Cybersecurity Saturday

David ErmerCongress, Cybersecurity, Generative AI

From the War with Iran front

  • SC Media reports,
    • The Iran state-sponsored threat group Nimbus Manticore conducted attacks during the U.S.-Israel military campaign Operation Epic Fury targeting the U.S. aviation industry and others for deployment of a new AI-assisted backdoor called “MiniFast,” Check Point Research reported Friday [May 22].
    • The attacks, seen throughout the 2026 Iran war in March, followed previous campaigns throughout February using an older backdoor called MiniJunk. Both waves of attacks utilized career-themed phishing lures for initial access and AppDomain hijacking techniques to execute malicious payloads. * * *
    • Check Point said Nimbus Manticore has shifted tactics in its most recent attacks, seen after the Iran war ceasefire in April, using search engine optimization (SEO) poisoning to impersonate the software Oracle SQL Developer and spread MiniFast.
    • “MiniFast, the successor of MiniJunk, enables extensive control of the victim’s machine through API-based communications with the attacker’s command-and-control (C2) server. As in previous attacks, Nimbus Manticore used career-themed phishing lures to spread MiniFast during Operation Epic Fury, specifically impersonating a U.S. domestic airline.”
  • Cybersecurity Dive adds,
    • “Iranian government-linked hackers sabotaged the computer infrastructure of Los Angeles’s transit system by using access to a virtual machine to delete critical operating-system data, the Israeli cybersecurity firm Gambit Security said in a report published on Tuesday.
    • “The same threat actor also conducted data-wiping attacks on the South Florida Regional Transportation Authority, the connected-vehicle technology firm Agnik and a Saudi Arabian construction company that handles critical infrastructure projects, according to the report.
    • “Gambit dismissed the hackers’ claims of being a new pro-Iranian hacktivist gang, instead attributing their operations to Black Shadow, a group that the Israeli government and private security firms have linked to Iran’s Ministry of Intelligence and Security.”

From the Project Glasswing front,

  • Bleeping Computer reports,
    • “Anthropic has confirmed that it plans to bring Mythos-class models to the general public after delaying the rollout due to security risks to public and private software.” * * *
    • In a blog post, Anthropic confirmed that it plans to release Mythos-class models to the public in the coming weeks, but it has not committed to a specific timeframe.
    • “We’re making swift progress on developing these safeguards and expect to be able to bring Mythos-class models to all our customers in the coming weeks,” Anthropic said in a blog post.
    • “Anthropic says it is already allowing a small number of organizations to use Claude Mythos preview for cybersecurity work, but it is unclear if the same model will be rolled out to the public.
    • “According to the company, the Mythos model shows major improvements in code reasoning and autonomy, far above Claude’s current flagship model, Opus 4.8.”

From the cybersecurity policy and law enforcement front,

  • Beckers Health IT reports,
    • “House Republican leaders are calling on FBI Director Kash Patel to act aggressively to stop cybercriminal groups targeting the healthcare industry.
    • “In a May 28 letter to Mr. Patel, the lawmakers pointed to the sharp increase in healthcare ransomware attacks and data breaches over the past several years that jeopardize patient safety and cost hospitals and health systems millions of dollars.
    • “We strongly encourage continued collaboration between the FBI and healthcare stakeholders, including through public-private partnerships, streamlined reporting mechanisms, and clear guidance that enables hospitals — large and small — to participate effectively in information-sharing initiatives without undue burden,” the legislators wrote.”
  • Cyberscoop relates,
    • “House subcommittee will hold an open hearing next week on how frontier artificial intelligence models are shaping the cybersecurity landscape, for good and for ill.
    • “The June 4 hearing will be the second the Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection has held that was focused at least in part on the subject, following a similar hearing held in December. But unlike at that joint subcommittee hearing, where members also examined other emerging technologies, AI takes center stage next week. * * *
    • “The witnesses will be Sandra Joyce, vice president of Google Threat Intelligence; Chris Meserole, executive director of the Frontier Model Forum; Jack Cable, a former top official at the Cybersecurity and Infrastructure Security Agency and now chief executive officer and co-founder of Corridor Security; and Matthew Guariglia, senior policy analyst at the Electronic Frontier Foundation.”
  • and
    • “The White House has updated rules for federal agencies to keep logs of significant cyber activities in their networks, touting it as a measure to cut back on red tape and focus on how cybersecurity risks have evolved.
    • “The Office of Management and Budget memorandum, released Friday, replaces a 2021 memo signed by then-President Joe Biden. It continues revisions that President Donald Trump has made to federal cybersecurity guidance under his predecessor.
    • “The new memo, M-26-14, nods at the intentions of the earlier memo, M-21-31, saying that “Implementation of that memorandum improved foundational capabilities across agencies” to establish standards for logging and improve agencies’ record-keeping for the purposes of detecting and responding to cyberattacks.” * * *
    • There have been calls for the idea of updating the 2021 memo, and one observer praised the new version to CyberScoop. Another analyst, however, questioned how much harm the Trump administration might do by rescinding the earlier memo before having all of the new memo’s directives in place.
    • “One directive is for the Cybersecurity and Infrastructure Security Agency to develop a “logging reference architecture” within 90 days that prioritizes the objectives of conducting continuous event monitoring and enabling investigations of forensic analysis after a known or suspected compromise.
    • “Agencies would have another 90 days to submit a logging plan that adheres to those principles. The memo also establishes a new model for measuring agency progress in implementation. Multiple government watchdogs have concluded that agencies weren’t meeting the prior memo’s benchmarks.”
  • Federal News Network adds,
    • “Acting Federal Chief Information Security Officer Mike Duffy wrote on LinkedIn that the new policy “focuses agencies on what matters most: continuous visibility, rapid detection, effective threat hunting and actionable response capabilities.”
    • “And given the recent discovery by Claude’s Mythos of thousands of zero day vulnerabilities in systems that were previously known or not addressed, agencies and industry are being forced to figure out how best to strengthen their partnership against these AI-fueled attacks.
    • “Nick Andersen, the acting director of the Cybersecurity and Infrastructure Security Agency, said he has deep concerns specifically about one type of technology when it comes to cybersecurity vulnerabilities.
    • “The open source community is one that I’m particularly worried about when we start to think about the rapid escalation of vulnerability discovery. But it is going to result in us having to make some really, really hard decisions on the level of investment that’s going to be required,” Andersen said on May 21 at the Cyber Innovation Summit sponsored by the National Security Institute at George Mason University’s Antonin Scalia Law School.”
  • Cyberscoop cautions,
    • “A Department of Commerce inspector general report released Thursday [May 28] found that the National Institute of Standards and Technology has mismanaged a critical cybersecurity vulnerability database through poor planning, inefficient operations, duplicate federal programs, and failure to communicate with users.
    • “The National Vulnerability Database, maintained by NIST since 2005, collects information about computer security flaws and adds details like severity ratings and affected products. This information helps cybersecurity professionals across government and the private sector decide which security problems to fix first. In February 2024, the database’s enrichment contract lapsed, creating a backlog of unprocessed security flaws that has only grown worse.
    • “The report identified the lack of strategic planning as a core problem. NIST leaders admitted they had no long-term plan for clearing the backlog, even as it grew from about 13,000 unprocessed security flaws in June 2024 to over 27,000 by the end of 2025.
  • The American Hospital Association lets us know,
    • “The Cybersecurity and Infrastructure Security Agency May 26 announced a revised schedule for its series of virtual town hall meetings for public input on proposed rulemaking for the Cyber Incident Reporting for Critical Infrastructure Act of 2022. The meetings will now begin June 15. They were originally scheduled for March and April but were not held due to the partial shutdown of the Department of Homeland Security. CISA seeks input to finalize a proposed rule originally issued in March 2024. The proposed rule would require critical infrastructure organizations, including hospitals and health systems, to report certain cyber incidents to CISA within 72 hours and ransom payments within 24 hours, among other mandates. The AHA commented on the rule, calling certain proposed requirements redundant to those from other federal agencies and saying that they may add unnecessary burden to hospitals working to ensure access to needed services during cybersecurity incident response.”
  • CISA notes,
    • “The revised [town hall meeting] schedule is available in the Federal Register. Interested stakeholders may register for the town hall meetings at www.cisa.gov/circia. Any changes or updates to the town halls will be available on www.cisa.gov/circia
  • Cybersecurity Dive tells us,
    • “The Cybersecurity and Infrastructure Security Agency on Thursday [May 28] warned that hackers targeted software development pipelines in recent weeks and urged security teams to check for potential compromise of their environments. 
    • “CISA referenced two recent campaigns, including the “Megalodon” supply chain attack and a GitHub compromise through a malicious Nx Console Visual Studio Code extension.” * * *
    • “CISA is urging security teams to monitor and conduct audits on their workflow files and activity from contributors. Attention should be paid to suspicious pull requests or direct commits, specifically any coming from an automated account. 
    • “Security teams should revert any unauthorized changes, CISA advised, and check for anything that came in after May 18. 
    • ‘If a compromise is found in connection with a previously compromised Nx Console or GitHub account, CISA suggests the following:
      • “Undertake a forensics review of continuous integration/continuous delivery logs, impacted developer machines and cloud audit trails. 
      • “Rotate or revoke secrets, including credentials, tokens and secrets related to CI/CD pipelines.”
  • The Wall Street Journal informs us,
    • “The FBI’s latest report on internet crime complaints shows cybercriminals are using AI, causing $893 million in losses.
    • “Cryptocurrency investment fraud was the largest source of financial losses, totaling $7.2 billion last year.
    • “Government-impersonation scams increased to over 32,000 complaints last year, aided by AI for sophistication.”
  • Bleeping Computer points out,
    • “A North Carolina man was sentenced to more than 10 years in prison for selling the personal information of over 7 million elderly Americans to Jamaican scammers.
    • “57-year-old Troy Murray (who used the Steve Dixon pseudonym) pleaded guilty in January 2026 to one count of conspiracy to commit wire fraud and was sentenced Thursday to 121 months in prison, three years of supervised release, and ordered to forfeit $5,2 million.
    • ‘Prosecutors said that Murray’s alias was so widely known among Jamaican scammers that it was referenced in a 2022 song lyric by a Jamaican musical artist.
  • and
    • A Romanian national was sentenced this week to 56 months in federal prison for breaking into an Oregon state government computer network and fr cyberattacks targeting dozens of other U.S. victims.
    • 46-year-old Catalin Dragomir (who used the online handle “inthematrixl”) of Constanta, Romania, pleaded guilty on February 19 to one count of aggravated identity theft and one count of obtaining information from a protected computer.
    • The charges carried a maximum of five years in prison for the computer intrusion count, followed by a mandatory consecutive two-year term for the identity theft count, a fine of $250,000, and three years’ supervised release. The court also ordered Dragomir to forfeit approximately 23 Monero (XMR), a cryptocurrency, valued at roughly $8,500.

From the cybersecurity breaches and vulnerabilities front,

  • Bleeping Computer reports,
    • “The ShinyHunters extortion gang stole personal information from 4.9 million accounts after hacking the U.S. telecom giant Charter Communications in early April, according to data breach notification service Have I Been Pwned.
      “Charter has over 92,000 employees and provides internet, mobile, video, and voice services to more than 32 million customers and over 57 million homes in 41 states across the U.S. through its Spectrum brand.
      “The company confirmed the breach earlier this week, saying that the attackers did not steal sensitive personal customer information and that it had alerted authorities about the incident.”
    • * * * “After the company refused to pay the ransom demanded by ShinyHunters to have the stolen data returned and destroyed, the cybercrime group leaked the documents stolen from Charter’s Salesforce instance on their dark web leak site.
    • “Have I Been Pwned analyzed the leaked data and confirmed that the incident affected 4.9 million accounts, whose names, email addresses, job titles, phone numbers, and physical addresses were stolen.
    • “The group later published the data, which exposed 4.9M unique email addresses along with names, phone numbers and physical addresses,” Have I Been Pwned said. “A subset of approximately 85k records originating from an internal employee directory also included job titles.”
    • “The FBI has recently advised ShinyHunters’ victims not to give in to the gang’s ransom demands, after previously warning that doing so cannot guarantee that threat actors won’t attempt to sell the stolen data to other cybercriminals or extort them again.
  • and
    • “Threat actors are abusing ChatGPT’s content-sharing feature to display fake OpenAI outage pages that direct users to download malware disguised as the ChatGPT desktop application.
    • “The “LLMShare” campaign, discovered by Push Security, uses Google ads to direct users searching for ChatGPT to a malicious shared ChatGPT page hosted on chatgpt.com, allowing the attack to be delivered through a legitimate OpenAI domain.
    • “Users who click the advertisement are taken to a legitimate ChatGPT shared page, but instead of seeing a chat conversation, they are presented with a rendered outage notice claiming the web version is unavailable and that they should download the desktop application instead.”
  • Security Week relates,
    • “The infamous extortion gang Silent Ransom Group (SRG) has been impersonating IT support in a fresh campaign targeting law firms, the FBI warns.
    • “Active since at least 2022, SRG has been targeting law firms in the US since at least 2023, mainly through callback phishing emails and social engineering calls, claiming to aid victims in canceling subscription fees.
    • In a May 2025 alert, the FBI warned of SRG’s phishing emails containing links to remote access software that allowed the attackers to quickly exfiltrate data from the victims’ systems.
    • “In attacks observed this year, the threat actor has updated its tactics, now posing as an employee from the victim’s IT department.” * * *
    • “To prevent SRG attacks, organizations are advised to verify the credentials of all individuals with access to company assets, limit access to sensitive data, train employees to identify phishing attempts, and establish clear policies for IT support communication and authentication.
    • “Backing up all company data, implementing phishing-resistant multi-factor authentication (MFA), blocking access to commonly exploited ports, and disabling remote access and permissions for external drive installation should also prevent intrusions and the loss of sensitive and confidential data.”
  • Cybersecurity Dive tells us,
    • “Nearly all executives are confident their employees are using AI responsibly, but shadow AI is creeping its way into organizations, an Okta survey released Wednesday found. More than half of employeesreported they’re using personal AI tools without approval, the security platform provider learned in surveying nearly 300 tech executives and 500 knowledge workers along with market research firm Apprize360.
    • “Workers reported using unapproved AI tools for productivity reasons, saying they allow the tools access to internal messages, HR-related information and confidential company documents. The practice is heightening security risks, as 58% of executives said their organization had an AI-related security incident or a close call last year, according to the report. 
    • “Lack of clarity in AI usage policies or banning personal AI tools can actually increase shadow AI use, said Harish Peri, Okta’s SVP and GM for AI security, in an email. “By taking a more collaborative approach with employees, leaders can offer sanctioned, enterprise-grade alternatives to the unapproved tools that teams are using.”

From the ransomware front,

  • Industrial Cyber reports,
    • “The Federal Bureau of Investigation (FBI) disclosed that about 25 ransomware groups used a criminal VPN service known as ‘First VPN Service’ to conduct network intrusions, scanning operations, botnets, denial-of-service attacks, and scams. The service has been active since around 2014 across 32 exit nodes in 27 countries. It affects organizations by enabling ransomware groups and other cybercriminal actors to conduct network intrusions, reconnaissance, credential abuse, denial-of-service attacks, and broader malicious operations.
    • “At least 25 ransomware groups, such as Avaddon Ransomware, have used First VPN Service infrastructure to perform network reconnaissance and intrusions,” the FBI wrotein a recent FLASH advisory. “First VPN Service IP addresses have been used for scanning activity, botnets, denial of service attacks, scams, and hacking. First VPN Service was almost exclusively advertised in known criminal dark web forums such as Exploit[.]in and XSS[.]is, two of the most prominent Russian-language online forums which provide marketplaces for cyber criminals to buy and sell unauthorized access to computer systems, stolen personal identifying information, hacking tools, and contraband. This reporting applies solely to the First VPN Service and does not extend to other VPN providers with similar naming.” 
    • “The revelation came alongside a coordinated international takedown of the service, led by French and Dutch cybercrime units with support from Ukraine, the U.K., Switzerland, and Luxembourg. It follows from the findings that the VPN was marketed almost exclusively on prominent Russian-language dark web forums used by cybercriminals to trade stolen data, hacking tools, and unauthorized access to systems.”
  • Morphisec tells us “How AI is Changing Ransomware — and Why It’s Faster, Smarter, and Harder to Detect.” 
    • “AI-driven ransomware is still in its early stages, but the direction is clear. Threats are becoming:   
      • “faster  
      • “more adaptive
      • “more autonomous  
      • “harder to observe  
      • “increasingly resistant to detection    
    • “Organizations that continue relying solely on reactive security models will face growing exposure as attack timelines shrink, and visibility gaps expand. The future of cybersecurity will not be defined by who can detect threats fastest. It will be defined by who can prevent them from executing at all.”   
  • Tech Radar adds,
    • “There is a glaring misconception at the heart of cybersecurity that cyber-attacks are targeted at specific organizations or sectors. But while certain sectors do receive more than their fair share of attacks, this isn’t due to deliberate targeting; like any business, it’s driven by money.
    • “Threat groups are largely driven by financial gain, with actors looking to get the most ‘bang for their buck’. Targeting vulnerabilities that don’t just give them access to one organization, but multiple, to grow their potential revenue opportunities.
    • “And at the moment, organizations are leaving far too many of these vulnerabilities open for exploitation.”

Cybersecurity business and defenses front,

  • Cybersecurity Dive reports,
    • “IBM will spend $5 billion to help find and fix vulnerabilities in open-source software packages used throughout the business world, the company announced on Thursday [May 28].
    • “Through Project Lightwell, IBM will create “a trusted enterprise clearinghouse combined with a global force of engineers to identify and fix vulnerabilities at scale,” using AI to validate and test the patches before deployment, the company said. Businesses will be able to subscribe to the patching program for automated deployment of fixes that integrates with their existing life cycle management processes.
    • “Open source is the backbone of today’s digital economy and the foundation of modern AI, and we are at an inflection point in how it is built, secured, and scaled,” IBM CEO Arvind Krishna said in a statement. “This is about strengthening trust in the systems that power business, government, and society.”
  • Security Week relates,
    • “Google Cloud this week announced an always-on autonomous platform designed to protect enterprises from the rising wave of AI-powered cyberattacks.
    • “The new Google AI Threat Defense cybersecurity solution leverages AI to identify machine-powered threats faster and stop them before they can do harm.
    • “According to Google, the platform continuously prioritizes critical real-world risks and can help organizations implement defenses that predict attack paths and proactively deploy remediation.
    • “Google AI Threat Defense combines Mandiant’s frontline and incident response experience with Wiz’s cloud security platform (recently acquired by Google) and Gemini’s reasoning and code remediation capabilities powered by Gemini and CodeMender.
    • “By connecting real-world exposure directly to autonomously creating and prioritizing patching, AI Threat Defense helps organizations actively predict attack paths, prioritize the most significant threats, and deploy verified fixes faster than adversaries can exploit them,” Google says.”
  • and
    • “Anthropic has announced two new security features for its Claude AI: a self-hosted sandbox and a new security guidance plugin.
    • “The sandbox, currently in public beta, was announced at Anthorpic’s Code w/ Claude event in London this week.
    • “According to the company, Claude Managed Agents can now operate in a user-controlled sandbox connected to the user’s private MPC servers. 
    • “Tool execution moves to an environment you configure—your own infrastructure or a managed provider like Cloudflare, Daytona, Modal, or Vercel—while the agent loop that handles orchestration, context management, and error recovery stays on Anthropic’s infrastructure,” Anthropic explained. 
    • “It added, “Your network policies, audit logging, and security tooling apply, files and repositories don’t leave your perimeter, and you control compute sizing and the runtime image for compute-heavy work.”
    • “Separately, the company unveiled a security guidance plugin for Claude Code, designed to help developers detect and fix vulnerabilities as they write code.”
  • Cyberscoop informs us,
    • “CrowdStrike has dismantled the Glassworm botnet in an operation aided by Google and Shadowserver, stripping the operators’ access to infrastructure that helped threat actors infect hundreds of pieces of open-source software with malware since early 2025, the company said Tuesday [May 26]. 
    • “The coordinated effort involved the simultaneous takedown of four attacker-controlled servers that were designed to obscure the botnet’s operations and remain resilient against disruptions.
    • “CrowdStrike and partners took down infrastructure, severed access to the botnet’s most critical services, impeded operation momentum and slowed the attackers’ ability to scale, Adam Meyers, senior vice president of counter adversary operations at CrowdStrike, told CyberScoop.”
  • and
    • “Security researchers chained together five separate weaknesses in the popular workflow automation service Zapier that, if first discovered by a malicious actor, could have granted access to millions of user accounts and the systems those accounts connect to.
    • :The flaws, disclosed by security firm Token Security, did not require malware or insider access. The only prerequisite, according to the company’s report, was a free Zapier account. From there, researchers chained together weaknesses that, if taken individually, would have looked routine, but together opened a path to one of the most widely used services of the modern internet.
    • “Zapier’s software can be configured to move data between email, customer-relationship tools, payment processors, calendars, code repositories and thousands of other applications. Zapier says it supports more than 8,000 third-party integrations and has millions of users, which means breaking into Zapier could escalate into a wide-ranging supply-chain attack.” * * *
    • “The episode lands at a moment when automation platforms and artificial-intelligence tools are increasingly being granted the standing authority to act on behalf of users across dozens of services at once. Token Security’s researchers argued that the weaknesses they found were not unique to Zapier. Each link in the chain, they said, was a well-documented kind of mistake. The vulnerability was the chain itself, and the same pattern, they warned, almost certainly exists at other companies that have not yet looked.
    • “Zapier says the issues have been fixed and no further action is required. But the researchers suggested organizations with heightened sensitivity review their automation logs for anything they did not create, and consider reauthorizing Zapier connections to particularly sensitive systems.
    • “You can read the full research report on Token Security’s website.” 
  • Tech Target points out
    • “The unified platform versus best-of-breed tools debate continues as security teams struggle with integration challenges, alert fatigue and limited resources. Does buying software from individual vendors still make sense, or does that approach only further complicate today’s distributed networks? The pressure is prompting a fresh look at unified security platforms as a way to reduce complexity and costs, improve visibility and regain control.”
  • An SC Media commentator identifies “seven identity security best practices for the Agentic AI era.”
    • “Execute regular identity security risk assessments: Leverage tools that can clearly show what AI agents operate in our environment, including those that are operating as shadow IT. This analysis should put risks in clear context, including agent security posture, and potential escalation paths.
    • Encrypt credentials: Put them in a secure vault, with automatic key rotation to make it harder to steal or reuse valid credentials.
    • Restrict remote access to systems: Use leverage tooling that can perform automated credential injection from the company’s vaults to prevent adversary-in-the-middle attacks.
    • Use workload identity to avoid long-lived tokens: Also use scoped permissions, whether OAuth-based or otherwise, to reduce the “blast radius” of stolen credentials.
    • Limit permissions on endpoints with endpoint privilege management tools: Default permissions to “standard user” and set up policies that limit what local agents can do on those systems. Remove standing policies and replace them with JIT or time-limited policies and permissions.
    • “Implement IP allowlisting: This will reject AI agent requests coming from non-authorized locations.
    • Log and audit all privileged behavior: Do this in all systems, whether that’s through tools such as session logs, shipping event logs to a SIEM, or using anomalous behavior analysis tools in the SOC.”
  • Here is a link to Dark Reading’s CISO Corner.

Leave a Reply

Your email address will not be published. Required fields are marked *