Tag: data exfiltration
-
Cloud Blog: From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/defending-vsphere-from-unc3944/ Source: Cloud Blog Title: From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944 Feedly Summary: Introduction In mid 2025, Google Threat Intelligence Group (GITG) identified a sophisticated and aggressive cyber campaign targeting multiple industries, including retail, airline, and insurance. This was the work of UNC3944, a financially motivated threat…
-
Cloud Blog: Beyond Convenience: Exposing the Risks of VMware vSphere Active Directory Integration
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/vsphere-active-directory-integration-risks/ Source: Cloud Blog Title: Beyond Convenience: Exposing the Risks of VMware vSphere Active Directory Integration Feedly Summary: Written by: Stuart Carrera, Brian Meyer Executive Summary Broadcom’s VMware vSphere product remains a popular choice for private cloud virtualization, underpinning critical infrastructure. Far from fading, organizations continue to rely heavily on vSphere for stability…
-
Cloud Blog: Chrome brings personal and work separation to iOS users and more enterprise protections to mobile
Source URL: https://cloud.google.com/blog/products/chrome-enterprise/chrome-brings-personal-and-work-separation-to-ios-users-and-more-enterprise-protections-to-mobile/ Source: Cloud Blog Title: Chrome brings personal and work separation to iOS users and more enterprise protections to mobile Feedly Summary: Many organizations are embracing bring your own device models, meaning employees may be accessing resources from their browsers on unmanaged computers or phones. Chrome Enterprise already gives employees and organizations a…
-
CSA: Copilot Studio: AIjacking Leads to Data Exfiltration
Source URL: https://cloudsecurityalliance.org/articles/a-copilot-studio-story-2-when-aijacking-leads-to-full-data-exfiltration Source: CSA Title: Copilot Studio: AIjacking Leads to Data Exfiltration Feedly Summary: AI Summary and Description: Yes Summary: The text discusses significant vulnerabilities in AI agents, particularly focusing on prompt injection attacks that led to unauthorized access and exfiltration of sensitive data. It provides a case study involving a customer service agent…
-
Simon Willison’s Weblog: Supabase MCP can leak your entire SQL database
Source URL: https://simonwillison.net/2025/Jul/6/supabase-mcp-lethal-trifecta/#atom-everything Source: Simon Willison’s Weblog Title: Supabase MCP can leak your entire SQL database Feedly Summary: Supabase MCP can leak your entire SQL database Here’s yet another example of a lethal trifecta attack, where an LLM system combines access to private data, exposure to potentially malicious instructions and a mechanism to communicate data…
-
Cloud Blog: Just say no: Build defense in depth with IAM Deny and Org Policies
Source URL: https://cloud.google.com/blog/products/identity-security/just-say-no-build-defense-in-depth-with-iam-deny-and-org-policies/ Source: Cloud Blog Title: Just say no: Build defense in depth with IAM Deny and Org Policies Feedly Summary: In today’s cloud landscape, safeguarding your cloud environment requires bolstering your Identity and Access Management (IAM) approach with more than allow policies and the principle of least privilege. To bolster your defenses, we…
-
Cloud Blog: Audit smarter: Introducing Google Cloud’s Recommended AI Controls framework
Source URL: https://cloud.google.com/blog/products/identity-security/audit-smarter-introducing-our-recommended-ai-controls-framework/ Source: Cloud Blog Title: Audit smarter: Introducing Google Cloud’s Recommended AI Controls framework Feedly Summary: As organizations build new generative AI applications and AI agents to automate business workflows, security and risk management management leaders face a new set of governance challenges. The complex, often opaque nature of AI models and agents,…
-
Embrace The Red: Security Advisory: Anthropic’s Slack MCP Server Vulnerable to Data Exfiltration
Source URL: https://embracethered.com/blog/posts/2025/security-advisory-anthropic-slack-mcp-server-data-leakage/ Source: Embrace The Red Title: Security Advisory: Anthropic’s Slack MCP Server Vulnerable to Data Exfiltration Feedly Summary: This is a security advisory for a data leakage and exfiltration vulnerability in a popular, but now deprecated and unmaintained, Slack MCP Server from Anthropic. If you are using this MCP server, or run an…
-
Simon Willison’s Weblog: Cato CTRL™ Threat Research: PoC Attack Targeting Atlassian’s Model Context Protocol (MCP) Introduces New “Living off AI” Risk
Source URL: https://simonwillison.net/2025/Jun/19/atlassian-prompt-injection-mcp/ Source: Simon Willison’s Weblog Title: Cato CTRL™ Threat Research: PoC Attack Targeting Atlassian’s Model Context Protocol (MCP) Introduces New “Living off AI” Risk Feedly Summary: Cato CTRL™ Threat Research: PoC Attack Targeting Atlassian’s Model Context Protocol (MCP) Introduces New “Living off AI” Risk Stop me if you’ve heard this one before: A…
-
The Register: Sneaky Serpentine#Cloud slithers through Cloudflare tunnels to inject orgs with Python-based malware
Source URL: https://www.theregister.com/2025/06/19/sneaky_serpentinecloud_slithers_through_cloudflare/ Source: The Register Title: Sneaky Serpentine#Cloud slithers through Cloudflare tunnels to inject orgs with Python-based malware Feedly Summary: Phishing, Python and RATs, oh my A sneaky malware campaign slithers through Cloudflare tunnel subdomains to execute in-memory malicious code and give unknown attackers long-term access to pwned machines.… AI Summary and Description: Yes…