Experimental News Clipping Site

Tag: data exfiltration

  • Cisco Talos Blog: Velociraptor leveraged in ransomware attacks

    by

    Kurt Seifried
    in

    Source URL: https://blog.talosintelligence.com/velociraptor-leveraged-in-ransomware-attacks/ Source: Cisco Talos Blog Title: Velociraptor leveraged in ransomware attacks Feedly Summary: Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool that had not previously been definitively tied to ransomware incidents.  We assess with moderate confidence that this activity can be attributed to…

  • Microsoft Security Blog: Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability

    by

    Kurt Seifried
    in

    Source URL: https://www.microsoft.com/en-us/security/blog/2025/10/06/investigating-active-exploitation-of-cve-2025-10035-goanywhere-managed-file-transfer-vulnerability/ Source: Microsoft Security Blog Title: Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability Feedly Summary: Storm-1175, a financially motivated actor known for deploying Medusa ransomware and exploiting public-facing applications for initial access, was observed exploiting the deserialization vulnerability in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035. We are publishing this…

  • Schneier on Security: Abusing Notion’s AI Agent for Data Theft

    by

    Kurt Seifried
    in

    Source URL: https://www.schneier.com/blog/archives/2025/09/abusing-notions-ai-agent-for-data-theft.html Source: Schneier on Security Title: Abusing Notion’s AI Agent for Data Theft Feedly Summary: Notion just released version 3.0, complete with AI agents. Because the system contains Simon Willson’s lethal trifecta, it’s vulnerable to data theft though prompt injection. First, the trifecta: The lethal trifecta of capabilities is: Access to your private…

  • Simon Willison’s Weblog: How to stop AI’s “lethal trifecta”

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Sep/26/how-to-stop-ais-lethal-trifecta/ Source: Simon Willison’s Weblog Title: How to stop AI’s “lethal trifecta” Feedly Summary: How to stop AI’s “lethal trifecta” This is the second mention of the lethal trifecta in the Economist in just the last week! Their earlier coverage was Why AI systems may never be secure on September 22nd – I…

  • Microsoft Security Blog: XCSSET evolves again: Analyzing the latest updates to XCSSET’s inventory

    by

    Kurt Seifried
    in

    Source URL: https://www.microsoft.com/en-us/security/blog/2025/09/25/xcsset-evolves-again-analyzing-the-latest-updates-to-xcssets-inventory/ Source: Microsoft Security Blog Title: XCSSET evolves again: Analyzing the latest updates to XCSSET’s inventory Feedly Summary: Microsoft Threat Intelligence has uncovered a new variant of the XCSSET malware, which is designed to infect Xcode projects, typically used by software developers building Apple or macOS-related applications. The post XCSSET evolves again: Analyzing…

  • The Register: Google warns China-linked spies lurking in ‘numerous’ enterprises since March

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/24/google_china_spy_report/ Source: The Register Title: Google warns China-linked spies lurking in ‘numerous’ enterprises since March Feedly Summary: Mandiant CTO anticipates ‘hearing about this campaign for the next one to two years’ Unknown intruders – likely China-linked spies – have broken into “numerous" enterprise networks since March and deployed backdoors, providing access for their…