What your tools miss at 2:13 AM: How gen AI attack chains exploit telemetry lag – Part 1

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More It’s 2:13 a.m. on a Sunday and the SOC teams’ worst nightmares are about to come true. Attackers on the other side of the planet are launching a full-scale attack on the company’s infrastructure. Thanks to multiple unpatched endpoints that haven’t seen an update since 2022, they blew through its perimeter in less than a minute. Attackers with the skills of a nation-state team are after Active Directory to lock down the entire network while creating new admin-level privileges that will lock out any attempt to shut them down. Meanwhile, other members of the attack team are unleashing legions of bots designed to harvest gigabytes of customer, employee and financial data through an API that was never disabled after the last major product release. In the SOC, alerts start lighting up consoles like the latest Grand Theft Auto on a Nintendo Switch. SOC Analysts ar ... Read full article.