惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

大猫的无限游戏
大猫的无限游戏
Security Archives - TechRepublic
Security Archives - TechRepublic
T
Threat Research - Cisco Blogs
A
Arctic Wolf
S
Securelist
O
OpenAI News
T
Threatpost
Forbes - Security
Forbes - Security
N
News and Events Feed by Topic
S
Secure Thoughts
H
Heimdal Security Blog
S
Security Affairs
P
Privacy International News Feed
C
Cisco Blogs
C
CERT Recently Published Vulnerability Notes
Cyberwarzone
Cyberwarzone
N
News and Events Feed by Topic
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
P
Palo Alto Networks Blog
S
Security @ Cisco Blogs
Hacker News - Newest:
Hacker News - Newest: "LLM"
博客园 - 三生石上(FineUI控件)
月光博客
月光博客
T
Tailwind CSS Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Hacker News: Ask HN
Hacker News: Ask HN
T
Troy Hunt's Blog
S
SegmentFault 最新的问题
腾讯CDC
V
Visual Studio Blog
Last Week in AI
Last Week in AI
H
Hacker News: Front Page
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Project Zero
Project Zero
WordPress大学
WordPress大学
NISL@THU
NISL@THU
博客园 - 【当耐特】
博客园 - Franky
Webroot Blog
Webroot Blog
博客园_首页
T
Tenable Blog
雷峰网
雷峰网
Google Online Security Blog
Google Online Security Blog
阮一峰的网络日志
阮一峰的网络日志
V2EX - 技术
V2EX - 技术
Recent Commits to openclaw:main
Recent Commits to openclaw:main
L
Lohrmann on Cybersecurity
The Hacker News
The Hacker News

VentureBeat

Anthropic says it hit a $30 billion revenue run rate after 'crazy' 80x growth OpenAI voice models get GPT-5-class reasoning AI agent identity: how to govern agentic AI in 6 stages Anthropic wants to own your agent's memory, evals, and orchestration — and that should make enterprises nervous Enterprise GPU utilization: why 95% of AI infrastructure spend is wasted Governance, not gatekeeping: How SAP brings enterprise‑grade safety to AI connectivity Anthropic introduces "dreaming," a system that lets AI agents learn from their own mistakes RL orchestration: how a 7B model routes tasks across GPT-5, Claude, and Gemini Meet ZAYA1-8B, a super efficient open reasoning model trained on AMD Instinct MI300 GPUs Anthropic Skill scanners passed every check. The malicious code rode in on a test file. Why AI breaks without context — and how to fix it Market research is too slow for the AI era, so Brox built 60,000 identical 'digital twins' of real people you can survey instantly, repeatedly The app store for robots has arrived: Hugging Face launches open-source Reachy Mini App Store with 200+ apps Scaling AI into production is forcing a rethink of enterprise infrastructure Miami startup Subquadratic claims 1,000x AI efficiency gain with SubQ model; researchers demand independent proof. GPT-5.5 Instant shows you what it remembered — just not all of it One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it AI agents are missing all the discussions your team is having. SageOX has an answer: agentic context infrastructure OpenAI turns its sold-out GPT-5.5 party into a monthlong Codex giveaway for 8,000 developers Inside AMEX’s agentic commerce stack: How intent contracts and single-use tokens enforce AI transactions Microsoft takes Agent 365 out of preview as shadow AI becomes an enterprise threat The RAG era is ending for agentic AI — a new compilation-stage knowledge layer is what comes next Salesforce Agentforce Operations fixes workflows breaking enterprise AI MCP command execution flaw: what security teams need to know The scaffolding era is over. LlamaIndex says context is the new moat xAI launches Grok 4.3 at an aggressively low price and a new, fast, powerful voice cloning suite Hidden IT problems are quietly creating risk, shadow IT, and lost productivity Alibaba's HDPO cuts AI agent tool overuse from 98% to 2% One tool call to rule them all? New open source Python tool Runpod Flash eliminates containers for faster AI dev Why OpenAI's 'goblin' problem matters — and how you can release the goblins on your own AI coding agents breached: attackers targeted credentials, not models | VentureBeat Writer launches AI agents that can act without prompts, taking on Amazon, Microsoft and Salesforce Netomi raises $110 million as Accenture and Adobe bet on AI for customer service Cheaper tokens, bigger bills: The new math of AI infrastructure Amazon’s OpenAI gambit signals a new phase in the cloud wars — one where exclusivity no longer applies Enterprise RAG rebuild: hybrid retrieval adoption tripled in Q1 2026 IBM launches Bob with multi-model routing and human checkpoints to turn AI coding into a secure production system AWS Quick's knowledge graph creates an orchestration blind spot Why enterprise GPU utilization is stuck at 5% — and why the fix makes it worse Definity embeds agents inside Spark pipelines to catch failures before they reach agentic AI systems How to build custom reasoning agents with a fraction of the compute American AI startup Poolside launches free, high-performing open model Laguna XS.2 for local agentic coding Mistral AI launches Workflows, a Temporal-powered orchestration engine already running millions of daily executions Microsoft and OpenAI gut their exclusive deal, freeing OpenAI to sell on AWS and Google Cloud Open source Xiaomi MiMo-V2.5 and V2.5-Pro are among the most efficient (and affordable) at agentic 'claw' tasks AI framework autonomously outperforms human-designed R&D baselines Why supply chains are the proving ground for automation‑led iPaaS RAG precision tuning can quietly cut retrieval accuracy by 40%, putting agentic pipelines at risk Enterprises are obsessing over model accuracy while ignoring the infrastructure layer where AI systems actually break. Monitoring LLM behavior: Drift, retries, and refusal patterns CVSS vulnerability triage: 5 failures, 5 fixes DeepSeek-V4 arrives with near state-of-the-art intelligence at fraction of the cost of Opus 4.7, GPT-5.5 85% of enterprises are running AI agents. Only 5% trust them enough to ship. AI synthetic audiences are already here and poised to upend the consulting industry Mystery solved: Anthropic reveals changes to Claude's harnesses and operating instructions likely caused degradation OpenAI's GPT-5.5 is here, and it's no potato: narrowly beats Anthropic's Claude Mythos Preview on Terminal-Bench 2.0 New startup BAND debuts agentic mesh with deterministic routing to govern multiple enterprise AI agents across model providers, channels OpenAI unveils Workspace Agents, a successor to custom GPTs for enterprises that can plug directly into Slack, Salesforce and more Google and AWS split the AI agent stack between control and execution Are you paying an AI ‘swarm tax’? Why single agents often beat complex systems OpenAI launches Privacy Filter, an open source, on-device data sanitization model that removes personal information from enterprise datasets Google doesn't pay the Nvidia tax. Its new TPUs explain why. Salesforce’s Agentforce Vibes 2.0 targets a hidden failure: context overload in AI agents Google’s Gemini can now run on a single air-gapped server — and vanish when you pull the plug The modern data stack was built for humans asking questions. Google just rebuilt its for agents taking action. Google’s new Deep Research and Deep Research Max agents can search the web and your private data Vercel breach exposes the OAuth gap most security teams cannot detect, scope or contain The AI governance mirage: Why 72% of enterprises don’t have the control and security they think they do OpenAI's ChatGPT Images 2.0 is here and it does multilingual text, full infographics, slides, maps, even manga — seemingly flawlessly Kimi K2.6 runs agents for days — and exposes the limits of enterprise orchestration What AI model should you use for revenue intelligence? Von says all the big ones, and it will automate mixing and matching for you Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it Train-to-Test scaling explained: How to optimize your end-to-end AI compute budget for inference AI agent security maturity audit: enterprises funded stage one, stage-three threats arrived anyway Anthropic just launched Claude Design, an AI tool that turns prompts into prototypes and challenges Figma Should my enterprise AI agent do that? NanoClaw and Vercel launch easier agentic policy setting, approval dialogs for messaging apps Salesforce launches Headless 360 to turn its entire platform into infrastructure for AI agents Are we getting what we paid for? How to turn AI momentum into measurable value OpenAI debuts GPT-Rosalind, a new limited access model for life sciences, and broader Codex plugin on Github OpenAI drastically updates Codex desktop app to use all other apps on your computer, generate images, preview webpages Anthropic releases Claude Opus 4.7, narrowly retaking lead for most powerful generally available LLM AI lowered the cost of building software. Enterprise governance hasn’t caught up Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway Frontier models are failing one in three production attempts — and getting harder to audit Meta researchers introduce 'hyperagents' to unlock self-improving AI for non-coding tasks We tested Anthropic’s redesigned Claude Code desktop app and 'Routines' -- here's what enterprises should know AI's next bottleneck isn't the models — it's whether agents can think together Adobe’s new Firefly AI Assistant wants to run Photoshop, Premiere, Illustrator and more from one prompt Traza raises $2.1 million led by Base10 to automate procurement workflows with AI Agentic coding at enterprise scale demands spec-driven development Designing the agentic AI enterprise for measurable performance Five signs data drift is already undermining your security models Your developers are already running AI locally: Why on-device inference is the CISO’s new blind spot AI agent credentials live in the same box as untrusted code. Two new architectures show where the blast radius actually stops. Intuit compressed months of tax code implementation into hours — and built a workflow any regulated-industry team can adapt OpenAI introduces ChatGPT Pro $100 tier with 5X usage limits for Codex compared to Plus Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook Claude, OpenClaw and the new reality: AI agents are here — and so is the chaos Goodbye, Llama? Meta launches new proprietary AI model Muse Spark — first since Superintelligence Labs' formation LLM-referred traffic converts at 30-40% — and most enterprises aren't optimizing for it
MFA verifies who logged in. It has no idea what they do next.
louiswcolumb · 2026-05-22 · via VentureBeat

Every MFA check passed. Every login was legitimate. The compliance dashboard was green across every identity control. And the attacker was already inside, moving laterally through Active Directory with a valid session token, escalating privileges on a trajectory toward the domain controller.

This is the scenario playing out inside enterprises that invested heavily in authentication and assumed the job was done. The credential was real. The multi-factor challenge was answered correctly. The system performed exactly as designed. It authenticated the user at the front door and never looked again. The breach didn't bypass MFA. It started after MFA succeeded.

Authentication proves identity at a single point in time. Then it goes blind. Everything that follows, the lateral movement, the privilege escalation, the quiet exfiltration through Active Directory, falls outside what MFA was ever designed to see.

A CIO found the gap in production

Alex Philips, CIO at NOV, identified the gap through operational testing. "We found a gap in our ability to revoke legitimate identity session tokens at the resource level. Resetting a password isn't enough anymore. You have to revoke session tokens instantly to stop lateral movement," he told VentureBeat.

What Philips found wasn't a misconfiguration. It was an architectural blind spot that exists in nearly every enterprise identity stack. Once a user authenticates successfully, the resulting session token carries that trust forward without reassessment. The token becomes a bearer credential. Whoever holds it, attacker or employee, inherits every permission associated with the session. NOV's investigation confirmed that identity session token theft is the vector behind the most advanced attacks they track, driving the team to tighten identity policies, enforce conditional access, and build rapid token revocation from the ground up.

Average e-crime breakout time dropped to 29 minutes in 2025, with the fastest recorded breakout clocked at 27 seconds, according to CrowdStrike's 2026 Global Threat Report. In 82% of detections across 2025, no malware was deployed at all. Attackers don't need exploits when they have session tokens.

Attackers stopped writing malware because stolen identities work better

"Adversaries have figured out that one of the fastest ways to gain access to an environment is to steal legitimate credentials or to use social engineering," Adam Meyers, Senior Vice President of Counter Adversary Operations at CrowdStrike, told VentureBeat. The economics are stark: modern endpoint detection has raised the cost and risk of deploying malware. A stolen credential, by contrast, triggers no alert, matches no signature, and inherits whatever access the real user had.

Vishing attacks exploded by 442% between the first and second halves of 2024, according to CrowdStrike's 2025 Global Threat Report, while deepfake fraud attempts rose more than 1,300% in 2024, according to Pindrop's 2025 Voice Intelligence & Security Report. Face swap attacks grew 704% in 2023, according to data cited in the same report. A 2024 study cited in CrowdStrike's 2025 Global Threat Report found AI-generated phishing emails matched expert-crafted human phishing at a 54% click-through rate, both vastly outperforming generic bulk phishing at 12%.

The threat is not that AI makes one attacker more dangerous. The threat is that AI gives every attacker expert-level social engineering at near-zero marginal cost. The credential supply chain now operates at industrial scale.

The gap between IAM and SecOps is where sessions go to die

By 2026, 30% of enterprises would no longer consider face-based identity verification and biometric authentication solutions reliable in isolation due to AI-generated deepfakes, Gartner predicted in a 2024 report. Riemer pointed to Ivanti's own 2026 State of Cybersecurity Report to quantify the gap. The report, surveying over 1,200 security professionals, found the preparedness gap between threats and defenses widened by an average of 10 points in a single year.

Kayne McGladrey, IEEE Senior Member, framed the organizational failure in business terms. "Anything that seems to have a cybersecurity flavor is generally put into the cybersecurity risk category, which is a complete fiction. They should be focused on business risks, because if it doesn't affect the business, like a financial loss, then nobody's going to pay attention to it, and they will not budget it appropriately, nor will they adequately put in controls to prevent it," McGladrey told VentureBeat. That logic explains why session governance, token lifecycle management, and cross-domain identity correlation fall into a gap between IAM and SecOps. Nobody owns it because nobody has framed it as a business loss.

"You may only see pieces of the intrusion on the identity side, on the cloud side, and on the endpoint side. You need cross-domain visibility because the best case scenario gives you about 29 minutes to stop these intrusions," Meyers told VentureBeat.

Mike Riemer, Ivanti's Field CISO, has watched this disconnect play out across two decades of shifting paradigms. "I don't know you until I validate you. Until I know what it is and I know who is on the other side of the keyboard, I'm not going to communicate with it until they give me the ability to understand who it is," Riemer told VentureBeat.

That question applies directly to post-authentication sessions. If attackers use AI to fabricate the identity that clears MFA, defenders need AI watching what that identity does after. Riemer's broader point is that placing the security perimeter at a single login event invites every attacker who clears that gate to have the run of the house.

NOV closed the gap. Most enterprises haven't started.

"It gives us a forced security policy enforcement gateway. Users and attackers on a flat network can use stolen identity session tokens, but with zero-trust gateways it forces conditional access and revalidation of trust," Philips told VentureBeat.

NOV shortened token lifetimes, built conditional access requiring multiple conditions, and enforced separation of duties so no single person or service account can reset a password, bypass multi-factor access, or override conditional access. "We drastically reduced who can perform password or multi-factor resets. No one person should be able to bypass these controls," Philips told VentureBeat. They deployed AI against SIEM logs to identify incidents in near real-time and brought in a startup specifically to build rapid token revocation for their most critical resources.

Philips also flagged a trust chain vulnerability that most teams overlook. "Since with AI advances you can't trust voice or video or even writing styles, you must have either preshared secrets or be able to validate a question only you and them would know," he told VentureBeat. If incident response relies on a phone call or a Slack DM to confirm a compromised account, attackers using deepfake voice or text can exploit that confirmation channel, too.

Eight things to get done this week

NOV proved these gaps are closable. Here is what to prioritize first.

  1. Pull the token lifetime report for every privileged account, service account, and API key. Shorten interactive session tokens to hours, not days. Put service account credentials on a defined rotation schedule. API keys with no expiration date are open invitations that never close.

  2. Run a session revocation drill under fire. Not a password reset. A session kill. Time it. If your team cannot revoke a live compromised session in under five minutes, that is the gap an attacker sprinting at 27 seconds will exploit first. NOV could not do it either. They brought in dedicated resources and built the capability from scratch.

  3. Map your cross-domain telemetry end to end. A single analyst should be able to correlate an identity anomaly in your directory service with a cloud control plane login and an endpoint behavioral flag without switching consoles. If that workflow requires four dashboards and a Slack thread, a 29-minute breakout will beat you every time.

  4. Extend conditional access enforcement past the front door. Every privilege escalation and every sensitive resource request should trigger revalidation. An identity that authenticates from Houston and surfaces from Bucharest 20 minutes later should fire automatic step-up authentication or session termination.

  5. Replace SMS and push-based MFA with phishing-resistant FIDO2 and passkey-based authentication everywhere feasible. Every push notification an attacker can fatigue-bomb is a session they can steal. This remains the cheapest upgrade that closes the widest gap.

  6. Audit separation of duties on identity workflows. If one person or one service account can reset credentials, approve privileged access, and bypass MFA, that is a single point of failure that attackers will find. NOV eliminated that configuration.

  7. Establish an out-of-band incident verification protocol with preshared secrets. If your team still confirms compromised accounts over a phone call or Slack message, deepfake voice and text can compromise that channel too. Build the protocol before you need it.

  8. Create a dedicated budget line for identity-layer governance. Session governance, token lifecycle management, continuous identity verification, and standards like CAEP and the Shared Signals Framework need a single owner with a single budget. If that owner does not exist, attackers already own the gap.

Philips's team went from discovering they couldn't kill a compromised session to standing up rapid token revocation under real attack conditions. They shortened token lifetimes, eliminated single-person credential resets, deployed AI-driven log analysis, and built a dedicated revocation capability for their most critical resources. That transformation took months, not years.

The gap NOV closed exists inside nearly every enterprise that treats authentication as the finish line instead of the starting gun. Philips put it plainly: "Resetting a password isn't enough anymore. You have to revoke session tokens instantly to stop lateral movement." His team built the answer. The question for every other CISO is whether they find that gap on their own terms, or whether an attacker moving at 27 seconds finds it for them.