attack methodology – Experimental News Clipping Site

Schneier on Security: Subverting AIOps Systems Through Poisoned Input Data

Aug 20, 2025

—

by

Source URL: https://www.schneier.com/blog/archives/2025/08/subverting-aiops-systems-through-poisoned-input-data.html Source: Schneier on Security Title: Subverting AIOps Systems Through Poisoned Input Data Feedly Summary: In this input integrity attack against an AI system, researchers were able to fool AIOps tools: AIOps refers to the use of LLM-based agents to gather and analyze application telemetry, including system logs, performance metrics, traces, and alerts,…

Cloud Blog: From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944

Jul 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/defending-vsphere-from-unc3944/ Source: Cloud Blog Title: From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944 Feedly Summary: Introduction In mid 2025, Google Threat Intelligence Group (GITG) identified a sophisticated and aggressive cyber campaign targeting multiple industries, including retail, airline, and insurance. This was the work of UNC3944, a financially motivated threat…

Unit 42: Behind the Clouds: Attackers Targeting Governments in Southeast Asia Implement Novel Covert C2 Communication

Jul 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/windows-backdoor-for-novel-c2-communication/ Source: Unit 42 Title: Behind the Clouds: Attackers Targeting Governments in Southeast Asia Implement Novel Covert C2 Communication Feedly Summary: CL-STA-1020 targets Southeast Asian governments using a novel Microsoft backdoor we call HazyBeacon. It misuses AWS Lambda URLs for C2. The post Behind the Clouds: Attackers Targeting Governments in Southeast Asia Implement…

Slashdot: Simple Text Additions Can Fool Advanced AI Reasoning Models, Researchers Find

Jul 4, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://tech.slashdot.org/story/25/07/04/1521245/simple-text-additions-can-fool-advanced-ai-reasoning-models-researchers-find Source: Slashdot Title: Simple Text Additions Can Fool Advanced AI Reasoning Models, Researchers Find Feedly Summary: AI Summary and Description: Yes Summary: The research highlights a significant vulnerability in state-of-the-art reasoning AI models through the “CatAttack” technique, which attaches irrelevant phrases to math problems, leading to higher error rates and inefficient responses.…

The Register: Fake IT support calls hit 20 orgs, end in stolen Salesforce data and extortion, Google warns

Jun 4, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/06/04/fake_it_support_calls_hit/ Source: The Register Title: Fake IT support calls hit 20 orgs, end in stolen Salesforce data and extortion, Google warns Feedly Summary: Victims include hospitality, retail and education sectors A group of financially motivated cyberscammers who specialize in Scattered-Spider-like fake IT support phone calls managed to trick employees at about 20 organizations…

Cisco Talos Blog: Spam campaign targeting Brazil abuses Remote Monitoring and Management tools

May 8, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/spam-campaign-targeting-brazil-abuses-rmm-tools/ Source: Cisco Talos Blog Title: Spam campaign targeting Brazil abuses Remote Monitoring and Management tools Feedly Summary: A new spam campaign is targeting Brazilian users with a clever twist — abusing the free trial period of trusted remote monitoring tools and the country’s electronic invoice system to spread malicious agents. AI Summary…

Unit 42: Threat Assessment: GitHub Actions Supply Chain Attack: The Compromise of tj-actions/changed-files

Mar 18, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/github-actions-supply-chain-attack/ Source: Unit 42 Title: Threat Assessment: GitHub Actions Supply Chain Attack: The Compromise of tj-actions/changed-files Feedly Summary: A compromise of the GitHub action tj-actions/changed-files highlights how attackers could exploit vulnerabilities in third-party actions to compromise supply chains. The post Threat Assessment: GitHub Actions Supply Chain Attack: The Compromise of tj-actions/changed-files appeared first…

The Register: Sidewinder goes nuclear, charts course for maritime mayhem in tactics shift

Mar 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/03/10/sidewinder_tactics_shift/ Source: The Register Title: Sidewinder goes nuclear, charts course for maritime mayhem in tactics shift Feedly Summary: Phishing and ancient vulns still do the trick for one of the most prolific groups around Researchers say the Sidewinder offensive cyber crew is starting to target maritime and nuclear organizations.… AI Summary and Description:…

The Register: MITRE Caldera security suite scores perfect 10 for insecurity

Feb 25, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/02/25/10_bug_mitre_caldera/ Source: The Register Title: MITRE Caldera security suite scores perfect 10 for insecurity Feedly Summary: Is a trivial remote-code execution hole in every version part of the training, or? The smart cookie who discovered a perfect 10-out-of-10-severity remote code execution (RCE) bug in MITRE’s Caldera security training platform has urged users to…

The Register: If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish

Feb 15, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/02/15/russia_spies_spoofing_teams/ Source: The Register Title: If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish Feedly Summary: Roses aren’t cheap, violets are dear, now all your access token are belong to Vladimir Digital thieves – quite possibly Kremlin-linked baddies – have been emailing out bogus…

Tag: attack methodology