Dr. T's security brief
dtau...@gmail.com
SharePoint Attacks Include Ransomware Infections
Microsoft confirmed late Wednesday that a threat group it tracks as China-based Storm-2603 is abusing vulnerable on-premises SharePoint servers to deploy ransomware. The security holes affect SharePoint Enterprise Server 2016, SharePoint Server 2019, and SharePoint Server Subscription Edition. Fixes for all three have been issued. More than 400 organizations have been compromised thus far, according to Belgium's Eye Security, including the U.S. Department of Energy's National Nuclear Security Administration, which maintains U.S. nuclear weapons.
[ » Read full article ]
The Register (U.K.); Jessica Lyons (July 24, 2025)
Security Measures for Safeguarding Brain Implants
Researchers at Yale University’s Digital Ethics Center recommend measures that brain-computer interface (BCI) manufacturers and government regulators can adopt to protect patients’ safety and privacy. The researchers advised regulators to mandate non-surgical methods for updating and recovering devices, robust authentication schemes for software modifications, and the encryption of data moving to and from patients’ brains. They also recommend steps to guard BCIs against the malicious use of AI.
[ » Read full article ]
YaleNews; Mike Cummings (July 23, 2025)
Researchers Bypass Anti-Deepfake Markers on AI Images
Researchers at the University of Waterloo in Canada developed a tool that can quickly remove watermarks identifying artificially generated content. The UnMarker tool can remove watermarks without knowing anything about the system that generated them or anything about the watermarks. Explained Waterloo’s Andre Kassis, "We can just apply this tool and within two minutes max, it will output an image that is visually identical to the watermark image" but without the watermark indicating its artificial origin.
[ » Read full article ]
CBC News (Canada); Anja Karadeglija (July 23, 2025)
Humans Can Be Tracked Based on How They Block Wi-Fi Signals
Computer scientists at Sapienza University of Rome in Italy have developed a biometric identifier based on the way the human body interferes with Wi-Fi signal propagation. Derived from Wi-Fi Channel State Information, the WhoFi identifier can re-identify a person in other locations most of the time when a Wi-Fi signal can be measured; as a result, a person could be tracked as they pass through signals sent by different Wi-Fi networks.
[ » Read full article ]
The Register (U.K.); Thomas Claburn (July 22, 2025)
Tesla Testing if Its Robotaxis Can Be Hacked Remotely
Tesla has received U.S. Federal Communications Commission approval to test its robotaxis for vulnerabilities to cellular and radio frequency (RF) hacking. The company will simulate RF attacks to assess how resilient its autonomous vehicles are to malicious interference. The tests aim to strengthen cybersecurity measures ahead of broader autonomous vehicle deployment.
[ » Read full article ]
PC Mag; Emily Forlini (July 21, 2025)
Global Hack on Microsoft Product Hits U.S., State Agencies
Hackers exploited a zero-day vulnerability in widely-used Microsoft SharePoint server software to launch a global attack on government agencies and businesses in the past few days, breaching U.S. federal and state agencies, universities, and energy companies. Tens of thousands of servers are at risk, experts said, and Microsoft has issued no patch for the flaw. Researchers said the hackers gained access to keys that may allow them to regain entry even after a system is patched.
[ » Read full article ]
The Washington Post; Ellen Nakashima; Joseph Menn; Yvonne Wingett Sanchez (July 20, 2025)
Nvidia Warns Its GPUs Need Protection Against Rowhammer Attacks
Nvidia has warned customers to implement defenses against Rowhammer attacks after researchers from Canada's University of Toronto identified a vulnerability in one of its workstation-grade GPUs. Rowhammer attacks can disrupt operations by using repeated bursts of read or write operations to "hammer" rows of memory cells. The vulnerability affects Nvidia's A6000 GPU with GDDR6 memory when system-level error correcting code (ECC) is disabled.
[ » Read full article ]
The Register (U.K.); Iain Thomson; Simon Sharwood (July 13, 2025)
Mexico Makes Biometric Identifier Mandatory for Citizens
A new law in Mexico is turning the previously optional biometric-based citizen code into a mandatory document for all citizens. The Unique Population Registry Code (Clave Única de Registro de Población, or CURP) will contain personal and biometric information, including a photograph and a QR code containing biometric fingerprint and iris data. The identifier will be introduced gradually by February 2026 and could be integrated into a single identity platform connected to other state databases and administrative records.
[ » Read full article ]
Biometric Update; Masha Borak (July 18, 2025)
AI Models with Systemic Risks Given Pointers on Complying with EU AI Rules
The European Commission (EC) on Friday unveiled guidelines to help AI models determined to have systemic risks comply with the EU's AI Act. Impacted AI models will have to carry out evaluations, assess and mitigate risks, conduct adversarial testing, report serious incidents to the EC, and ensure adequate cybersecurity protection against theft and misuse. Companies have until August 2026 to comply with the legislation.
[ » Read full article ]
Reuters; Foo Yun Chee (July 18, 2025)
Microsoft Stops Relying on Chinese Engineers for Pentagon Cloud Support
Microsoft has revised its practices to ensure that engineers in China no longer provide technical support to U.S. defense clients using the company’s cloud services. The announcement came days after ProPublica published a report describing the U.S. Defense Department’s dependence on Microsoft software engineers in China. According to the report, Microsoft’s Chinese Azure engineers are overseen by “digital escorts” in the U.S., an arrangement that might leave the U.S. vulnerable to a cyberattack from China.
[ » Read full article ]
CNBC; Jordan Novet (July 18, 2025)
U.S. Aims to Ban Chinese Technology in Undersea Cables
The U.S. Federal Communications Commission (FCC) intends to implement rules prohibiting companies from connecting to undersea telecommunication cables to the U.S that include Chinese technology or equipment, citing national security concerns. FCC Chair Brendan Carr said the rules are necessary to "guard our submarine cables against foreign adversary ownership and access as well as cyber and physical threats."
[ » Read full article ]
Reuters; David Shepardson; Jasper Ward; Bhargav Acharya (July 16, 2025)
Cybersecurity Bosses Increasingly Worried About AI Attacks, Misuse
A survey of around 110 chief information security officers (CISOs) by Israeli venture fund Team8 found close to a quarter said their firms had experienced an AI-powered cyberattack in the past year. Securing AI agents was cited as an unsolved cybersecurity challenge for about 40% of respondents, while a similar percentage of CISOs expressed concerns about securing employees' AI usage. About three-quarters (77%) of respondents said they anticipate less-experienced security operations center analysts to be among the first replaced by AI agents.
[ » Read full article *May Require Paid Registration ]
Bloomberg; Cameron Fozi (July 17, 2025)
EU Issues AI Guidelines Amid Systemic Risk Concerns
Reuters (7/18) reports that the European Commission released guidelines on Friday to assist AI models identified as having systemic risks in adhering to the European Union’s AI Act. The act, effective Aug. 2, applies to models from companies like Google, OpenAI, Meta, Anthropic, and Mistral. These companies must comply by Aug. 2 next year or face fines ranging from 7.5 million euros to 35 million euros. The guidelines address criticisms about regulatory burdens and clarify obligations for companies, including model evaluations, risk assessments, and cybersecurity measures. General-purpose AI models must meet transparency requirements. EU tech chief Henna Virkkunen stated, “With today’s guidelines, the Commission supports the smooth and effective application of the AI Act.”
Lawmakers Question Tech Giants On Subsea Cable Safeguards
Reuters (7/21, Shepardson) reports three Republican House lawmakers sent letters to the CEOs of Alphabet, Meta, Amazon, and Microsoft on Monday, asking if they have implemented sufficient safeguards to protect submarine communications cables from national security threats. The letter cited concerns about Chinese entities like Huawei Marine and China Telecom potentially compromising cable systems during maintenance. Representatives requested disclosures by August 8 regarding any suspected tampering or irregularities during cable repairs. The lawmakers referenced “a pattern of coordinated malign activity” by China and Russia targeting subsea infrastructure globally. Since 2020, US regulators have halted four cable projects linking the US and Hong Kong.
Amazon Announces Winners Of Inaugural Nova AI Challenge
SiliconANGLE (7/23) reports that Amazon revealed the winners of its first Nova AI Challenge, a global competition in which university teams tested AI coding assistants’ security through live adversarial scenarios. Team PurpCorn-PLAN from the University of Illinois Urbana-Champaign won the defending track by building a secure coding assistant using Amazon’s custom 8 billion-parameter model, while Purdue University’s Team PurCL topped the attacking track by jailbreaking rival models. Amazon, which evaluated teams using AWS tools like CodeGuru and human reviewers, prioritized a balance between safety and usability. Amazon CISO Eric Docktor said the tournament “accelerates secure, trustworthy AI-assisted software development.” Each team received $250,000 in sponsorship and AWS credits, with the winners gaining an additional $250,000 in prize money and the runners-up receiving an additional $100,000. Participants later shared research at Amazon’s Nova AI Summit.
Faulty Microsoft Security Patches May Have Been Exploited In SharePoint Hack
The Wall Street Journal (7/24, McMillan, Volz, Subscription Publication) reports Chinese hackers may have used faulty patches to hone their attacks and gain access to Microsoft’s SharePoint software, according to security researchers. The failed security patches – released earlier this month – represent the latest in a string of big tech misses that China has used to grow its cyber-espionage operations. The Department of Homeland Security last year released a report detailing Microsoft’s mistakes during a 2023 hack in which thousands of emails from top government officials were stolen.
dtau...@gmail.com
Hackers Compromise Intelligence Website Used by CIA, Other U.S. Agencies
Hackers breached the U.S. National Reconnaissance Office's Acquisition Research Center website, compromising intelligence community contract information. The attack exposed proprietary information from vendors supporting the highly classified Digital Hammer program, which develops AI-powered surveillance tools, miniaturized sensors, acoustic systems, and open-source intelligence platforms for countering Chinese intelligence operations. Space Force satellite surveillance programs, space-based weapons development, and the Golden Dome missile defense system may have been compromised as well.
[ » Read full article ]
Cyber Security News; Guru Baran (July 28, 2025)
Nvidia Says Its Chips Have No 'Backdoors' After China Flags H20 Security Concerns
The Cyberspace Administration of China (CAC) has expressed concerns about potential security risks stemming from a U.S. proposal to equip advanced AI chips with tracking and positioning functions. CAC, China's Internet regulator, called for a meeting with Nvidia on July 31 regarding potential backdoor security risks in its H20 AI chip. In response, Nvidia said its H20 AI chip has no backdoors that would enable remote access or control.
[ » Read full article ]
Reuters (July 31, 2025)
Minnesota Calls in National Guard After 'Digital Attack' on St. Paul
Minnesota called in the National Guard after its capitol city of St. Paul was hit with what Mayor Melvin Carter called a "deliberate, coordinated, digital attack." The office of Governor Tim Walz said the Guard, which has a cyber protection component, was deployed because the attack had "exceeded the city's response capacity." Carter said the city shut down its information systems as a defensive measure, triggering Wi-Fi outages across city buildings, disruptions to city libraries, and suspension of network resources.
[ » Read full article ]
Reuters; Raphael Satter; AJ Vicens (July 29, 2025)
Hacker Sneaks Infostealer Malware into Early Access Steam Game
Threat intelligence firm Prodaft found that threat actor EncryptHub, also tracked as Larva-208, injected malicious binaries into the game files of an early access survival crafting game hosted on Steam. As a result, users who clicked on the Playtest of Aether Forge Studios' Chemia game were unknowingly downloading info-stealing malware. The malware, HijackLoader and Fickle Stealer, also were used by EncryptHub last year in a spear-phishing and social engineering campaign that affected more than 600 organizations worldwide.
[ » Read full article ]
BleepingComputer; Bill Toulas (July 24, 2025)
U.K. to Ban Government Bodies from Paying Ransoms to Hackers
The U.K. government plans to prohibit public sector organizations from paying ransoms to hackers. Private companies will be required to notify authorities if they intend to pay a ransom, with the government to offer advice and support. The policy aims to deter cybercriminals and prevent funds from reaching sanctioned cybercriminal groups.
[ » Read full article ]
The Guardian (U.K.); Robert Booth (July 22, 2025)
Heartbeat Detection Unmasks Deepfakes
Researchers at the Netherlands Forensic Institute developed a method for detecting deepfakes by analyzing blood flow patterns in human faces. Photoplethysmography technology that measures pulse rates through subtle changes in skin color resulting from blood circulation was applied to video analysis to detect a human heartbeat. The researchers found consistent correlations between measured heartbeat and variations in skin color under all scenarios and across all skin tones.
[ » Read full article ]
ComputerWeekly.com; Kim Loohuis (July 24, 2025)
dtau...@gmail.com
Two-Factor Authentication Just Got Simpler
Scientists at Sandia National Laboratories in New Mexico developed a new variation of two-factor authentication (TFA) that does not depend on time-based codes. The new method uses a random number generator and enables direct device-to-device authentication without requiring third-party services or GPS connectivity. Intended for devices lacking sufficient processing power, network bandwidth, or GPS access, such as remote sensors, drones, and smart thermostats, this system performs computations once upfront, reducing the need for continuous processing and conserving energy.
[ » Read full article ]
IEEE Spectrum; Charles Q. Choi (August 5, 2025)
Google's AI-Powered Bug Hunting Tool Finds Major Issues in Open Source Software
Big Sleep, Google's AI-driven bug detection tool, autonomously discovered and reproduced 20 security vulnerabilities in open source software projects, including FFmpeg and ImageMagick. Human security workers verified each vulnerability, which remained secret until they were mitigated under Google's 90-day patching policy. The verification process by human experts was done to assuage any concerns about false positives of AI hallucinations. The full list of vulnerabilities ranked by level of impact (low to high) are available from Google.
[ » Read full article ]
TechRadar; Craig Hale (August 5, 2025)
Thousands of ChatGPT Conversations Appearing in Google Search Results
Thousands of private ChatGPT conversations are appearing in Google search results, exposing deeply personal user disclosures. The issue stems from OpenAI’s shareable chat links, which included an optional, but often misunderstood, setting allowing conversations to be indexed by search engines. While the feature has since been removed, previously indexed chats remain public unless deleted by users. Some include details about trauma, mental health, or identity, raising concerns about data privacy, interface design, and broader industry responsibility around user protection and transparency.
[ » Read full article *May Require Free Registration ]
Computing (U.K.); Dev Kundaliya (August 4, 2025)
Nearly Half of All Code Generated by AI Found to Contain Security Flaws
New research from application security solution provider Veracode reveals that 45% of all AI-generated code contains security vulnerabilities, with no clear improvement across larger or newer large language models. An analysis of over 100 models across 80 coding tasks found Java code most affected with over 70% failure, followed by Python, C#, and JavaScript. The study warns that increased reliance on AI coding without defined security parameters, referred to as "vibe coding," may amplify risks.
[ » Read full article ]
TechRadar; Craig Hale (August 1, 2025)
CISA Open-Sources Thorium Platform for Malware, Forensic Analysis
The open source Thorium platform developed by researchers at the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Sandia National Laboratories is intended for use by government-, public-, and private-sector malware and forensic analysts. Available through CISA's official GitHub repository, Thorium automates numerous cyberattack investigatory tasks. Integrating commercial, open source, and custom tools, Thorium can schedule more than 1,700 jobs per second and handle more than 10 million files per hour per permission group.
[ » Read full article ]
BleepingComputer; Sergiu Gatlan (July 31, 2025)
Spikes in Malicious Activity Precede New Security Flaws in 80% of Cases
Researchers at threat monitoring firm GreyNoise found new Common Vulnerabilities and Exposures (CVEs) involving edge networking devices often were preceded by increases in network reconnaissance, targeted scanning, brute-forcing attempts, and other malicious activity. In a study of 216 spike events, the researchers identified a new CVE within three weeks of 50% of these events and within six weeks of 80% of these events.
[ » Read full article ]
BleepingComputer; Bill Toulas (July 31, 2025)
Flickering Lights Could Help Fight Misinformation
A team of Cornell University computer scientists developed "noise-coded illumination," a watermarking technique that embeds verification data as imperceptible flickers of light sources in videos. Cameras record these unique flicker patterns, enabling investigators to decode them and verify video authenticity or detect manipulations. Studio lights could be programmed to flicker in unique patterns during a recording, which would then be detectable by a decoder to determine if the video was later altered.
[ » Read full article ]
Engadget; Andre Revilla (July 30, 2025)
NIST Consortium and Draft Guidelines Aim to Improve Security in Software Development
The National Institute of Standards and Technology's (NIST) National Cybersecurity Center of Excellence (NCCoE), together with 14 member organizations in its Software Supply Chain and DevOps Security Practices Consortium, is developing guidelines for secure software development in response to White House Executive Order 14306. Their draft, NIST Special Publication 1800-44, outlines high-level DevSecOps practices and intends to expand on the Secure Software Development Framework (SSDF). Public comments on the guidelines are being accepted until September 12, 2025.
[ » Read full article ]
National Institutes of Health (July 30, 2025)
China Says U.S Exploited Old Microsoft Flaw for Cyberattacks
The Cyber Security Association of China has accused U.S. hackers of stealing military data and perpetrating cyberattacks against the nation's defense sector. The association said the U.S. actors exploited vulnerabilities in Microsoft Exchange email servers to attack two major Chinese military companies, which it did not name. The hackers reportedly controlled the servers of one key defense company for almost a year, according to the association.
[ » Read full article *May Require Paid Registration ]
Bloomberg; Jane Lanhee Lee; Mark Anderson; Colum Murphy (August 1, 2025)
Alumni Criticize Universities Over Email Account Termination
The Chronicle of Higher Education (8/4, Cutler) reports that universities, including Temple, Vanderbilt, and Wright State, are terminating alumni email accounts due to cybersecurity risks and changes in Google’s storage policies. A Temple alumnus has sued the university after losing access to his email, which he used for various personal and professional accounts. Similar actions by other universities have affected thousands of alumni and retirees. Vanderbilt, “citing cybersecurity risks, announced this spring it planned to discontinue alumni access to Google Workspace later this month.” Ed Hudson, the vice chancellor of information technology at the University of Kansas, “said it’s become more and more difficult to fend off email hacks as the number of alumni and retirees grows.” He added that “when you leave [college], we lose that ability and that insight into what you’re doing, and that increases risk.”
dtau...@gmail.com
Pro-Russia Hackers Suspected of Dam Sabotage in Norway
Pro-Russia hackers are likely behind suspected sabotage at a dam in Norway in April that affected water flows, according to police officials. During the incident, hackers gained access to a digital system that remotely controls one of the dam’s valves and opened it to increase the water flow. A three-minute long video showing the dam’s control panel and a mark identifying a pro-Russian cybercriminal group was published on Telegram in April.
[ » Read full article ]
Associated Press; Emma Burrows (August 13, 2025)
NIST Finalizes ‘Lightweight Cryptography’ Standard to Protect Small Devices
The National Institute of Standards and Technology (NIST) has released its Lightweight Cryptography Standard to protect small, resource-limited devices like IoT gadgets, RFID tags, and medical implants from cyberattacks. Based on the Ascon algorithm family, the standard offers four variants for tasks such as authenticated encryption, hashing, and customizable hash sizes. Ascon supports secure data encryption, authentication, and integrity verification while conserving energy, time, and memory.
[ » Read full article ]
NIST News (August 13, 2025)
South Korean White Hat Hackers Win World’s Top Hacking Contest, Again
White hat hacker team Maple Mallard Magistrates (MMM) from South Korea won the Capture the Flag (CTF) hacking competition at this year’s DEF CON conference, clinching the top prize for the fourth straight year at the world's largest open computer security hacking competition. MMM's victory came just a day after a team from Samsung, the Korea Advanced Institute of Science & Technology, and Pohang University of Science and Technology claimed first place in the conference’s AI Cyber Challenge.
[ » Read full article ]
The Korea Times; Lee Gyu-lee (August 11, 2025)
Encryption Made for Police and Military Radios May Be Easily Cracked
Researchers in the Netherlands uncovered critical vulnerabilities in encryption algorithms for the TETRA radio standard, widely used by police, military, and intelligence agencies. Earlier, the team, from Midnight Blue, uncovered intentional backdoors and weak key reductions in TETRA's TEA1 algorithm. More recently, they found similar flaws in the end-to-end encryption solution through reverse-engineering. One flaw enabled a 128-bit key to be reduced to just 56 bits, enabling eavesdropping.
[ » Read full article ]
Wired; Kim Zetter (August 7, 2025)
Conversations Remotely Detected from Cellphone Vibrations
Computer science researchers demonstrated that transcriptions of phone calls can be generated from radar measurements taken up to three meters (about 10 feet) from a cellphone. The team at The Pennsylvania State University (Penn State) used a radar sensor and voice recognition software to wirelessly identify 10 predefined words, letters, and numbers with up to 83% accuracy. Explained Penn State's Suryoday Basak, "If we capture these same vibrations using remote radars and bring in machine learning to help us learn what is being said, using context clues, we can determine whole conversations."
[ » Read full article ]
PennState News; Mariah Lucas (August 8, 2025)
Microsoft Exchange Server Vulnerability Enables Attackers to Gain Admin Privileges
A critical vulnerability (CVE-2025-53786) in Microsoft Exchange Server hybrid deployments allows attackers with on-premises admin access to escalate privileges to Exchange Online without leaving clear audit traces. Demonstrated at Black Hat 2025, the flaw stems from shared service principals in hybrid authentication. Microsoft began mitigation in April 2025 by introducing dedicated hybrid applications, later formalizing the issue in this CVE.
[ » Read full article ]
Cyber Security News; Guru Baran (August 7, 2025)
A Single Poisoned Document Could Leak 'Secret' Data via ChatGPT
A vulnerability in OpenAI's ChatGPT Connectors allows sensitive information to be extracted from Google Drive via an indirect prompt injection attack called AgentFlayer, revealed researchers Michael Bargury and Tamir Ishay Sharbat of Zenity during a recent session at Black Hat USA 2025. The exploit involves hiding a malicious prompt in a shared document, unseen by humans but executed by the AI, causing ChatGPT to leak data.
[ » Read full article ]
Wired; Matt Burgess (August 6, 2025)
Researcher Deploys Fuzzer to Test Autonomous Vehicle Safety
Research using a fuzzing framework to test autonomous vehicle teleoperation systems against unsafe or malicious commands was detailed during a session by Zoox product security engineer Zhisheng Hu at Black Hat USA 2025. The technique generated edge cases that could cause collisions, revealing vulnerabilities that might appear benign until specific conditions arise. The findings highlight fuzzing as a key method for scaling autonomous vehicle safety and security in real-world conditions.
[ » Read full article ]
Dark Reading; Arielle Waldman (August 7, 2025)
Russia Suspected to Be Behind Breach of Federal Court Filing System
U.S. investigators believe Russia is at least partly responsible for a yearslong hack of the federal court system, compromising sealed records tied to national security and overseas criminal cases. Affecting at least eight district courts, the breach prompted urgent instructions to remove sensitive files from PACER and the Case Management/Electronic Case Files system. Recent orders bar uploading sealed documents to PACER in some districts.
[ » Read full article *May Require Paid Registration ]
The New York Times; Adam Goldman; Glenn Thrush; Mattathias Schwartz (August 12, 2025)
Columbia University Continues Investigating Cyberattack That Impacted About 870K People
Bloomberg (8/8, Subscription Publication) reported that a recent breach of Columbia University’s computer systems “compromised personal information of about 870,000 people, including students and applicants, according to the school’s reports to state officials in the US.” The hack “included ‘any personal information’ provided in connection with applications or was collected during students’ studies, according to drafts of letters from the university to potentially affected individuals.” That includes “contact details, demographic information, academic history, financial aid-related information and insurance and health-related data shared with the university.” The university’s investigation is “ongoing and the school is still working to determine the number of individuals impacted, a Columbia official said Friday.”
dtau...@gmail.com
FBI Warns of Russian Hacks Targeting U.S. Critical Infrastructure
The U.S. Federal Bureau of Investigation (FBI) and researchers at Cisco Talos warn that Russian hacker groups are using a seven-year-old vulnerability in Cisco IOS software to target critical U.S. infrastructure. The Cisco researchers said the hackers are undertaking en masse extraction of device configuration information. The FBI issued a separate advisory noting it had identified incidents over the last year in which hackers collected configuration files "for thousands of networking devices associated with U.S. entities across critical infrastructure sectors."
[ » Read full article ]
Reuters; A.J. Vicens (August 20, 2025)
Internet-Wide Vulnerability Enables Giant DDoS Attacks
Researchers at Tel Aviv University in Israel have discovered a new HTTP/2 vulnerability that could enable massive distributed denial-of-service (DDoS) attacks affecting up to one-third of websites globally. The “MadeYouReset” flaw circumvents last year’s “Rapid Reset” fix by exploiting server-initiated stream cancellations to overwhelm back-end systems. Though many vendors have patched against the threat, others remain vulnerable.
[ » Read full article ]
Dark Reading; Nate Nelson (August 18, 2025)
Hijacked Satellites Bring Weapons to Space
Hackers aligned with Russia demonstrated the dangers of cyberwarfare in space by hijacking a satellite broadcasting television to Ukraine during Moscow’s Victory Day parade to show Russian tanks and troops, underscoring how satellites increasingly are targets in modern conflict. Attacks on satellites can disable critical systems by exploiting outdated software or disrupting signals, threatening GPS, communications, and military operations.
[ » Read full article ]
Associated Press; David Klepper (August 18, 2025)
Travel eSIMs Secretly Route Traffic over Chinese Networks
Northeastern University researchers found that many travel electronic identity modules (eSIMs) route user traffic through foreign networks, often without disclosure. In a test of 25 providers, researchers discovered that data frequently passed through China Mobile’s infrastructure, sometimes making devices appear located in China. They also found that eSIM profiles engaged in hidden communications with overseas servers, and that becoming an eSIM reseller requires minimal verification but grants access to sensitive identifiers and even approximate device location.
[ » Read full article ]
itnews (Australia); Juha Saarinen (August 19, 2025)
Tool Sniffs 5G Traffic to Launch Attacks
An open source framework developed by security researchers at the Singapore University of Technology and Design exploits vulnerabilities in 5G mobile networks during the pre-authentication phase when devices connect to networks. The Sni5Gect framework can detect uplink/downlink traffic with more than 80% accuracy from up to 20 meters away to launch attack payloads. The tool targets the brief unencrypted messaging period between the base station and target handset that occurs during handshaking and authentication.
[ » Read full article ]
The Register (U.K.); Gareth Halfacree (August 18, 2025)
NIST Issues Guidelines to Help Detect Face Photo Morphs
The U.S. National Institute of Standards and Technology (NIST) issued guidelines to help organizations combat face morphing attacks, in which blended photos deceive facial recognition systems and enable identity fraud. The new guidelines highlight two approaches to detecting such attacks: single-image detection, which analyzes only a suspicious photo, and differential detection, which compares it against a verified image. Single-image tools can be highly accurate but often fail on unfamiliar morphing software, while differential methods are more consistent, though they require an additional photo.
[ » Read full article ]
NIST News (August 18, 2025)
Study Reveals Alarming Browser Tracking
University of California, Davis computer scientists found that GenAI browser assistants typically collect and share personal and sensitive information with first-party servers and third-party trackers. Their study covered nine popular search-based GenAI browser assistants. Some gathered only the data on the screen when the questions were asked, but others collected the full HTML of the page and all textual content. One also collected form inputs, including the user's Social Security number.
[ » Read full article ]
UC Davis College of Engineering News; Jessica Heath (August 13, 2025)
U.K. Expands Police Use of Facial Recognition
The U.K.'s Home Office plans to deploy 10 new live facial recognition vans across seven English police forces. The vans scan faces in public and compare them to watchlists, a system credited with 580 London arrests in a year. Privacy campaigners warn of a “surveillance state” and are pursuing legal challenges, citing misidentifications and lack of a legal mandate. The government counters that the technology is accurate, proportionate, and focused on serious offenders.
[ » Read full article ]
BBC News; Kate Whannel (August 13, 2025)
Microsoft Curbs Early Access to Notifications About Cybersecurity Flaws
Microsoft is restricting Chinese companies’ access to its cybersecurity vulnerability program after investigating whether a leak contributed to the recent SharePoint breaches that affected 400 organizations, including the National Nuclear Security Administration. The Microsoft Active Protections Program previously gave partners, including a dozen Chinese firms, early details and proof-of-concept code for flaws. Now, those in countries requiring vulnerability reporting to governments, like China, will receive general written descriptions only when public patches are released.
[ » Read full article *May Require Paid Registration ]
Bloomberg; Ryan Gallagher (August 20, 2025)
U.K. Drops Request That Apple Create a Back Door
The U.S. has secured an agreement with the U.K. that spares Apple from creating a tool giving U.K. law enforcement access to customers’ encrypted cloud data. U.S. Director of National Intelligence Tulsi Gabbard said Britain agreed to drop the mandate, which Apple argued threatened civil liberties and global data security. The move followed Britain’s amendments to the Investigatory Powers Act and a secret order compelling Apple to comply.
[ » Read full article *May Require Paid Registration ]
The New York Times; Tripp Mickle (August 19, 2025)
FBI Partners With Texas Tech On Cybersecurity
KAMC-TV Lubbock, TX (8/18, Salazar) reports the Texas Tech University System (TTU System) has announced a “first-of-its-kind partnership with the Federal Bureau of Investigation (FBI) aimed at strengthening cybersecurity, protecting critical infrastructure, and advancing US national security.” Through the Cooperative Research and Development Agreement, “the FBI will tap into research conducted at Texas Tech’s Critical Infrastructure Security Institute (CISI), which focuses on addressing vulnerabilities in key systems such as the electric grid, water utilities, communication networks, military assets, and other infrastructure vital to the economy.” By combining resources, “the TTU System and FBI plan to advance research, expand workforce training, and bolster the resilience of sectors including energy, telecommunications, health care, water, and defense.”
House Plans CISA 2015 Reauthorization
Federal News Network (8/19, Doubleday) reports the House Homeland Security Committee in September will “mark up a reauthorization bill for a soon-to-expire cybersecurity law that’s viewed as critical to cyber collaboration across government and industry.” House Homeland Security Committee Chairman Andrew Garbarino (R-NY) “confirmed the committee will mark up a reauthorization bill for the Cybersecurity Information Sharing Act of 2015 once Congress returns from August recess.” The reauthorization of CISA 2015 is “expected to be a priority for new National Cyber Director Sean Cairncross.”
dtau...@gmail.com
FBI Warns Chinese Hacking Campaign Expanded to 80 Countries
The U.S. Federal Bureau of Investigation (FBI) and globally allied intelligence agencies warned that a Chinese-government hacking campaign has expanded far beyond U.S. telecom firms, targeting at least 200 U.S. organizations as well as entities in 80 countries. The joint advisory named three private companies that allegedly participated in the attacks, saying they provided services to multiple units in China's People’s Liberation Army and Ministry of State Security.
[ » Read full article *May Require Paid Registration ]
The Washington Post; Joseph Menn (August 27, 2025)
Alternative free article from NextGov/FCW: Salt Typhoon hackers targeted over 80 countries, FBI says - Nextgov/FCW
Hacker Used AI to Automate 'Unprecedented' Cybercrime Spree
Anthropic revealed that a hacker exploited its Claude AI chatbot to run what it called the most advanced AI-driven cybercrime spree yet, targeting at least 17 companies. Over three months, the hacker used Claude to identify vulnerable firms, build malware, organize stolen files, analyze sensitive data, and draft ransom emails. Victims included a defense contractor, a financial institution, and several healthcare providers, with stolen data ranging from medical records to defense-regulated files.
[ » Read full article ]
NBC News; Kevin Collier (August 27, 2025)
Hackers Sabotage Iranian Ships
Researchers at U.K.-based Iranian opposition activist group Nariman Gharib found that hackers had launched a coordinated cyber assault on Iran's sanctioned tanker fleets earlier this month by infiltrating Fanava Group, the IT provider that manages their satellite communications. The attackers gained access to a centralized database by exploiting vulnerabilities in outdated iDirect Falcon terminals running legacy Linux systems. The hackers simultaneously disrupted email, weather updates, communications, and port coordination across 64 ships with a single orchestration script and overwrote storage partitions on satellite modems so remote recovery was impossible.
[ » Read full article ]
Cyber Security News; Tushar Subhra Dutta (August 25, 2025)
Login System Helps Spot Online Hacks Without Sacrificing Privacy
A privacy-preserving system developed by Cornell Tech researchers helps users detect compromised accounts without exposing personal data to Web services tracking. The Client-Side Encrypted Access Logging (CSAL) system uses end-to-end encryption with keys known only to client devices, generating cryptographic tokens that service providers store but cannot decrypt. This allows users to verify login authenticity while preventing platforms from collecting tracking data through device fingerprints.
[ » Read full article ]
Cornell Chronicle; Grace Stanley (August 25, 2025)
FTC Chair Warns U.S. Platforms Not to Weaken Privacy by Applying EU's DSA
In a letter to Apple, Google, and other U.S. tech platforms, U.S. Federal Trade Commission (FTC) Chair Andrew Ferguson urged them not to implement the EU Digital Services Act (DSA) or other EU or U.K. online laws. Ferguson said such laws "present emerging and ongoing threats to the free exchange of ideas."
[ » Read full article ]
Euractiv; Anupriya Datta (August 22, 2025)
Russia Orders State-Backed MAX Messenger App Pre-Installed on Phones, Tablets
The Russian government is requiring that all mobile phones, tablets, and other gadgets sold in that country come pre-installed with the state-backed messenger app MAX beginning September 1. The move comes after Russia said this month it had started restricting communications on WhatsApp and Telegram, accusing the foreign-owned platforms of failing to share information with law enforcement.
[ » Read full article ]
Reuters; Andrew Osborne (August 21, 2025)
Defense Groups Take Aim at Underwater Security
Companies in the defense sector are preparing for a surge in government spending on protecting national maritime assets and critical infrastructure. Recent attacks on seabed pipelines and telecom cables have highlighted vulnerabilities, prompting initiatives like the U.S.’s recent tightening of subsea cable regulations. Defense technology companies are investing in naval technologies including AI-driven autonomous vehicles, sensors, and data systems for anti-submarine and infrastructure protection.
[ » Read full article *May Require Paid Registration ]
Financial Times; Sylvia Pfeifer (August 26, 2025)
DARPA Seeks to Secure Communications with Quantumness
The U.S. Defense Advanced Research Projects Agency (DARPA) launched the Quantum-Augmented Network (QuANET) program to explore how quantum devices can enhance security in existing communication networks. Unlike a full quantum Internet, which faces technological hurdles, QuANET focuses on near-term applications such as transmitting quantum-encoded images at video-quality speeds. Researchers are testing innovations like hyperentanglement, which could secure more data with fewer signals, and developing quantum-like light and interface cards to integrate quantum features into traditional systems.
[ » Read full article *May Require Paid Registration ]
New Scientist; Karmela Padavic-Callaghan (August 22, 2025)
US Weighs Sanctions On EU Members Involved In Implementing Tech Law
Reuters (8/25) reports the Administration is “considering imposing sanctions on European Union or member state officials responsible for implementing the bloc’s landmark Digital Services Act...over US complaints that the law censors Americans and imposes costs on US tech companies.” State Department officials “have yet to make a final decision on whether to go ahead with the punitive measures that would likely come in the form of visa restrictions.” It was also “unclear which EU or EU member state officials the action would target, but US officials held internal meetings on the topic last week.” Reuters notes that while trading partners “frequently complain about domestic rules they see as unfairly restrictive, sanctioning government officials over such a regulation is extremely rare.”
Google Previews Cyber “Disruption Unit”
CyberScoop (8/27, Starks) reported Google says it is starting a “cyber ‘disruption unit,’ a development that arrives in a potentially shifting US landscape toward more offensive-oriented approaches in cyberspace.” Sandra Joyce, vice president of Google Threat Intelligence Group, “said at a conference Tuesday that more details of the disruption unit would be forthcoming in future months, but the company was looking for ‘legal and ethical disruption’ options as part of the unit’s work.” Speaking at a Center for Cybersecurity Policy and Law event, Joyce cited “intelligence-led proactive identification of opportunities where we can actually take down some type of campaign or operation.” Joyce, who also called for partners in the project, said, “We have to get from a reactive position to a proactive one” if “we’re going to make a difference right now.”
dtau...@gmail.com
Hackers Issue Ultimatum to Google After Data Breach Warning
Hackers claiming to be from a group called Scattered LapSus Hunters have threatened to leak Google databases unless the company fires employees Austin Larsen and Charles Carmakal, both of whom work in Google’s Threat Intelligence Group. The hackers also demanded a suspension of investigations into their network. The group reportedly consists of members from Scattered Spider, LapSus, and ShinyHunters. No proof of database access has been provided, but in August reports indicated that ShinyHunters obtained data from Salesforce, a Google third-party provider.
[ » Read full article ]
Newsweek; Theo Burman (September 1, 2025)
EU to Expand Satellite Defenses After GPS Jamming of EC President's Flight
The European Union (EU) plans to deploy additional satellites in low Earth orbit to strengthen its ability to detect GPS interference, following an incident targeting European Commission (EC) President Ursula von der Leyen’s flight. Pilots reportedly had to rely on paper maps to land von der Leyen’s plane safely in Plovdiv, Bulgaria. An EU spokesperson said Bulgarian authorities suspect Russia was behind the jamming, though the Kremlin denies involvement. Similar GPS disruptions have affected the Baltic region and previous EU and U.K. flights.
[ » Read full article ]
Computing (U.K.); Franklin Okeke (September 2, 2025)
NIST Enhances Security Controls for Improved Patching
The U.S. National Institute of Standards and Technology (NIST) updated its Security and Privacy Control catalog to improve software patch and update management. The revisions focus on three key areas: standardized logging syntax to speed incident response, root cause analysis to address underlying software issues, and designing systems for cyber resiliency to maintain critical functions under attack. The update also emphasizes least-privilege access, flaw-remediation testing, and coordinated notifications.
[ » Read full article ]
Dark Reading; Arielle Waldman (September 2, 2025)
EU Court Backs Latest Data Transfer Deal Agreed by U.S. and EU
Europe’s General Court upheld a transatlantic data transfer pact between the EU and the U.S. The agreement, struck in 2023 after two previous frameworks were invalidated, was challenged by French lawmaker Philippe Latombe, who argued it failed to adequately protect Europeans from bulk U.S. surveillance. The European judges dismissed these concerns, ruling U.S. oversight mechanisms offered sufficient safeguards. The case could still proceed to the European Court of Justice, which has the final word on the region’s data protection law.
[ » Read full article ]
Reuters; Foo Yun Chee; Sudip Kar-Gupta (September 3, 2025)
U.S. Puts GDP Data on the Blockchain
The U.S. government has begun publishing GDP data on public blockchains. The Commerce Department released official GDP data hashes across nine blockchains, including Bitcoin, Ethereum, and Solana, with support from Pyth and Chainlink, "oracles" that serve as third-party providers of data to crypto apps. Officials stressed the move creates another avenue—not a replacement—for publishing the economic data.
[ » Read full article *May Require Paid Registration ]
Bloomberg; Josh Wingrove; Olga Kharif; Jennifer A. Dlouhy (August 28, 2025)
dtau...@gmail.com
White Hat Hackers Reveal Vulnerabilities in NASA Software
White hat hackers uncovered vulnerabilities in open-source software used by space agencies and companies to control satellites, potentially allowing attackers to hijack spacecraft. The flaws, now patched, were disclosed at the Black Hat USA and DEF CON conferences. Andrzej Olchawa and Milenko Starcik of space cybersecurity company VisionSpace described the flaws in NASA’s core Flight System and in the Yamcs mission control system as “easy to exploit” and warned that overlooked cybersecurity poses risks to both open- and closed-source space systems.
[ » Read full article ]
IEEE Spectrum; Tereza Pultarova (September 10, 2025)
CISA Sounds Alarm over TP-Link Wireless Routers Under Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that two flaws in routers produced by China's TP-Link, CVE-2023-50224 and CVE-2025-9377, are under active attack. The vulnerabilities expose users to credential theft and remote code execution on models including Archer C7(EU) V2 and TL-WR841N/ND(MS) V9. CISA urged organizations to prioritize remediation as part of their vulnerability management programs. A third bug in the CWMP protocol, disclosed separately, can crash routers.
[ » Read full article ]
The Register (U.K.); Iain Thomson (September 8, 2025)
Online Images Can Hijack Your Computer
Researchers at the University of Oxford in the U.K. warn that AI agents may be vulnerable to hidden attacks embedded in images. Explained Oxford's Yarin Gal, any such sabotaged image can trigger a computer “to retweet that image and then do something malicious, like send all your passwords. That means that the next person who sees your Twitter feed and happens to have an agent running will have their computer poisoned as well.”
[ » Read full article ]
Scientific American; Deni Ellis Béchard (September 4, 2025)
Boffins Build Automated Android Bug Hunting System
Computer scientists at Nanjing University in China and The University of Sydney in Australia have developed an AI system that identifies and validates Android app vulnerabilities. Unlike traditional tools that overwhelm developers with false positives, the A2 tool mimics human bug hunters by planning, executing, and validating attacks. In testing, it achieved 78.3% coverage on the Ghera benchmark—far higher than existing analyzers—and uncovered 104 zero-day flaws in production apps, including one with 10 million downloads.
[ » Read full article ]
The Register (U.K.); Thomas Claburn (September 4, 2025)
ICE Reactivates Contract with Previously Banned Spyware Vendor
U.S. Immigration and Customs Enforcement (ICE) has resumed its $2-million contract with Paragon Solutions, a spyware company previously sidelined under an executive order from the previous administration targeting unethical surveillance vendors. A government filing on Aug. 29 lifted the stop-work order imposed last year, though ICE has not explained the reversal. Paragon drew criticism after its Graphite spyware was discovered on devices belonging to Italian journalists, migrant advocates, and associates of Pope Francis.
[ » Read full article ]
The Washington Post; Joseph Menn (September 2, 2025)
Google Accepts Seoul's Security Requirements for Map Data Transfer
Google said it will comply with South Korea’s security demands to remove latitude and longitude coordinates from its map in order to gain approval to export high-precision map data overseas. The company also pledged to strengthen partnerships with local technology firms and to consider purchasing government-approved satellite images from local partners like Tmap Mobility. South Korea restricts overseas transfers of maps with a scale finer than 1:25,000 for security reasons.
[ » Read full article ]
The Korea Times (September 10, 2025)
Children Hacking Schools for Fun, U.K. Watchdog Warns
The U.K. Information Commissioner’s Office (ICO) issued a warning about the growing problem of students hacking school and college IT systems. Most insider breaches in education originate from pupils, often starting as dares or challenges, but sometimes causing serious damage. Since 2022, the ICO investigated 215 insider attacks, and found more than half (57%) were carried out by children, some of whom accessed staff systems, altered records, or stole personal data from peers.
[ » Read full article ]
BBC News; Joe Tidy (September 11, 2025)
House Considers Legislation Enhancing DHS Intel Sharing
Industrial Cyber (9/4, Ribeiro) reported the House Committee on Homeland Security “held a markup on Wednesday to consider legislation aimed at preserving key cybersecurity tools, enhancing public safety, strengthening the Department of Homeland Security (DHS)’s counterterrorism mission, improving intelligence sharing, and defending critical infrastructure.” Chairman August Pfluger, a “Texan Republican of the Counterterrorism and Intelligence Subcommittee,” introduced the “Generative AI Terrorism Risk Assessment Act,” which would examine “how foreign terrorist groups could weaponize artificial intelligence to recruit and radicalize individuals, both on U.S. soil and globally.” Rep. Ryan Mackenzie (R-PA) “proposed the ‘DHS Intelligence Rotational Assignment Program and Law Enforcement Support Act,’ which would require DHS personnel in the Office of Intelligence and Analysis to participate in a program that increases collaboration across the intelligence community.” Additionally Resident Commissioner Pablo Hernández’s “‘Strengthening Oversight of DHS Intelligence Act’ will help improve how the DHS handles intelligence to protect privacy and civil liberties.”
dtau...@gmail.com
DDR5 Memory Vulnerable to New Rowhammer Attack
A new Rowhammer-style exploit discovered by researchers at Google and ETH Zurich in Switzerland can corrupt data in DDR5 memory modules and expose sensitive information. The team found the Phoenix exploit against SK Hynix DDR5 using tools Google developed to test susceptibility, noting many DDR5 systems have not implemented JEDEC’s Per-Row Activation Counting defenses. ETH said it disclosed findings to vendors and cloud providers in June.
[ » Read full article ]
The Register (U.K.); Simon Sharwood (September 17, 2025)
NIST Awards More Than $3 Million to Support Cybersecurity Workforce Development
The U.S. National Institute of Standards and Technology (NIST) has awarded over $3.3 million to support cybersecurity workforce development in 13 states. Seventeen cooperative agreements of roughly $200,000 each will fund educational and community organizations to address the nation’s cybersecurity talent shortage. Initiatives include curricula development, internships, apprenticeships, workshops, competitions, and hackathons.
[ » Read full article ]
NIST News (September 17, 2025)
Japan to Investigate Undersea-Cable Supply Chains for China Exposure
Japan will investigate whether domestic firms installing and maintaining undersea cables are using critical parts sourced from China, amid rising security concerns. The probe, to be completed by March 2026, could lead to companies being urged to switch suppliers, with government subsidies supporting domestic production or vessel purchases. The global submarine cable market is led by NEC, SubCom, and Alcatel, but China’s HMN Technologies is gaining ground despite U.S. restrictions.
[ » Read full article ]
Nikkei Asia; Kiu Sugano; Ryuto Imao (September 15, 2025)
Study Reveals Widespread Keystroke Interception
A new study found that many websites capture keystrokes before users hit ‘submit’, raising potential legal and privacy concerns. Researchers at the University of California Davis, the Netherlands' Maastricht University, and colleagues found that nearly 40% of sites deploy third-party scripts capable of recording typed data, with about 3% transmitting it to remote servers.
[ » Read full article ]
Help Net Security; Mirko Zorz (September 11, 2025)
U.S. Government Struggles to Track Its Cybersecurity Pros
According to a new report from the U.S. Government Accountability Office (GAO), the U.S. government cannot accurately track its cybersecurity workforce. Reviewing 23 agencies, GAO found at least 63,934 cyber employees costing $9.3 billion plus $5.2 billion for 4,151 contractors, but most agencies “did not have quality information on their component-level and contractor cyber workforce," according to the GAO. The Office of the National Cyber Director has failed to provide guidance, with its key working group suspended earlier this year.
[ » Read full article ]
The Register (U.K.); Brandon Vigliarolo (September 8, 2025)
Feds Destroyed an Internet Weapon, Criminals Picked Up the Pieces
U.S. authorities recently dismantled a massive botnet, but the move inadvertently freed 95,000 hacked devices that criminals quickly repurposed, fueling even more powerful attacks. A rival botnet called Aisuru seized a large share and launched record-breaking distributed denial-of-service attacks, including one measured at 11.5 trillion bits per second, Cloudflare said. Experts warn these botnets, built from Internet-connected devices like routers and cameras, now pose risks to entire countries, not just websites.
[ » Read full article *May Require Paid Registration ]
The Wall Street Journal; Robert McMillan (September 16, 2025)
[Alternative free article: AISURU Botnet Fuels Record-Breaking 11.5 Tbps DDoS Attack With 300,000 Hijacked Routers]
DeepSeek Writes Less-Secure Code for Groups China Disfavors
Research by security firm CrowdStrike found that Chinese AI engine DeepSeek often delivers code containing security flaws or outright refuses requests when asked to write software for those disfavored by China's government, including members of banned movement Falun Gong, and users in Tibet and Taiwan. Tests found that while 22.8% of DeepSeek responses regarding industrial control system code had flaws, the error rate rose to 42.1% if requests mentioned the Islamic State (ISIS) militant group.
[ » Read full article *May Require Paid Registration ]
The Washington Post; Joseph Menn (September 16, 2025)
Pentagon Plans To Use AI To Improve Cybersecurity Processes
Breaking Defense (9/12) reported that the Pentagon is looking to implement AI and automation to expedite the process of obtaining an Authority to Operate (ATO) for software on its networks. Acting Pentagon CIO Arrington said at the Billington Cybersecurity Summit, “We need tools and capability and AI to make that faster and less expensive. ... Why am I so hell-bent that I’m getting an automated ATO and reciprocity? You, as a taxpayer, pay for ATO.” Marine Corps program manager Dave Raley noted that automation has already reduced the ATO timeline to under 30 days, with some approvals occurring in 24 hours. Intelligence Community CIO Doug Cossa and the National Security Council senior director for cyber Alexei Bulazel highlighted similar AI-driven initiatives, aiming to streamline cybersecurity processes and enhance software safety.
dtau...@gmail.com
Secret Service Says It Thwarted Device Network Used to Threaten U.S. Officials
The U.S. Secret Service says it dismantled a large network of electronic devices in the New York City area capable of threatening officials and disrupting cellular communications. Found in vacant apartments within 35 miles of the United Nations, where the General Assembly has been meeting this week, officials say the system included more than 300 servers and 100,000 SIM cards, and was tied to swatting incidents aimed at U.S. officials.
[ » Read full article ]
The Washington Post; Derek Hawkins (September 23, 2025)
Researchers at the University of Waterloo in Canada have found that collaborative robots, despite using encryption, are vulnerable to privacy leaks through detectable traffic patterns. The researchers found that by analyzing the timing, frequency, and duration of encrypted commands, attackers could infer sensitive details such as patient conditions in hospitals or proprietary actions in factories. Using a Kinova Gen3 robotic arm, the team discovered that signal processing techniques, similar to those in noise-cancelling headphones, identified robot actions with 97% accuracy.
[ » Read full article ]
Waterloo News; Mayuri Punithan (September 22, 2025)
Airport Cyberattack Disrupts Flights Across Europe
A cyberattack on Collins Aerospace’s check-in software disrupted operations at major European airports for a second day on Sunday, with Belgium's Brussels Airport hardest hit. The airport asked airlines to cancel nearly 140 Monday departures—about half its scheduled flights—after canceling 75 flights over the weekend. Staff resorted to handwritten boarding passes and backup laptops as manual check-in continued. The attack’s origin remains unclear.
[ » Read full article ]
Associated Press (September 21, 2025)
AI Ushers in a Golden Age of Hacking
Cybersecurity experts warn that generative AI is enabling attackers to weaponize everyday tools, such as calendar invites or coding assistants, to steal data undetected. Recent incidents show hackers hijacking AI systems to exfiltrate corporate databases, conduct supply-chain attacks, and manipulate platforms such as ChatGPT and Google Gemini through hidden prompts. AI-driven ransomware campaigns are also emerging. Some are warning of a scenario where an attacker’s AI works in tandem with a victim’s AI.
[ » Read full article ]
The Washington Post; Joseph Menn (September 20, 2025)
Hackers Target World's Shipping
Cyberattacks on the global shipping industry are surging, with incidents rising from 10 in 2021 to at least 64 in 2023. Nigerian gangs are behind many “man-in-the-middle” frauds and ransomware attacks, while state-linked hackers from Russia, China, North Korea, and Iran also target ships and ports. Costs are soaring, with the average ransom now reaching $3.2 million. Increased digitization, satellite connectivity, GPS jamming, and outdated ship systems have expanded vulnerabilities.
[ » Read full article ]
BBC News; Emma Woollacott (September 15, 2025)
Has Britain Gone Too Far with Digital Controls?
Britain has expanded digital surveillance and regulation, raising debates over privacy and civil liberties. Police increasingly use live facial recognition, with over 1,000 people cited in London since January 2024. Authorities have also strengthened online safety laws, AI-assisted asylum processing, and encryption oversight. Facial recognition and AI tools are being integrated across policing, immigration, and prisons. The government stresses public safety, but privacy advocates and some politicians argue the policies risk normalizing intrusive monitoring in everyday life.
[ » Read full article ]
The New York Times; Adam Satariano; Lizzie Dearden (September 17, 2025)
U.S. Scrambles to Stop Hacking Campaign Blamed on China
U.S. agencies are rushing to counter a major cyberattack by suspected Chinese hackers exploiting flaws in Cisco firewall software. The Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued an emergency directive ordering civilian agencies to check Cisco equipment for breaches and disconnect compromised devices. Security experts warn attackers can monitor or manipulate traffic and stay hidden even after reboots. Breaches may have begun months ago, officials said.
[ » Read full article *May Require Paid Registration ]
The Washington Post; Joseph Menn (September 25, 2025)
TikTok Algorithm to Be ‘Retrained’ by Oracle
Oracle will rebuild and secure TikTok’s U.S. algorithm as part of a deal separating the app from its Chinese owner, ByteDance, according to the White House. The project involves retraining the recommendation system to ensure U.S. users’ data is protected while maintaining content personalization and engagement. Under the plan, Oracle will lease a copy of ByteDance’s algorithm, then reconstruct it to operate under U.S. oversight, with full security and data controls.
[ » Read full article *May Require Paid Registration ]
Financial Times; Rafe Rosner-Uddin (September 22, 2025)
Want to Foil an AI Deepfake? Tell It to Draw a Smiley Face
As deepfake scams targeting businesses surge, companies are adopting low-tech defenses to outsmart AI-generated impersonators. Instead of relying solely on advanced detection tools, experts recommend analog tactics, such as asking off-topic questions, requesting doodles, or showing physical objects—to expose impostors. Theresa Payton of cyber company Fortalice Solutions said analog tactics work because attackers expect their quarry to behave a certain way, “So when they expect our clients to zig, we give them processes that make our clients zag.”
[ » Read full article *May Require Paid Registration ]
WSJ Pro Cybersecurity; Angus Loten (September 16, 2025)
dtau...@gmail.com
Cyberthreat Sharing Law Expires as Government Shuts Down
The Cybersecurity and Information Sharing Act (CISA) of 2015 expired Wednesday as Congress failed to reauthorize it amid a government shutdown. CISA allowed private companies to share cyberthreat information with federal agencies while protecting them from legal liability and from antitrust suits for doing so. Without the law in force, companies may hesitate to exchange threat intelligence, slowing response times and leaving systems more vulnerable, experts warn.
[ » Read full article ]
The Hill; Julia Shapero (October 1, 2025)
Hacker Stole FEMA, Border Patrol Data
An unidentified hacker stole sensitive employee data from the U.S. Federal Emergency Management Agency (FEMA) and Customs and Border Protection in a breach lasting several weeks this summer, according to an internal FEMA assessment. The intrusion targeted Citrix software, allowing deeper access to FEMA networks covering New Mexico, Texas, and Louisiana. In response, Department of Homeland Security (DHS) Secretary Kristi Noem fired two dozen FEMA IT staff, citing severe security lapses.
[ » Read full article ]
CNN; Sean Lyngaas; Gabe Cohen (September 30, 2025)
Supermicro Server Motherboards Can Be Infected with Unremovable Malware
Supermicro server motherboards have been found vulnerable to two critical flaws that let hackers install persistent malware at the firmware level, undetectable and unremovable by conventional methods. The flaws, discovered by researchers at security firm Binarly, affect baseboard management controllers, which allow remote server management even when powered off. One issue stems from an incomplete January patch for CVE-2024-10237, while the second is an even more severe flaw. Together, they enable attacks similar to the ILObleed malware, which survived full system wipes.
[ » Read full article ]
Ars Technica; Dan Goodin (September 24, 2025)
Your PIN Could Consist of a Shimmy, Shake
A low-cost payment innovation unveiled by computer scientists at Canada’s University of British Columbia replaces keypad PINs with simple gestures like swipes or taps. The system modifies near-field communication (NFC) signals using copper coils to track movement. The researchers applied an AI model to recognize nine unique gestures with about 92% accuracy. The technology promises faster, more hygienic, and more accessible transactions by reducing the need for physical touch, according to the researchers.
[ » Read full article ]
UBC News (Canada); Alex Walls (September 29, 2025)
Exploit Allows for Takeover of Fleets of Unitree Robots
Security researchers disclosed a critical Bluetooth Low Energy vulnerability in several robots manufactured by Chinese robotics company Unitree that gives attackers full root access and enables worm-like self-propagation between nearby devices. The exploit, called UniPwn, affects Unitree’s Go2 and B2 quadrupeds as well as its G1 and H1 humanoids, and arises from hardcoded encryption keys and insufficient packet validation. Attackers can inject malicious code disguised as Wi-Fi credentials, leading to persistent compromise and potential botnet formation.
[ » Read full article ]
IEEE Spectrum; Evan Ackerman (September 25, 2025)
Swiss Voters Approve Digital IDs
Voters in Switzerland narrowly approved the introduction of voluntary digital identity cards in the country. A similar proposal in 2021 was rejected over privacy concerns, but the new system will be government-controlled, storing data only on users’ smartphones rather than centrally. Digital IDs will remain optional, with traditional ID cards still valid. Authorities will only be able to verify specific requested details, such as proof of age.
[ » Read full article ]
BBC News; Imogen Foulkes (September 28, 2025)
Hackers Extort Executives After Claiming Oracle Apps Breach
A ransomware group claiming affiliation with criminal group Cl0p is extorting executives and IT departments after allegedly breaching Oracle’s E-Business Suite. According to cybersecurity firm Halcyon, the hackers gained valid credentials by exploiting default password-reset functions and compromised user emails. They have demanded ransoms of up to $50 million and provided proof of compromise, including screenshots and file trees. Cl0p has a history of high-profile attacks, including the 2023 MOVEit breach.
[ » Read full article *May Require Paid Registration ]
Bloomberg; Patrick Howell O'Neill; Margi Murphy (October 2, 2025)
AI Can Create Zero Day Threats in Biology
Microsoft researchers uncovered a zero day vulnerability in biosecurity screening systems meant to block orders of dangerous DNA sequences. Using generative AI, the team digitally redesigned toxins to demonstrate they could evade detection while retaining harmful properties. Microsoft alerted the U.S. government and DNA vendors, who patched systems, although they said gaps remain. "This isn’t a one-and-done thing,” said Adam Clore at Integrated DNA Technologies. “We’re in something of an arms race.”
[ » Read full article *May Require Paid Registration ]
MIT Technology Review; Antonio Regalado (October 2, 2025)
Tile Tracking Tags Can Be Exploited
Georgia Institute of Technology researchers uncovered privacy flaws in Tile tracking tags, used by more than 88 million people worldwide. They found each tag broadcasts an unencrypted MAC address and unique ID, allowing stalkers—or even Tile’s parent company, Life360—to track users, despite claims to the contrary. Data also is sent unencrypted to Tile’s servers, which could enable mass surveillance. Life360 acknowledged receiving the report but gave no details on fixes.
[ » Read full article *May Require Paid Registration ]
Wired; Kim Zetter (September 29, 2025)
Georgia Tech, Justice Department Reach Cybersecurity Fraud Settlement
Bloomberg Law (9/30, Seiden, Subscription Publication) reports behind a paywall that the US Department of Justice, Georgia Tech Research Corp., and Georgia Institute of Technology “reached an $875,000 settlement in a False Claims Act suit alleging cybersecurity fraud.” The “settlement resolves allegations that the defendants failed to install, update, or run anti-virus or anti-malware tools on desktops, laptops, servers, and networks at Georgia Tech’s Astrolavos Lab, while the lab conducted sensitive cyber-defense research for the US Department of Defense.” The parties in this case “told the court on May 28 that they reached a tentative settlement following mediation.”
Pentagon IT Leaders Say Lack Of Cybersecurity Planning Is The Top Driver Of Stalled AI Projects
MeriTalk (10/1) reports Defense Department IT leaders “overwhelmingly view artificial intelligence (AI) as mission-critical and are taking a range of steps to scale deployments.” In a new report, “From Sandbox to Scale: The People, Processes, and Platforms Needed to Accelerate AI Across the DoD,” MeriTalk “finds that 95% of respondents call AI essential to mission success, and 97% already credit generative AI (GenAI) with measurable productivity gains.” However, DOD IT leaders cite “insufficient cybersecurity planning (44%), governance and compliance blockers (43%), and lack of funding (39%) as top reasons projects stall.” Additionally, just 27% of “agencies have approved AI governance frameworks, and only 29% maintain separate budgets for AI initiatives.” Platform actions to “accelerate the move from AI pilot to operational impact include modernizing data infrastructure (56%), improving integration with legacy systems (44%), and deploying continuous monitoring and observability tools (41%), with cybersecurity built into architectures.”
NSA Validates Ferris State University’s AI Program
WILX-TV Lansing, MI (10/2, Chaparro) reports Ferris State University’s “acclaimed Artificial Intelligence (AI) program has received validation from the National Security Agency (NSA).” That makes “Ferris State the first institution in the nation to be recognized in Secure Artificial Intelligence by the NSA.” Developed in collaboration “with industry leaders and supported by the US Department of War, the Ferris State AI program is designed to meet the growing demand for professionals with advanced expertise in artificial intelligence and cybersecurity.”
White House AI Plan “Nudges” IC, DHS To Enhance Proactive Security
MeriTalk (10/2) reports the White House’s America’s AI Action Plan encourages the Department of Homeland Security (DHS) and the intelligence community (IC) to strengthen AI systems, improve incident response, and prepare secure infrastructure for national security tasks. The initiative supports a transition “from reactive cyber operations to AI-enabled cyber intelligence that finds weak signals early and prioritizes what to fix first.” General Dynamics Information Technology leaders Ryan Deslauriers and Nabeela Barbari discussed the changes with the outlet, with Barbari emphasizing AI’s role in making operations “more proactive than reactive,” while Deslauriers saying AI has helped some agencies increase cyber remediation by almost 400 percent. Meanwhile, NIST is developing a “Cyber AI Profile” to guide AI security practices, aiming to automate routine cyber hygiene tasks and allowing analysts to focus on complex threats. Both leaders argue AI complements human decision-making, enhancing efficiency without replacing human expertise.