Security Bulletin

The cybersecurity landscape confounded expectations in 2024, as anticipated threats and risk didn't materialize and less widely touted attack scenarios shot up.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

In the last week I ran into some issues that I hadn't anticipated:

Understanding how multiple AI models speak to each other and deciding which framework to use requires careful evaluation of both the business benefits of advanced AI orchestration and the cybersecurity implications of connecting automated services.

Tenable researchers say “ConfusedComposer” highlights how attackers can exploit cloud service permissions.

The tech giant is boosting Entra ID and MSA security as part of the wide-ranging Secure Future Initiative (SFI) that the company launched following a Chinese APT's breach of its Exchange Online environment in 2023.

The Texas municipality is following its incident response playbook as it works with a third-party to investigate the scope and scale of the attack.

Dialysis firm DaVita, Wisconsin-based Bell Ambulance, and Alabama Ophthalmology Associates all suffered apparent or confirmed ransomware attacks this month.

Continued brain drain includes two of the experts who managed CISA’s Secure by Design program.

A proof-of-concept (PoC) attack vector exploits two Azure authentication tokens from within a browser, giving threat actors persistent access to key cloud services, including Microsoft 365 applications.

Agentic AI's appeal is growing as organizations seek more autonomous and hands-off approaches to their security protocols.