News for today:
- Opsec for North Korean threat actors. A new report by SentinelLabs details how North Korean threat actors operate, with a focus on stealing cryptocurrency assets, fake skills assessments that trick victims to copy and paste malicious scripts, and tracking threat intelligence sources to identify whether their infrastructure has been implicated. Cybernews
- Cato Networks acquired Aim Security. Aim Security was acquired by Cato Networks, to bring Aim’s enterprise AI security capabilities to Cato’s SASE Cloud Platform. Intent is to enable the secure adoption of AI agents and AI applications by enterprises. Aim’s capabilities enable discovery of shadow AI usage, protection of end-user AI interactions, securing AI applications and agents against runtime AI attacks, and posture management for AI security and compliance risks. Cato Networks
- Zendata on threat of adversarial injections. Zendata warns of threat actors embedding malicious instructions inside log data, in order to bypass security protections in AI-enabled SOCs. The AI agent can be tricked into misinterpreting the situation, downplaying a real attack, or even fabricating false incidents … [web requests with hidden instructions may flow] through your SIEM into an AI-driven assistant, the LLM might obediently comply and silently modify the alert context in ways that completely mislead the SOC analyst. Zendata