IT Brief Asia - Technology news for CIOs & IT decision-makers
Asia

Offensive Security Stories

Global Stories

Offensive Security stories

IRONSCALES gets Anthropic verification for email defence
Phishing

IRONSCALES gets Anthropic verification for email defence

Verified access to Anthropic's restricted AI tools could help IRONSCALES test email defences against more realistic phishing and impersonation attacks.

By Sean Mitchell 4 min read Today
Microsoft unveils MDASH to find Windows security flaws
Network Security

Microsoft unveils MDASH to find Windows security flaws

The scanner found four critical remote code execution bugs among 16 Windows flaws, including issues in the kernel TCP/IP stack and IKEv2 service.

By Sean Mitchell 4 min read Yesterday
CyberCX report finds 29% of tests exposed severe flaws
Digital Transformation

CyberCX report finds 29% of tests exposed severe flaws

AI systems and social engineering tests proved especially risky, as CyberCX found severe weaknesses in half and 77% of cases respectively.

By Sean Mitchell 4 min read 2 days ago
Synack launches Sara AI Pentesting for wider coverage
Data Protection

Synack launches Sara AI Pentesting for wider coverage

The move aims to widen security coverage as firms struggle to test expanding attack surfaces quickly enough.

By Joseph Gabriel Lagonsin 4 min read Last week
CrowdStrike widens QuiltWorks & launches Defender hunting
Endpoint Protection

CrowdStrike widens QuiltWorks & launches Defender hunting

Enterprises using Microsoft Defender will get round-the-clock human-led threat hunting, as CrowdStrike also broadens its AI risk coalition across partners.

By Joseph Gabriel Lagonsin 4 min read Last week
Intruder launches AI pentesting for faster validation
DevOps

Intruder launches AI pentesting for faster validation

Security teams can now validate scanner findings in minutes as Intruder rolls out AI agents to cut false positives and speed remediation.

By Catherine Knowles 3 min read This month
Anthropic's Mythos sparks governance fears over cyber risk
Digital Transformation

Anthropic's Mythos sparks governance fears over cyber risk

Businesses could face faster cyber attacks as experts warn Anthropic's leaked Mythos model may outpace remediation and widen governance gaps.

By Catherine Knowles 5 min read Last month
AI flaws & supply-chain risks top new pentesting report
Data Protection

AI flaws & supply-chain risks top new pentesting report

Three-quarters of organisations now see third-party software as a top risk, as AI flaws and supply-chain gaps slow security fixes.

By Joseph Gabriel Lagonsin 4 min read Last month
Anthropic & OpenAI split on cyber AI release strategy
DevOps

Anthropic & OpenAI split on cyber AI release strategy

As cyber tools become more powerful, Anthropic is limiting access while OpenAI is widening it, raising fresh fears over misuse.

By Shannon Williams 5 min read Last month
HackerOne launches h1 Validation to verify exploitable flaws
DevOps

HackerOne launches h1 Validation to verify exploitable flaws

Enterprises face a growing backlog as AI tools uncover more flaws, with HackerOne saying 25% still prove exploitable and many are critical.

By Catherine Knowles 4 min read Last month
HackerOne launches h1 Validation to tackle AI flaws
DevOps

HackerOne launches h1 Validation to tackle AI flaws

Rising AI-generated vulnerability reports are leaving security teams with record backlogs and only hours to judge which flaws hackers can exploit.

By Catherine Knowles 4 min read Last month
LangWatch launches open-source tool for AI red-teaming
Data Protection

LangWatch launches open-source tool for AI red-teaming

The framework is designed to expose hidden risks in production AI systems that can be missed by conventional one-off tests.

By Sean Mitchell 4 min read Last month
FIRST conference highlights AI & CVE disclosure push
IoT Security

FIRST conference highlights AI & CVE disclosure push

Pressure is growing on AI vendors and software suppliers to improve vulnerability disclosure as experts warn basic CVE details are no longer enough.

By Joseph Gabriel Lagonsin 3 min read Last month
TrendAI partners Anthropic to embed Claude in security ops
Firewalls

TrendAI partners Anthropic to embed Claude in security ops

Security teams will get Claude tools inside TrendAI Vision One as the firms target AI-driven attacks and faster incident response.

By Mark Tarre 4 min read Last month
Synack launches Glasswing readiness test for attack gaps
Firewalls

Synack launches Glasswing readiness test for attack gaps

Offensive AI is widening exposure gaps for firms that test only a third of their attack surfaces on average, Synack says.

By Sean Mitchell 4 min read Last month
Abacus wins CREST approval for penetration testing
Firewalls

Abacus wins CREST approval for penetration testing

Boards in regulated sectors now have firmer assurance after Abacus secured CREST approval for penetration testing, renewed annually.

By Joseph Gabriel Lagonsin 3 min read Last month
Claude Code flaw leaves deny rules vulnerable in long workflows
Cloud Security

Claude Code flaw leaves deny rules vulnerable in long workflows

Security researchers say long automated jobs can make Claude Code’s deny rules fall back to user prompts, weakening protections in CI/CD pipelines.

By Kaleah Salmon 8 min read Last month

Stories from Other Regions

Offensive Security stories

White Rook Cyber wins CREST accreditation for testing
Firewalls

White Rook Cyber wins CREST accreditation for testing

Procurement teams in defence and critical infrastructure may now view White Rook Cyber more favourably after its CREST testing approval.

By Shannon Williams 4 min read Last month