Quote for the day:
“In my experience, there is only one motivation, and that is desire. No reasons or principle contain it or stand against it.” -- Jane Smiley
DanaBot botnet disrupted, QakBot leader indicted
Operation Endgame relies on help from a number of private sector cybersecurity companies (Sekoia, Zscaler, Crowdstrike, Proofpoint, Fox-IT, ESET, and others), non-profits such as Shadowserver and white-hat groups like Cryptolaemus. “The takedown of DanaBot represents a significant blow not just to an eCrime operation but to a cyber capability that has appeared to align Russian government interests. The case (…) highlights why we must view certain Russian eCrime groups through a political lens — as extensions of state power rather than mere criminal enterprises,” Crowdstrike commented the DanaBot disruption. ... “We’ve previously seen disruptions have significant impacts on the threat landscape. For example, after last year’s Operation Endgame disruption, the initial access malware associated with the disruption as well as actors who used the malware largely disappeared from the email threat landscape,” Selena Larson, Staff Threat Researcher at Proofpoint, told Help Net Security. “Cybercriminal disruptions and law enforcement actions not only impair malware functionality and use but also impose cost to threat actors by forcing them to change their tactics, cause mistrust in the criminal ecosystem, and potentially make criminals think about finding a different career.”AI in Cybersecurity: Protecting Against Evolving Digital Threats
Beyond detecting threats, AI excels at automating repetitive security tasks.
Tasks like patching vulnerabilities, filtering malicious traffic, and
conducting compliance checks can be time-consuming. AI’s speed and precision
in handling these tasks free up cybersecurity professionals to focus on
complex problem-solving. ... The integration of AI into cybersecurity raises
ethical questions that must be addressed. Privacy concerns are at the
forefront, as AI systems often rely on extensive data collection. This creates
potential risks for mishandling or misuse of sensitive information.
Additionally, AI’s capabilities for surveillance can lead to overreach.
Governments and corporations may deploy AI tools for monitoring activities
under the guise of security, potentially infringing on individual rights.
There is also the risk of malicious actors repurposing legitimate AI tools for
nefarious purposes. Clear guidelines and robust governance are crucial to
ensuring responsible AI deployment in cybersecurity. ... The growing role of
AI in cybersecurity necessitates strong regulatory frameworks. Governments and
organizations are working to establish policies that address AI’s ethical and
operational challenges in this field. Transparency in AI decision-making
processes and standardized best practices are among the key priorities.Open MPIC project defends against BGP attacks on certificate validation
MPIC is a method to enhance the security of certificate issuance by validating
domain ownership and CA checks from multiple network vantage points. It helps
prevent BGP hijacking by ensuring that validation checks return consistent
results from different geographical locations. The goal is to make it more
difficult for threat actors to compromise certificate issuance by redirecting
internet routes. ... Open MPIC operates through a parallel validation
architecture that maximizes efficiency while maintaining security. When a
domain validation check is initiated, the framework simultaneously queries all
configured perspectives and collects their results. “If you have 10
perspectives, then it basically asks all 10 perspectives at the same time, and
then it will collect the results and determine the quorum and give you a
thumbs up or thumbs down,” Sharkov said. This approach introduces some
unavoidable latency, but the implementation minimizes performance impact
through parallelization. Sharkov noted that the latency is still just a
fraction of a second. ... The open source nature of the project addresses a
significant challenge for the industry. While large certificate authorities
often have the resources to build their own solutions, many smaller CAs would
struggle with the technical and infrastructure requirements of
multi-perspective validation.
How to Close the Gap Between Potential and Reality in Tech Implementation
First, there has to be alignment between the business and tech sides. So, I’ve
seen in many institutions that there’s not complete alignment between both. And
where they could be starting, they sometimes separate and they go in opposite
directions. Because at the end of the day, let’s face it, we’re all looking at
how it will help ourselves. Secondly, it’s just the planning, ensuring that you
check all the boxes and have a strong implementation plan. One recent customer
who just joined Backbase: One of the things I loved about what they brought to
the kickoff call was what success looked like to them for implementation. So,
they had the work stream, whether the core integration, the call center, their
data strategy, or their security requirements. Then, they had the leader who was
the overall owner and then they had the other owners of each work stream. Then,
they defined success criteria with the KPIs associated with those success
criteria. ... Many folks forget that they are, most of the time, still running
on a legacy platform. So, for me, success is when they decommission that legacy
platform and a hundred percent of their members or customers are on Backbase.
That’s one of the very important internal KPIs.How AIOps sharpens cybersecurity posture in the age of cyber threats
The good news is, AIOps platforms are built to scale with complexity, adapting
to new environments, users, and risks as they develop. And organizations can
feel reassured that their digital vulnerabilities are safeguarded for the long
term. For example, modern methods of attack, such as hyperjacking, can be
identified and mitigated with AIOps. This form of attack in cloud security is
where a threat actor gains control of the hypervisor – the software that manages
virtual machines on a physical server. It allows them to then take over the
virtual machines running on that hypervisor. What makes hyperjacking especially
dangerous is that it operates beneath the guest operating systems, effectively
evading traditional monitoring tools that rely on visibility within the virtual
machines. As a result, systems lacking deep observability are the most
vulnerable. This makes the advanced observability capabilities of AIOps
essential for detecting and responding to such stealthy threats. Naturally, this
evolving scope of digital malice also requires compliance rules to be frequently
reviewed. When correctly configured, AIOps can support organizations by
interpreting the latest guidelines and swiftly identifying the data deviations
that would otherwise incur penalties.
Johnson & Johnson Taps AI to Advance Surgery, Drug Discovery
J&J's Medical Engagement AI redefines care delivery, identifying 75,000 U.S.
patients with unmet needs across seven disease areas, including oncology. Its
analytics engine processes electronic health records and clinical guidelines to
highlight patients missing optimal treatments. A New York oncologist, using
J&J's insights, adjusted treatment for 20 patients in 2024, improving the
chances of survival. The platform engages over 5,000 providers, empowering
medical science liaisons with real-time data. It helps the AI innovation team
turn overwhelming data into an advantage. Transparent data practices and a focus
on patient outcomes align with J&J's ethical standards, making this a model
that bridges tech and care. ... J&J's AI strategy rests on five ethical
pillars, including fairness, privacy, security, responsibility and transparency.
It aims to deliver AI solutions that benefit all stakeholders equitably. The
stakeholders and users understand the methods through which datasets are
collected and how external influences, such as biases, may affect them. Bias is
mitigated through annual data audits, privacy is upheld with encrypted storage
and consent protocols, and on top of it is AI-driven cybersecurity monitoring. A
training program, launched in 2024, equipped 10,000 employees to handle
sensitive data.
Surveillance tech outgrows face ID
Many oppose facial recognition technology because it jeopardizes privacy, civil
liberties, and personal security. It enables constant surveillance and raises
the specter of a dystopian future in which people feel afraid to exercise free
speech.Another issue is that one’s face can’t be changed like a password can, so
if face-recognition data is stolen or sold on the Dark Web, there’s little
anyone can do about the resulting identity theft and other harms. .... You can
be identified by your gait (how you walk). And surveillance cameras now use
AI-powered video analytics to track behavior, not just faces. They can follow
you based on your clothing, the bag you carry, and your movement patterns,
stitching together your path across a city or a stadium without ever needing a
clear shot of your face. The truth is that face recognition is just the most
visible part of a much larger system of surveillance. When public concern about
face recognition causes bans or restrictions, governments, companies, and other
organizations simply circumvent that concern by deploying other technologies
from a large and growing menu of options. Whether we’re IT professionals, law
enforcement technologists, security specialists, or privacy advocates, it’s
important to incorporate the new identification technologies into our thinking,
and face the new reality that face recognition is just one technology among
many.
How Ready Is NTN To Go To Scale?
Non-Terrestrial Networks (NTNs) represent a pivotal advancement in global
communications, designed to extend connectivity far beyond the limits of
ground-based infrastructure. By leveraging spaceborne and airborne assets—such
as Low Earth Orbit (LEO), Medium Earth Orbit (MEO), and Geostationary (GEO)
satellites, as well as High-Altitude Platform Stations (HAPS) and UAVs—NTNs
enable seamless coverage in regions previously considered unreachable. Whether
traversing remote deserts, deep oceans, or mountainous terrain, NTNs provide
reliable, scalable connectivity where traditional terrestrial networks fall
short or are economically unviable. This paradigm shift is not merely about
extending signal reach; it’s about enabling entirely new categories of
applications and industries to thrive in real time. ... A core feature of NTNs
is their use of varied orbital altitudes, each offering distinct performance
characteristics. Low Earth Orbit (LEO) satellites (altitudes of 500–2,000 km)
are known for their low latency (20–50 ms) and are ideal for real-time services.
Medium Earth Orbit (MEO) systems (2,000–35,000 km) strike a balance between
coverage and latency and are often used in navigation and communications.
Geostationary Orbit (GEO) satellites, positioned at ~35,786 km, provide
wide-area coverage from a fixed position relative to Earth’s
rotation—particularly useful for broadcast and constant-area monitoring.
Enterprises are wasting the cloud’s potential
One major key to achieving success with cloud computing is training and
educating employees. Although the adoption of cloud technology signifies a
significant change, numerous companies overlook the importance of equipping
their staff with the technical expertise and strategic acumen to capitalize on
its potential benefits. IT teams that lack expertise in cloud services may use
cloud resources inefficiently or ineffectively. Business leaders who are
unfamiliar with cloud tools often struggle to leverage data-driven insights that
could drive innovation. Employees relying on cloud-based applications might not
fully utilize all their functionality due to insufficient training. These skill
gaps lead to dissatisfaction with cloud services, and the company doesn’t
benefit from its investments in cloud infrastructure. ... The cloud is a tool
for transforming operations rather than just another piece of IT equipment.
Companies can refine their approach to the cloud by establishing effective
governance structures and providing employees with training on the optimal
utilization of cloud technology. Once they engage architects and synchronize
cloud efforts with business objectives, most companies will see tangible
results: cost savings, system efficiency, and increased innovation.
