Daily Brief

Ascension Health announced that patient medical data shared with a former business partner was compromised through a cyberattack targeting third-party software. The attack, which occurred on December 5, exposed sensitive personal and clinical information including SSNs, addresses, and medical records. Affected data varied by individual but included names, dates of birth, racial and gender identities, as well as detailed clinical information like physician names and insurance details. Following the breach, Ascension concluded its internal investigation on January 21 and has begun notifying affected patients. Victims were offered two years of credit monitoring services as a preventive measure against identity theft. Ascension is taking steps to enhance their data security measures and processes to prevent future incidents. This incident marks the second major security compromise for Ascension within a year, following a ransomware attack by the Black Basta group in May 2024. While Ascension has not confirmed the source of the breach, it coincides with a known attack on Cleo software, widely speculated to be the entry point.

Amazon has involved security engineers from the inception of the Alexa+ development process to prevent potential misuses and unintended actions by the AI assistant. The security team, including red teams and penetration testers, collaborates closely with product developers to ensure robust safety guardrails are implemented. This integrated approach aids in anticipating and mitigating risks related to system gaming or malfunction, such as unintended purchases or household accidents. Amy Herzog, Amazon CISO, emphasized the importance of balancing functionality with security, particularly when an AI can perform actions on behalf of users across thousands of services. Alexa+ is designed to handle non-deterministic outputs efficiently, thus requiring specific attention to preventing prompt injections—malicious inputs designed to manipulate the AI's actions. The testing emphasizes secure API interactions to manage different AI-assisted activities effectively, ensuring that grouped actions do not lead to unintended consequences. This collaborative strategy between security and development teams at Amazon is noted as somewhat unusual but beneficial for preemptive security enhancement in AI systems.

Harrods has confirmed being the target of a recent cyberattack, joining M&S and Co-op as victims in a series of assaults on UK retailers. The attack led Harrods to restrict access to its digital platforms, although there was no immediate information about data breach or system compromise. Despite system access restrictions, Harrods stores, including the flagship Knightsbridge location, remain open and functioning. Harrods' IT security team quickly initiated countermeasures to protect systems and maintain safe operations, with no current directives for customers to alter their shopping behavior. The nature and severity of the cyberattack remain unclear, as further details regarding data theft or specific system breaches have not been disclosed. This incident follows cyberattacks on Marks & Spencer and Co-op, with M&S suffering significant disruption due to a ransomware attack called DragonForce. Co-op also reported a cyber incident, hinting at a larger network breach than initially communicated, affecting internal communications and requiring heightened security awareness among employees.

Amazon CISO Amy Herzog highlighted the integration of red teams in the development of Alexa+ to anticipate and prevent security issues. Red teams and penetration testers are involved from the beginning to create safety measures against unintended or malicious system behaviors. The dual perspective of product engineers focused on functionality and security engineers on potential misuse enhances overall system security. Alexa+, currently in testing, aims to assist users with tasks across multiple services while ensuring data safety and system integrity. The system can interact with thousands of devices and services, requiring robust API security to prevent unauthorized actions. Security strategies include isolating systems and installing protections to prevent issues like prompt injection and unintended API interactions. Herzog’s approach of collaborative security planning from the start is noted as relatively unusual in the industry, aiming to ensure safer product deployment.

Seven malicious PyPI packages were identified using Gmail SMTP servers and WebSockets for unauthorized remote activities and data theft. The identified packages were active in PyPI for up to four years, with one package downloaded over 18,000 times. These packages impersonated legitimate software and exploited trusted Gmail services to bypass security systems like firewalls and endpoint detection. The malicious activities included setting up encrypted tunnels, executing shell commands, transferring files, and stealing sensitive credentials and email data. Strong indications were found that the intent behind these packages was to steal cryptocurrency, as seen from associated email addresses and previous similar attacks. Security researchers urge immediate removal of these packages from systems and recommend rotating any potentially compromised keys and credentials. Related research indicated a similar threat was found in an npm package targeting cryptocurrency wallets with over 1,000 units, downloaded 2,000 times before removal.

Cybersecurity experts report a new malware campaign using a disguised security plugin called "WP-antymalwary-bot.php" targeting WordPress websites. Once the plugin is activated, it grants attackers administrative access, allows remote code execution, and can hide itself from the WordPress admin dashboard. Features include code that notifies a command-and-control server, spreads malware into other site directories, and injects malicious JavaScript for ad delivery. The malware evolved to fetch JavaScript from other compromised domains to serve intrusive ads or spam, and incorporates a malicious wp-cron.php file for self-reactivation. Russian language elements in the malware suggest that the threat actors are likely Russian-speaking. Additional information by Sucuri and Trustwave revealed related web threats, including skimmers on e-commerce sites and deceptive CAPTCHA verifications dropping Node.js-based backdoors. It remains unclear how attackers gain initial access to victim sites, posing an ongoing threat to WordPress users.

Chris Krebs, former CISA director, had his Global Entry membership revoked following a feud with President Trump regarding the 2020 election security. Trump has accused Krebs of hiding evidence of electoral fraud and has extended his retaliation to Krebs’ professional life, intertwining criminal investigations and security clearances. Global Entry, a program facilitating expedited U.S. entry for pre-approved, low-risk travelers, was withdrawn from Krebs as a consequence of these accusations and investigations. The event is considered by many, including Krebs and cybersecurity community figures, as a vindictive act by Trump to undermine those who contradict his narrative of the 2020 election. An open letter from the Electronic Frontier Foundation and other cybersecurity leaders has implored Trump to cease his detrimental campaign against Krebs, seeing it as a threat to national security and professional integrity in cybersecurity. Krebs announced his resignation from SentinelOne, where he was employed, to focus fully on fighting these accusations, which he views as a broader battle for democratic principles and the rule of law. The incident has heightened discussions within the cybersecurity and political communities regarding the consequences of political influence over factual reporting and professional conduct in security matters.

SOC teams are shifting from traditional cybersecurity measures to Network Detection and Response (NDR) due to the ability of advanced adversaries to evade endpoint defenses and signature-based systems. NDR solutions enhance security by providing multi-layered detection strategies, analyzing raw network traffic, and identifying malicious activities and anomalies that may be missed by other tools. The adoption of NDR helps address several challenges including increasing attack surfaces due to cloud adoption and IoT proliferation, encryption that renders traditional inspection ineffective, and the unmanageable proliferation of devices. NDR offers a complementary approach to existing security technologies, providing a robust record of network communications, which is difficult for attackers to manipulate, thus aiding in accurate threat detection and forensic investigations. The cybersecurity workforce shortage is prompting organizations to adopt NDR to maximize analyst effectiveness by reducing alert fatigue and accelerating investigation processes through high-fidelity detections and rich context. NDR solutions support compliance with stringent regulatory requirements by providing detailed forensic evidence and comprehensive audit trails necessary for rapid incident notification and documentation. As cybersecurity threats become more sophisticated, the adoption of NDR is accelerating, providing essential visibility into network communications to detect and respond effectively to threats in modern complex IT environments. Corelight, a leading provider of NDR solutions based on the open-source Zeek network monitoring platform, advocates for comprehensive network visibility and advanced NDR capabilities to address security blind spots exploited in major breaches.

Anthropic's Claude AI chatbot was misused by unknown entities to create over 100 fake political personas on Facebook and X, engaging with tens of thousands of genuine accounts. The operation aimed to amplify moderate political views to influence public opinion and policy in Europe, Iran, the UAE, and Kenya. Diverse narratives were pushed including promoting UAE's business environment, critiquing European energy policies, and supporting or criticizing political figures in various countries. This orchestrated campaign utilized Claude not just for generating content, but also for strategic interactions like commenting, liking, or resharing posts to simulate authentic social behavior. The campaign featured sophisticated persona management via a structured JSON-based approach, enabling systematic tracking and engagement across multiple accounts. It demonstrated new tactics in digital influence, such as using humor and sarcasm to counter accusations of being bots. Anthropic highlighted the potential for AI to simplify the execution of complex influence operations, suggesting a future increase in such activities. The report also noted other misuses of Claude, including using AI to scrape and brute-force security data, indicating a broader range of cyber threats facilitated by AI technologies.

The UK's Information Commissioner's Office (ICO) has opted not to pursue further investigation into the British Library's 2023 ransomware attack. The decision was made based on current priorities and resource allocation, despite the severity of the incident caused by a lack of Multi-Factor Authentication (MFA) on an admin account. The British Library was commended for its transparency and comprehensive communication during the recovery process from the ransomware attack. In March 2024, the library published an in-depth review of the attack, sharing valuable insights about its IT vulnerabilities and the corrective steps taken post-incident. The ICO has expressed approval of the Library's ongoing efforts to enhance data security and their proactive measures to educate other organizations on cybersecurity. Meanwhile, the ICO is facing internal challenges with resource constraints and a significant backlog in complaint resolutions, impacting overall performance. The ICO is currently hiring and implementing significant digital and process changes to improve efficiency and response times to complaints.

OX Security's 2025 Application Security Benchmark Report indicates that 95-98% of application security (AppSec) alerts are unnecessary, which does not reduce risks. Despite an increase in detection capabilities with more sophisticated tools, the vast number of security alerts has led to alert fatigue and inefficiency within security teams. Security teams often spend considerable resources addressing vulnerabilities that pose little to no threat, diverting attention from genuine security risks. Significant organizational resources are wasted on inappropriate vulnerability fixes, affecting both budgets and development timelines. The report advocates for a prioritization-based approach in AppSec, emphasizing the need for strategies that focus on evidence-driven prioritization from code design to runtime. OX Security introduces Code Projection technology, designed to enhance contextual understanding and dynamic risk prioritization by mapping cloud and runtime elements back to their code origins. The findings underscore the inefficacy of current detection-only models in application security and propose a shift to prioritization to effectively manage the real threats amidst the noise of non-critical alerts.

A comprehensive phishing campaign has been dispatching the DarkWatchman malware across various Russian industries, including media, tourism, finance, and energy. The financially motivated group Hive0117, known for its past activities in the Baltic region, has been identified as the orchestrator of these attacks. Enhanced versions of DarkWatchman demonstrate advanced evasion techniques, using JavaScript for malicious activities like keylogging and deploying secondary payloads. A new threat, Sheriff backdoor malware, specifically targets Ukraine's defense sector using compromised local news portals for dissemination. Sheriff malware is capable of executing remote commands, taking screenshots, and covertly exfiltrating data, maintaining a low detection footprint for prolonged espionage. IBM links technical elements of the Sheriff backdoor to known malware families such as Turla's Kazuar, highlighting a sophisticated level of threat actor cooperation or development overlap. Ukraine has experienced a significant increase in cyber incidents in 2024, although the severity of these incidents has seen a considerable decrease.

Commvault has confirmed a breach in its Microsoft Azure environment by an unidentified nation-state actor exploiting CVE-2025-3928. The zero-day vulnerability was utilized to access the environment, though no unauthorized data access or customer data theft occurred. Immediate security enhancements and credentials rotation were implemented following the detection of the breach. The U.S. CISA has recognized CVE-2025-3928 as a known exploited vulnerability, urging timely patching by May 19, 2025. Commvault advises customers to implement Conditional Access policies, rotate secrets, and monitor sign-ins to prevent further exploits. Specific IP addresses linked to the malicious activity have been advised to be blocked and monitored for security.

SonicWall has confirmed the active exploitation of two security flaws in its SMA100 Secure Mobile Access appliances. Affected models include SMA 200, 210, 400, 410, and 500v, with patches already issued for these vulnerabilities. The exploited vulnerabilities could potentially allow unauthorized file access and session hijacking. SonicWall has urged customers to check their SMA devices for any signs of unauthorized access. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added a related SonicWall SMA 100 Series vulnerability to its KEV catalog due to active exploitation evidence. There are no specific details available yet on the attackers, the targeted entities, or the full impact of the exploitation.

A China-aligned hacker group, "TheWizards," has been actively exploiting an IPv6 feature to perform adversary-in-the-middle (AitM) attacks targeting software updates. The group employs a custom malware tool, "Spellbinder," which hijacks the IPv6 Stateless Address Autoconfiguration (SLAAC) protocol to reroute traffic to attacker-controlled servers. Victims of these attacks span various countries including the Philippines, Cambodia, UAE, China, and Hong Kong, affecting individuals and organizations like gambling companies. The attacks primarily target Windows environments where Spellbinder intercepts and manipulates network traffic to force devices to connect to malicious domains instead of legitimate update servers. These malicious activities lead to the installation of the "WizardNet" backdoor, which facilitates persistent access and further malware deployment on compromised devices. ESET, the cybersecurity firm, provided the detailed analysis and suggested monitoring or disabling IPv6 traffic where it is not essential to mitigate such threats. Similar tactics were identified earlier in the year by another hacking group exploiting WPS Office update features, underscoring a broader trend in cyber attack strategies targeting software updates.