News for today:
- LevelBlue acquired Fortra’s Alert Logic MDR business. LevelBlue and Fortra announced a long-term partnership, which includes the sale of the Alert Logic MDR business to LevelBlue. LevelBlue will acquire the managed services of Fortra’s Alert Logic Managed Detection and Response (MDR), Extended Detection and Response (XDR), and Web Application Firewall (WAF) solutions. LevelBlue’s expanded MDR platform, strengthened through recent acquisitions, will provide Alert Logic’s client base with access to a larger global footprint, broader threat telemetry, and accelerated detection and response across complex environments. In parallel, Fortra will become one of LevelBlue’s leading cybersecurity partners, making its best-in-class software and platforms available to LevelBlue’s global client base. Fortra
- HackerOne Agentic PTaaS. HackerOne announced Agentic Pentest as a Service – offering continuous security validation through a combination of agent execution and action by security teams. A coordinated system of AI agents and human experts scales reconnaissance, setup, exploitation, and validation across large and changing attack surfaces while preserving judgment, accountability, and trust. HackerOne’s agents are trained and refined using proprietary exploit intelligence informed by years of testing real enterprise systems. This is combined with a robust, verified community of elite pentesters, providing unmatched scale. Together, this combination ensures results reflect real-world exploitability rather than theoretical risk. HackerOne
- Immersive launched on-demand cyber simulations for CrowdStrike Falcon. Immersive added access to a fully provisioned CrowdStrike environment to its Immersive One platform, enabling customers to prove cyber readiness with CrowdStrike exposure – to learn the tool, strengthen security posture, and prove the response process works. Available immediately. Immersive
- Zscaler AI Security Suite. Zscaler released its AI Security Suite, to provide visibility and control for generative AI and agentic AI (among others) at enterprises. Zscaler’s new innovations provide enterprises with a comprehensive inventory and dependency map of their AI footprint, spanning GenAI services, embedded AI SaaS, AI development environments, MCP servers, agents, models, and AI infrastructure. The solution correlates asset discovery, access relationships, data lineage, runtime behavior, and security posture, enabling organizations to adopt AI faster while maintaining security, governance, and control. Zscaler
- Adaptive phishing kits. New custom phishing kits include adaptive / interactive capabilities to enable a voice-based social engineer to control which pages a targeted victim see on a phishing site – thus increasing the likelihood of successfully bypassing MFA challenges. The most critical of these features are client-side scripts that allow threat actors to control the authentication flow in the browser of a targeted user in real-time while they deliver verbal instructions or respond to verbal feedback from the targeted user. It’s this real-time session orchestration that delivers the plausibility required to convince the threat actor’s target to approve push notifications, submit one time passcodes (OTP) or take other actions the threat actor needs to bypass MFA controls. Key recommendation: go phishing-resistant for MFA. Okta Threat Intelligence
- AegisAI on semantic defense. AegisAI outlines its concept of semantic defense in AI-based email security and how it is leveraging the concept in its products to detect sophisticated attacks. Core idea: semantic defense is about understanding how a message was built, how it reads, and what it’s trying to make someone do—and using those signals to catch attacks that humans can’t safely shoulder on their own. AegisAI