Security Boulevard

8 min readAgentic AI is emerging, shifting from passive chatbots to systems that reason, adapt, and autonomously execute multi-step tasks. Unlike "read-only" AI, agentic AI is "read-write," able to modify data and trigger actions. This active AI offers automation opportunities but necessitates new security for non-human identities.

The post From Chatbots to Agents: The Evolution Toward Agentic AI appeared first on Aembit.

The post From Chatbots to Agents: The Evolution Toward Agentic AI appeared first on Security Boulevard.

Federal investigators have found 200,000 more SIM cards at a site in New Jersey that were part of a sprawling hidden telecommunications network that initially included 100,000 other SIM cards and 300 servers scattered across at least five locations that could have taken down communications throughout New York City.

The post 200,000 More SIM Cards Found Linked to Secret Telecom Network in NYC appeared first on Security Boulevard.

Tonic.ai is thrilled to join the Microsoft for Startups Pegasus Program. We're bringing our privacy-compliant synthetic data solutions to Microsoft Azure customers.

The post Tonic.ai + Microsoft: Accelerating AI adoption with privacy-compliant synthetic data appeared first on Security Boulevard.

The call comes in at 4:55 PM on a Friday. It’s the CFO, and she’s frantic. She’s locked out of her account, needs to approve payroll, and her flight is boarding in ten minutes. She can’t remember the name of her first pet, and the code sent to her phone isn’t working. The pressure is immense. What does your help desk agent do? Do they bypass security to help the executive, or do they hold the line, potentially disrupting a critical business function?

This isn’t a hypothetical scenario; it's a daily, high-stakes gamble for support teams everywhere. And it’s a gamble that attackers are counting on. They know your help desk is staffed by humans who are measured on their ability to resolve problems quickly. They exploit this pressure, turning your most helpful employees into unwitting accomplices in major security breaches. It's time to stop gambling.

The post Announcing the HYPR Help Desk Application: Turn Your Biggest Risk into Your Strongest Defense appeared first on Security Boulevard.

Today's Unmanned Aircraft Systems (UAS) and defense mission platforms are software-intensive systems operating across highly complex ecosystems. As these systems grow more sophisticated, so do the threats they face.

The post Securing the Skies: Software Supply Chain Readiness for Unmanned Aircraft Systems appeared first on Security Boulevard.

How has AI changed your workflow? Share your story in Sonar's State of Code developer survey

The post Developer survey request appeared first on Security Boulevard.

CVEs & Vulnerabilities of September 2025 reveal a wave of high-impact flaws that security teams cannot afford to ignore. From unauthenticated exploits in FreePBX to privilege escalation in Android and root-level risks in Cisco firewalls, attackers are moving fast to weaponize these weaknesses. This blog explains the top CVEs, how they work, and why rapid patching is critical for enterprise protection.

The post Top CVEs & Vulnerabilities of September 2025 appeared first on Strobes Security.

The post Top CVEs & Vulnerabilities of September 2025 appeared first on Security Boulevard.

Explore the depths of retina scan authentication, from its technology and security to ethical considerations and implementation. A guide for developers and security pros.

The post An Inclusive Guide to Retina Scan Authentication appeared first on Security Boulevard.

The post 10 File Threats That Slip Past Traditional Security—and How to Stop Them appeared first on Votiro.

The post 10 File Threats That Slip Past Traditional Security—and How to Stop Them appeared first on Security Boulevard.

The CISA law, which for 10 years has facilitated the wide sharing of threat information among private entities and the federal government that is a cornerstone of cybersecurity and national security, is likely to expire tonight if it's not reauthorized, which security pros say would hand adversaries a significant advantage.

The post Critical CISA Cybersecurity Law is Hours Away from Expiring appeared first on Security Boulevard.

What is a Firewall Migration (and Why It Happens) A firewall migration is the process of moving rules, policies, and configurations from one firewall to another, whether that’s switching vendors,...

The post Firewall Migration Checklist: Complete 10-Step Guide for IT Teams appeared first on Security Boulevard.

Are Your Machine Identities As Secure as They Should Be? Machine identities—or Non-Human Identities (NHIs)—are akin to digital citizens journeying across the interconnected landscape of an organization’s network. But how secure are these travelers on their digital voyages? The answer hinges on how effectively their identities and secrets are managed, a concern that’s integral for […]

The post Enhance Your Cyber Resilience with Capable NHIs appeared first on Entro.

The post Enhance Your Cyber Resilience with Capable NHIs appeared first on Security Boulevard.

When the latest PCI DSS 4.0 requirements came into full effect in March 2025, organizations processing cardholder data faced new obligations to protect payment pages from client-side risks. Requirements such as 6.4.3 (script inventory, authorization, and integrity monitoring) and 11.6.1 (detection of unauthorized changes) demanded stronger visibility and control than many teams had in place. […]

The post Imperva Enhances Client-Side Protection to Help You Stay Ahead of PCI-DSS Compliance appeared first on Blog.

The post Imperva Enhances Client-Side Protection to Help You Stay Ahead of PCI-DSS Compliance appeared first on Security Boulevard.

Creator, Author and Presenter: Daniele Romanini, Resolve

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel.

Permalink

The post USENIX 2025: PEPR ’25 – Unlocking Cross-Organizational Insights: Practical MPC for Cloud-Based Data Analytics appeared first on Security Boulevard.

Learn how to transform sensitive data into a safe AI asset for fine-tuning LLMs. This guide walks through a notebook-based workflow in Amazon SageMaker.

The post Turn sensitive data into safe AI assets with Tonic Textual in Amazon SageMaker Unified Studio appeared first on Security Boulevard.

Sep 30, 2025 - Lina Romero - In 2025, AI is everywhere, and so are AI vulnerabilities. OWASP’s Top Ten Risks for LLMs provides developers and security researchers with a comprehensive resource for breaking down the most common risks to AI models. In previous blogs, we’ve covered the first 6 items on the list, and today, we’ll be going over number 7: System Prompt Leakage. System Prompts are used to instruct AI model behaviour, and System Prompt Leakage occurs when sensitive information contained within the prompt is exposed. Once attackers access these secrets, they can use what they’ve learned to facilitate further attacks. The system prompt itself should never be a secret, however, underlying secrets contained within the system prompt, such as guardrails, etc., are what attackers are looking for. The best way to prevent System Prompt Leakage is to avoid hiding sensitive data such as credentials, permissions, data strings or passwords, etc., within the system prompt language. That way even if attackers get a hold of the system prompt, they have not gained any critical insider knowledge. Some common examples of System Prompt Leakage are: Exposure of Sensitive Functionality- Attackers could learn critical confidential information about functionality through a system prompt. For instance, it could reveal the database information is stored in, resulting in a targeted attack.
Exposure of Internal Rules- The system prompt could reveal information on the internal decision-making process which would allow hackers to gain insight into how it works, thus making it easier to hack.
Revealing of Filtering Criteria- Attackers could figure out the limitations of requests and use this to their advantage.
Disclosure of Permissions and User Roles- The system prompt could reveal information about permissions and user roles that could lead to further exploitation. Prevention Strategies: Separate sensitive data from system prompts: As stated above, the best way to avoid system prompt leakage vulnerabilities is to keep secrets and sensitive information outside the system prompt altogether.
Avoid reliance on system prompts for behavior control: Ensure that you are using a variety of security and other controls for each LLM, instead of putting all your eggs in the system prompt basket.
Implement Guardrails: Guardrails that limit the functionality of certain parts of the LLM can also restrict the information attackers are able to access via the system prompt.
Ensure Security Controls are implemented separately from the LLM: When in doubt, outsource- make sure that you are not solely relying on the LLM to keep itself secure. Use security software to place checks on each LLM to prevent system prompt leakage. With AI vulnerabilities on the rise, now more than ever is the time for security researchers to educate themselves on the risks to LLMs and the OWASP Top 10 is a great place to start. System Prompt Leakage occurs when attackers access sensitive information contained within the system prompt of an LLM. They can then use this information to launch further attacks. There are several ways to mitigate the risk of system prompt leakage, but the best way is to ensure that you store sensitive information such as credentials and passwords outside of the system prompt. To learn more about AI security and see how FireTail can help you with your AI security today, schedule a demo or set up a free trial, here.

The post LLM07: System Prompt Leakage – FireTail Blog appeared first on Security Boulevard.

The Cold Hard Truth: Patches Are Not Enough In recent weeks, the cybersecurity world has seen urgent warnings from CISA and major vendors about the active exploitation of critical vulnerabilities. Specifically, zero-day exploits targeting Cisco Adaptive Security Appliances (ASA) firewalls and platforms like Fortra GoAnywhere MFT have demonstrated a troubling trend: attackers are not just

The post Zero-Day Crisis: Detecting Evasive Cisco ASA and GoAnywhere MFT Attacks with AI appeared first on Seceon Inc.

The post Zero-Day Crisis: Detecting Evasive Cisco ASA and GoAnywhere MFT Attacks with AI appeared first on Security Boulevard.

Creator, Author and Presenter: Alex Kulesza

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel.

Permalink

The post USENIX 2025: PEPR ’25 – Practical Considerations For Differential Privacy appeared first on Security Boulevard.

Sep 30, 2025 - Lina Romero - In 2025’s fast-moving cyber landscape, attacks are everywhere and AI and APIs are the biggest targets. We’ve spoken before about hackers exploiting Docker Swarm to launch cryptomining attacks, but now attackers are using Docker APIs for other malicious purposes. It started this June. Trend Micro noticed abnormal activity in Docker’s APIs- attacks that started as requests to exposed APIs to retrieve a list of containers. The bad actors would then create a novel container to connect to the host root and carry out their attack on the host system. However, an encoded payload hidden in the initial request executes a shell script that sets up the Tor browser in the container and fetches a payload over the Tor network (Security Week). The attackers can then deploy a malicious shell script and modify the SSH configuration of the host system. At this point, the attackers deploy a binary acting as a dropper for an XMRig cryptocurrency miner and “all necessary execution stops internally, allowing it to deploy the miner without requiring the download of any external components” in order to avoid detection (Trend Micro). However, this was only the beginning- on September 8th of this year, hackers launched similar attacks, but with a twist: after carrying out the same initial steps, they proceeded to block external access to the Docker API by writing a command to the cron tab file to create a cron job that blocks its access every minute. From there, threat actors can perform mass scans for other open ports, and propagate malware in new containers using the exposed APIs. Researchers from Trend Micro determined that the attackers used AI in the creation of these tools. What is especially troubling is that these attacks are growing more advanced and may only continue to increase in volume and complexity. As AI and API attacks surge, Docker APIs are a popular target for attackers. Maintaining strong API security is the corner store of cybersecurity as a whole- after all, API security IS AI security. To learn more about securing AI and APIs, check out FireTail’s all-in-one approach. Set up a demo or start a free trial today.

The post Docker APIs Targeted – FireTail Blog appeared first on Security Boulevard.

Cybersecurity has traditionally been framed as an IT issue, protecting desktops, databases, and cloud platforms. But the real frontier is deeper. It's in the industrial systems that power our grids, drive our factories, safeguard our hospitals, and keep our transportation moving. 

The post Meeting IEC 62443 Compliance: How CimTrak Secures Industrial Control Systems appeared first on Security Boulevard.