a best practice — it's a requirement. Initial Access Brokers and the forums they use have long been analyzed by threat intelligence teams. While law enforcement activity and takedowns continue, access brokers remain a persistent threat to organizations around the world. To read a full copy of the report, visit About Rapid7 Rapid7, Inc. (NASDAQ: RPD) is on a mission to create a safer digital world by making cybersecurity simpler and more accessible. We empower security professionals to manage a modern attack surface through our best-in-class technology, leading-edge research, and broad, strategic expertise. Rapid7's comprehensive security solutions help more than 11,000 global customers unite cloud risk management with threat detection and response to reduce attack surfaces and eliminate threats with speed and precision. For more information, visit our website, check out our blog, or follow us on LinkedIn or X. Rapid7 Media Relations Stacey Holleran Sr. Manager, Global Communications press@ (857) 216-7804 Rapid7 Investor Contact Ryan Gardella / Ryan Flanagan ICR, Inc investors@ (617) 865-4277
Al Arabiya
04-08-2025
- Politics
- Al Arabiya
UN to boost air parcel security a year after DHL depot explosions
The United Nations on Monday announced plans to enhance air mail security, one year after parcels exploded at DHL depots in Germany and Britain, in a plot blamed on Russia. The strategy announced by the International Civil Aviation Organization (ICAO) and Universal Postal Union -- two specialized UN agencies -- aims to improve threat detection, officials told AFP. European intelligence services believe Russia was behind the explosions last July at DHL depots in Leipzig, Germany and Birmingham in Britain. Several people implicated in the operation were believed to be 'disposable' agents with no official position in the Russian intelligence services, according to German media reports. Such low-level agents were typically recruited via messaging apps to carry out tasks for money, the reports said. German intelligence officials have said the planes carrying the parcels would have crashed had they exploded mid-flight. Canada-based ICAO's head of aviation security, Sonia Hifdi, did not directly name Russia when laying out the plan, but said: 'In the last 12 months, we have seen more sophisticated actors aiming to cause disruptions in the supply chain.' The joint 'multi-year action plan' strives to train all personnel who handle air mail, and will work towards increased data sharing between postal and aviation authorities. 'This is not a problem localized to a single region, or for a single state, or a single actor,' Hifdi told AFP.
Entrepreneur
04-08-2025
- Business
- Entrepreneur
Cyber Resilience Platform Mitigata Secures USD 5.9 Mn Funding Led by Nexus Venture Partners
The startup plans to establish three global security operations centers in Bengaluru, Mumbai, and Delhi to strengthen its AI-driven threat detection, incident response, and managed security services. You're reading Entrepreneur India, an international franchise of Entrepreneur Media. Bengaluru-based cyber resilience platform Mitigata has raised USD 5.9 million in a Series A funding round led by Nexus Venture Partners, with participation from Titan Capital and WEH Ventures. The funds will be deployed to enhance the company's AI-powered security and risk management platform, expand its range of cyber resilience offerings, and scale operations across Indian cities and international markets. The startup plans to establish three global security operations centers in Bengaluru, Mumbai, and Delhi to strengthen its AI-driven threat detection, incident response, and managed security services. Part of the funding will also go toward expanding its teams in security, insurance, and compliance. "Our mission is to build strategic resilience for India's digital economy by driving cybersecurity innovation from within," said Sarthak Dubey, Co-founder and COO. "This supports the vision of a self-reliant digital India, especially in areas critical to national security." Mitigata was founded by Mohit Anand, Sarthak Dubey, Mayank Morya, and Akshit Kaushik. The founders have experience in leading technology and security roles at organisations such as Meesho, Delhivery, Lenskart, Khosla Labs, and CGI. The startup offers a unified platform that integrates cybersecurity, risk management, compliance, and cyber insurance. Its services include attack surface monitoring, threat intelligence, dark web and brand monitoring, phishing simulations, governance risk and compliance automation, and cyber risk quantification through its proprietary RELIQ model. It also provides 24x7 SOC monitoring, vulnerability assessment, penetration testing, incident response, and digital forensics. Mohit Anand, Co-founder and CEO, said, "Most businesses still treat cyber insurance and security as separate cost centers, often relying on fragmented vendors and siloed solutions. At Mitigata, we've reimagined and Indianised the model — delivering integrated, high-impact cyber resilience that combines security and insurance into a single, cost-efficient solution tailored to the unique needs of Indian organisations." Mitigata's cyber insurance services are supported by partnerships with major insurers such as HDFC ERGO, ICICI Lombard, Tata AIG, Bajaj Allianz, and New India Assurance. By aligning insurance coverage with real-time risk data, the firm aims to provide better claims outcomes and faster incident response for its clients. Currently serving over 500 enterprises across 25 industries, Mitigata positions itself as India's first full-stack cyber resilience platform. Its approach combines advanced AI-driven tools with embedded on-ground expertise, offering organisations both strategic oversight and immediate response capabilities. Anand Datta, Partner, Nexus Venture Partners, added, "We believe the future of cybersecurity and Insurance is an integrated, full-stack approach. Mitigata is pioneering a new AI led services approach to cyber resilience that covers the entire lifecycle—from prevention and mitigation to risk transfer via insurance. Their model is precisely what Indian enterprises need to thrive securely."
Forbes
31-07-2025
- Business
- Forbes
Why AI Is Your Biggest Business Opportunity—And Risk
Steve Wilson, Chief AI and Product Officer, Exabeam. Cybersecurity often operates within a bubble, assuming that business leaders are fully conversant with emerging technologies like artificial intelligence (AI). The reality? AI is reshaping every facet of business, and its implications stretch far beyond security. Although McKinsey researchers report that 78% of organizations now use AI in at least one business function, a significant jump from 72% in early 2024, many executives' exposure to AI regrettably begins and ends with large language models (LLMs). This leaves them unaware of vital areas such as AI-powered threat detection, the complexities of autonomous systems and the strategic implications of adversarial machine learning. That's not just a blind spot, it's a business risk. AI is now both your biggest opportunity and your biggest threat. The Art Of Knowing What You Don't Know AI is now embedded everywhere, boosting efficiency. But this integration unleashes unintended consequences: flawed automation, biased outputs, compliance pitfalls and reputational damage. These aren't technical glitches; they're fundamental business risks that hammer trust and resilience. Leaders don't need to be security experts, but they must grasp the AI agenda. This means dictating AI's governance, deployment and risk management enterprise-wide. It also means having the self-awareness to ask the right questions and the right people. Assuming everyone "just gets it" widens the critical gap between security pros and executive leadership. The real danger isn't misunderstanding; it's the profound business implications that follow. Without clear, business-aligned AI risk communication, companies underinvest, stall decisions and create a false sense of security at the top. The Results Speak Loudly The tangible benefits of AI are already underway, and the results speak for themselves. For example, in a 2025 Exabeam study, 56% of security teams reported that AI has boosted productivity by streamlining tasks, automating routine processes and accelerating response times. These undeniable gains demonstrate the real business value of AI when implemented responsibly and with clear oversight. But the stakes are rising. In a May 2025 Senate testimony, OpenAI CEO Sam Altman called for an AI regulatory sandbox to encourage innovation while avoiding fragmented overregulation. His message was clear: This isn't just tech. AI is now a geopolitical, economic and competitive force. Leaders who aren't actively engaged will miss the opportunity. From Soundbites To Substance It isn't enough to simply name-drop AI on earnings calls. True leadership means showing, not just saying, how AI aligns with business outcomes like growth and resilience. Every company, not just tech vendors, must step up. That starts with the following actions: • Establish AI governance at the C-suite level. AI is a cross-functional strategic priority, not just an IT or security task. A C-suite team, including legal, risk and operations, must align AI initiatives with business goals, prioritize investments and manage enterprise-wide risks and rewards. • Treat AI as a strategic asset, not just a tool. To secure executive buy-in, frame AI risks by their business impact: reputational damage, fines, market loss or eroded trust. This helps ensure leaders see AI as a critical business issue, demanding their proactive management, not just a technical one. • Champion smart AI regulation and industry collaboration. Engage with policymakers, regulators and industry groups to advocate for balanced AI regulations that prevent overregulation at the state level while fostering innovation. As OpenAI's Altman testified, creating a framework for AI adoption is crucial. This collaborative approach can help shape a sustainable AI ecosystem, ensuring that regulations support growth while addressing security and ethical concerns. • Invest in AI resilience, transparency and accountability. Prioritize building effective, transparent and auditable AI systems. This mitigates risks like bias and compliance failures, helping ensure long-term trust, quick issue correction and leadership in responsible AI. Your AI Strategy Can't Be Siloed Too often, AI sits with technical teams, disconnected from core business strategy. That's a governance failure. AI must be embedded across strategic planning, risk management and product development, with clear ownership from the start. Meanwhile, the market is awash with new AI products and bold promises. CISOs and tech leaders must become simplifiers and skeptics, cutting through the hype to vet solutions based on real value, not just marketing tropes. Generative AI brings innovation but risks repeating past cycles of overpromising. Disciplined due diligence is essential. Ultimately, AI is a catalyst for growth. The smartest leaders aren't chasing every trend—they're investing in the right people, like data scientists and prompt engineers. Because in this complex era, the real edge is clarity. Bold leadership means aligning your teams, tech and strategy to unlock value while keeping risk in check. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Yahoo
30-07-2025
- Business
- Yahoo
SOS Technologies' EagleEye™ AI Platform expands its AI threat detection platform in schools and houses of worship across the U.S.
DEERFIELD BEACH, Fla., July 30, 2025 /PRNewswire/ -- SOS Technologies, an industry leader in AI-driven video analytics and emergency response solutions, today announced a major milestone in public safety technology adoption: the deployment of its flagship EagleEye™ AI Threat Detection and Management Platform. SOS Technologies continues to expand its AI threat detection platform in schools and houses of worship in several states. This announcement underscores the growing demand for proactive, intelligent surveillance solutions as institutions across sectors respond to the rising threat of public violence and workplace security incidents. EagleEye represents a major evolution in real-time situational awareness. Built on a self-learning AI engine, the platform offers comprehensive threat detection capabilities including firearm recognition, fighting/altercation detection, slip and fall analysis, crowd formation tracking, suspicious object abandonment, loitering, intruder detection, fire and smoke alerts, and advanced facial identification with BOLO (Be On the Lookout) and forensic search tools for persons of interest. Transforming Cameras Into Active Sentinels Unlike traditional passive camera systems, the EagleEye platform transforms existing surveillance infrastructure into a live, intelligent threat-monitoring grid without the need for costly hardware upgrades or investments. Powered by SOS Technologies' AWS FedRAMP-authorized GovCloud architecture, the platform seamlessly integrates with virtually any video management system (VMS) or other AI threat detection solutions, and it enables remote monitoring centers to reduce false positives, streamline operational workflows, and improve real-time decision-making. Unifying Detection with Dispatch: EagleEye AI + SmartSOS™ The EagleEye platform is designed to work in tandem with SmartSOS™, SOS Technologies' groundbreaking Emergency Alert System. The platform is the first and only cloud-based public safety platform that is GovRAMP-certified and has been successfully integrated directly into a major U.S. 911 police dispatch center. This unique capability enables verified public safety events, such as a detected weapon or intruder, to be instantly routed to law enforcement or GSOC, reducing dispatch times from several minutes to less than three seconds. The platform can also be configured to automatically lock facility doors, send alerts to building occupants, and notify security and law enforcement simultaneously, giving administrators critical time to act before tragedy unfolds. "This week's heartbreaking incident at 375 Park Avenue in New York City is a stark reminder of how urgently we need smarter, faster public safety technology," said Travis Leonardi, CEO of SOS Technologies. "EagleEye's gun detection system would have immediately flagged the presence of a weapon, potentially preventing loss of life by triggering real-time lockdown protocols and alerting 911 with no human delay. "Our mission at SOS is to stop threats before they escalate, and we are proud to support schools, places of worship, and major corporations in that shared commitment." A New Standard in Public Safety As threats to public spaces become increasingly complex and dynamic, institutions are turning to technologies that not only observe but also analyze, predict, and respond in real time. With the deployment of EagleEye and SmartSOS, SOS Technologies is setting a new standard for comprehensive, scalable safety infrastructure, offering both situational intelligence and verified emergency response through a single, unified platform. About SOS Technologies SOS Technologies is redefining the intersection of AI, video surveillance, and emergency response. With clients spanning healthcare, education, government, and enterprise sectors, SOS provides cutting-edge solutions that enhance public safety and operational readiness. The company's GovRAMP-certified, cloud-native architecture ensures secure, scalable deployments that meet the most rigorous compliance and integration requirements. For more information, visit For media inquiries, please contact: Jojo Abbasi847.809.0406jojo@ View original content to download multimedia: SOURCE SOS Technologies Sign in to access your portfolio
