惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

小众软件
小众软件
IT之家
IT之家
博客园 - 聂微东
www.infosecurity-magazine.com
www.infosecurity-magazine.com
P
Privacy International News Feed
人人都是产品经理
人人都是产品经理
PCI Perspectives
PCI Perspectives
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 叶小钗
V
Vulnerabilities – Threatpost
美团技术团队
S
Secure Thoughts
N
News | PayPal Newsroom
L
LINUX DO - 最新话题
腾讯CDC
Application and Cybersecurity Blog
Application and Cybersecurity Blog
雷峰网
雷峰网
B
Blog
MyScale Blog
MyScale Blog
T
The Blog of Author Tim Ferriss
TaoSecurity Blog
TaoSecurity Blog
N
News and Events Feed by Topic
Blog — PlanetScale
Blog — PlanetScale
C
Check Point Blog
T
Tailwind CSS Blog
月光博客
月光博客
Simon Willison's Weblog
Simon Willison's Weblog
Hacker News: Ask HN
Hacker News: Ask HN
The Last Watchdog
The Last Watchdog
Google DeepMind News
Google DeepMind News
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
MongoDB | Blog
MongoDB | Blog
S
Security @ Cisco Blogs
Jina AI
Jina AI
Engineering at Meta
Engineering at Meta
S
Security Affairs
Forbes - Security
Forbes - Security
P
Palo Alto Networks Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
博客园 - 司徒正美
博客园 - 三生石上(FineUI控件)
T
Tor Project blog
O
OpenAI News
L
Lohrmann on Cybersecurity
Security Archives - TechRepublic
Security Archives - TechRepublic
P
Proofpoint News Feed
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
L
LangChain Blog
B
Blog RSS Feed
H
Hackread – Cybersecurity News, Data Breaches, AI and More

The Register - Security: Research

www.theregister.com Self-destructing Mistic backdoor linked to access broker selling corporate footholds to ransomware gangs PRC-linked spies hid inside medical and military networks for more than a year, snooping through Gmail and stealing data Nobody needs Mythos or 0-days to build a chaos-causing computer worm – free open source models work just fine ChatGPT blindly trusts browser content, turning the page into a payload Russia-linked threat group put ChatGPT to work from lure to payload Kids can bypass some age checks with a drawn-on mustache What type of 'C2 on a sleep cycle' do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia ORNL builds more sensitive GPS interference detector Researchers find sabotage malware that may predate Stuxnet Vibe coding upstart Lovable denies data leak, cites 'intentional behavior,' then throws HackerOne under the bus Anthropic, Google, Microsoft paid AI bug bounties – quietly Security reserchers tricked Apple Intelligence into cursing Don't open that WhatsApp message, Microsoft warns Security boffins harvest bumper crop of API keys from web Lightning-fast exploits mean patch fast, says Cisco Talos AI agents are 'gullible' and easy to turn into your minions Smooth criminals talking their way into cloud environments, Google says Snoops plant info-stealing malware on iPhones, Google warns Cybercrime up 245% since the start of the Iran war Rogue AI agents can work together to hack systems Fake applicants are sending security-killing malware AI agent hacked McKinsey chatbot for read-write access Kaspersky: No signs Coruna iPhone exploit kit made by US Perplexity Comet browser hole was exploitable via cal invite DEF CON hackers 'fed up with government,' Jake Braun says DEF CON hackers 'fed up with government,' Jake Braun says Ransomware payments cratered in 2025 – attacks did not Ransomware payments cratered in 2025 – attacks did not Claude's collaboration tools allowed remote code execution AI takes a swing at online anonymity Fake 'interview' repos lure Next.js devs into running secret-stealing malware Threat intelligence supply chain is full of weak links AI agents abound, unbound by rules or safety disclosures RAT disguised as an RMM costs crims $300 a month Android malware taps Gemini to navigate infected devices Posting AI caricatures on social media is bad for security Payroll pirates conned the help desk, stole employee’s pay Microsoft boffins show LLM safety can be trained away For the price of Netflix, crooks can rent AI crime ops For the price of Netflix, crooks can rent AI crime ops Fast Pair, loose security: Bluetooth accessories open to silent hijack Fast Pair flaw exposes Bluetooth devices to hijacking A simple CodeBuild flaw put every AWS environment at risk A simple CodeBuild flaw put every AWS environment at risk DeadLock ransomware uses smart contracts to evade defenders Python libraries in AI/ML models can be poisoned w metadata OpenAI patches déjà vu prompt injection vuln in ChatGPT Fake Windows BSODs check in at Europe's hotels to con staff into running malware Hotel staff tricked into installing malware by bogus BSODs Your car’s web browser may be on the road to cyber ruin China's Ink Dragon hides out in European government networks Browser 'privacy' extensions have eye on your AI, log all your chats NCSC finds cyber deception tools work, if deployed right 10K Docker images spray live cloud creds across the internet 'Botnets in physical form' are top humanoid robot risk 'Botnets in physical form' are top humanoid robot risk Apache warns of 10.0-rated flaw in Tika metadata toolkit Novel clickjacking attack relies on CSS and SVG 'Exploitation is imminent' of max-severity React bug Swiss government bans SaaS and cloud for sensitive info Scattered Lapsus$ Hunters stress testing Zendesk weak spots HashJack attack shows AI browsers can be fooled with '#' New ClickFix attacks use fake Windows Updates to swipe creds Years-old bugs in open source took out major clouds at risk LLM-generated malware improving, but not operational (yet) 3.5B WhatsApp users' info scooped through enumeration flaw 3.5B WhatsApp users' info scooped through enumeration flaw 50k more ASUS routers pwned by evolving Beijing-linked op LLM side-channel attack could allow snoops to guess topic Landfall spyware used in 0-day attacks on Samsung phones MIT Sloan shelves paper about AI-driven ransomware Security hole slams Chromium browsers - no fix yet OpenAI Atlas Browser tripped up by malformed URLs Devs of VS Code extensions are leaking secrets en masse Chatbots that butter you up make you worse at conflict Tile trackers leak unencrypted Bluetooth data, say boffins Beijing's RedNovember hacked critical US, global orgs Lazarus RAT code resurfaces in North Korean IT-worker scams Suspected Chinese spies broke into 'numerous' enterprises Deepfaked calls hit 44% of businesses in last year: Gartner Kaspersky: RevengeHotels returns with AI-coded malware Ruh-roh. DDR5 memory vulnerable to new Rowhammer attack HybridPetya ransomware dodges UEFI Secure Boot
Overconfidence is the new zero-day as teams stumble through cyber simulations
2025-11-17 · via The Register - Security: Research

Teams that think they're ready for a major cyber incident are scoring barely 22 percent accuracy and taking more than a day to contain simulated attacks, according to new data out Monday.

Immersive's latest Cyber Workforce Benchmark, which draws on 1.8 million exercises from the Immersive One platform and a survey of 500 cybersecurity leaders, paints a picture of an industry that has become more confident but no more capable. Immersive says 94 percent of organizations believe they can "effectively detect, respond to, and recover from a major incident," yet real-world performance in controlled drills has remained stubbornly flat. 

According to the report, resilience scores haven't improved since 2023, with the median response time to complete critical cyber threat intelligence labs still coming in at 17 days – despite what Immersive describes as "record investment" and growing pressure from boards and cyber insurance carriers. 

James Hadley, Immersive founder and chief innovation officer, argues that organizations are failing not for lack of effort, but because they are training for the wrong fights. "Readiness isn't a box to tick, it's a skill that's earned under pressure," he says in the report. "Organizations aren't failing to practice; they're failing to practice the right things." 

Across the company's crisis-simulation drills, which involved 187 professionals in 11 global exercises, performance was consistently poor. Participants achieved just 22 percent accuracy, averaged 60 percent confidence, and took 29 hours to contain an infection, a combination the report describes as evidence that "when tested under pressure, most teams didn't fail for lack of knowledge, they failed for lack of practiced coordination." 

The data also shows no improvement in the industry's basic readiness metrics. Immersive says more than 60 percent of sectors actually experienced slower response times year-over-year, and that confidence scores for "OK," "Good," and "Great" answers averaged the same (around 42.5 percent), suggesting teams cannot accurately judge their own performance despite expressing strong self-belief.

Much of the stagnation, the report argues, comes from practicing outdated threat scenarios. Immersive found that 60 percent of all training activity still focuses on vulnerabilities more than two years old, leaving teams "over-prepared for yesterday's threats" while new attacker techniques continue to evolve. Fundamental-level labs remain the most common exercises at 36 percent of usage, which the company says limits progression to intermediate and advanced readiness.

Another systemic issue is participation. Only 41 percent of organizations include non-technical roles such as legal, HR, communications, or senior executives in their cyber-response simulations. This is despite 90 percent of respondents believing their cross-functional communication during an incident is effective. Immersive's data shows the opposite: when business functions aren't rehearsed under pressure, collaboration falters and response times worsen. 

Industry habits also contribute to the readiness illusion. Immersive reports that organizations overwhelmingly rely on training completion rates to measure preparedness even though completion "is not competence." Only 46 percent use resilience scores, and only 42 percent measure the number of simulations conducted, creating what the report calls "false metrics" that mask real-world capability gaps. 

The report highlights a widening adaptability problem as well. Experienced practitioners perform strongly on familiar threats (roughly 80 percent accuracy in classic incident-response labs) but fall behind when faced with AI-enabled or novel attacks. Senior participation in AI-scenario labs dropped 14 percent year-over-year, while non-technical managers increased participation by 41 percent.

As Immersive puts it: "Experience teaches what to do next – until the next thing has never happened before."

Training completion itself remains inconsistent. The report notes an average completion rate of 81 percent, meaning nearly one in five participants do not finish the exercises they start.

Hadley argues the industry must shift from confidence built on assumptions to readiness grounded in evidence. "True resilience comes from continuously proving and improving readiness across every level of the business, so when a real crisis hits, your confidence is backed by evidence, not assumption."

"Experience teaches what to do next, until the next thing has never happened before," added Hadley. "Even the most seasoned teams must evolve as fast as the threats they face." ®