Last week was busy in cybersecurity. Plenty of companies announced new products, and several warned of zero-day exploits. The surprise news was the UK government Cybersecurity Breaches Survey, which noted fewer reports of breaches from SMEs and charities.
At NTT Upgrade 2025 in San Francisco, NTT Research has announced a UHD Video AI Inference chip for real-time 4k video processing. Its first application for the technology is for use in drones doing surveillance and detecting people flow. The company claims it will detect people using a 3×21 pixel pattern from a drone at 500 feet.
Armis warned that AI is supercharging the global cyberwarfare threat. It makes that claim in its third annual report, Warfare Without Borders: AI’s Role In The New Age Of Cyberwarfare. The report shows how AI is tipping the balance to cyber attackers.
Netwrix has launched a free, open-source Model Context Protocol (MCP) server integration for Netwrix Access Analyzer. It allows customers to use AI assistants to gain data security insights from query data it collects. Importantly, it allows security teams to ask natural-language questions of data. That means they don’t have to learn scripting or data languages to get results.
Nerdio has released Nerdio Manager for Enterprise 7.0. This release adds new capabilities for managing Microsoft Windows 365 and Cloud Desktop. Among the new features are automated workflows and advanced planning tools.
Immuta has released updates and enhancements to its Data Marketplace solution. It is positioning them as accelerating secure data provisioning and improving data governance. The Data Marketplace makes it easier for users to find data and request access to it. It allows enterprises to offer access to data to users as they seek to get greater insight from enterprise data.
Semperis has released its latest study, which shows that water and electric utilities are at serious risk of disruption from cyber attacks. The study looks at utilities in the US and UK and is titled, The State of Critical Infrastructure Resilience, Evaluating Cyber Threats to Water and Electric Utilities. It shows how nation-state attackers are actively targeting critical national infrastructure.
Europol
A new Europol report looks at biometric recognition technology and its potential for exploitation by criminals. Fingerprint scans or facial recognition technology are increasingly replacing passwords to make logging in or confirming payment effortless. But this convenience presents new threats that need to be acknowledged by law enforcement and the general public. A password can be updated, but biometrics cannot.
Europol led a coalition of law enforcement agencies across North America and Europe to take down more malware sites. Using data gathered from Operation Endgame in May 2024, customers of the Smokeloader pay-per-install botnet, operated by the actor known as ‘Superstar’, faced consequences such as arrests, house searches, arrest warrants or ‘knock and talks’.
National Cyber Security Centre
In new advisories, the National Cyber Security Centre (NCSC), and agencies in Australia, Canada, Germany, New Zealand and the United States have revealed details about how malicious cyber actors are using two forms of spyware, MOONSHINE and BADBAZAAR, to target individuals in Uyghur, Tibetan and Taiwanese communities as well as civil society groups.
Once installed, the apps have been observed accessing functions, including microphones, cameras, messages, photos, and location data, including real-time tracking, without the user being aware.
US Department of Justice
Albert Saniger, the former Chief Executive Officer of Nate Inc, has been indicted for a scheme to defraud investors and prospective investors of Nate, by making false and misleading statements about Nate’s use of proprietary AI technology and its operational capabilities.
Acting U.S. Attorney Matthew Podolsky said, “As alleged, Albert Saniger misled investors by exploiting the promise and allure of AI technology to build a false narrative about innovation that never existed. This type of deception not only victimizes innocent investors, it diverts capital from legitimate startups, makes investors skeptical of real breakthroughs, and ultimately impedes the progress of AI development.”
The Justice Department took significant steps to move forward with implementing a critical program to prevent China, Russia, Iran, and other foreign adversaries from using commercial activities to access and exploit U.S. government-related data and Americans’ sensitive personal data to commit espionage and economic espionage, conduct surveillance and counterintelligence activities, develop AI and military capabilities, and otherwise undermine our national security.
The Data Security Program implemented by the National Security Division (NSD) under Executive Order 14117 addresses this “unusual and extraordinary threat…to the national security and foreign policy of the United States” that has been repeatedly recognized across political parties and by all three branches of government.
