Ethical Hacking News
The rise of Shadow AI poses a significant threat to global security. Organizations must take proactive measures to secure their apps and networks against this menace. Learn how to detect and block Shadow AI in our upcoming webinar, and discover the latest tools and strategies for securing your identity lifecycle.
Shadow AI is infiltrating apps and networks without permission or oversight, posing a significant risk to global security.Social engineering and deepfakes are becoming increasingly popular tools for attackers.Enterprises must secure the entire identity lifecycle to prevent cyberattacks before they happen.New tools like GoResolver and Matano can help detect and block AI threats.Attackers are leveraging legitimate credentials, including VPN credentials, to gain access to sensitive systems.Identity-based attacks bypass security barriers, allowing threat actors to infiltrate networks undetected.Password management strategies are crucial to prevent successful logins across websites protected by Cloudflare.MFA applications were most frequently targeted in MFA attacks, highlighting the importance of securing identity-based attacks.New threats like OilRig and Classiscam are on the rise, including spear-phishing lures and automated scam-as-a-service operations.
The world of artificial intelligence (AI) has come a long way since its inception, revolutionizing numerous industries and aspects of our lives. From virtual assistants to self-driving cars, AI has proven to be an indispensable tool for humanity. However, with great power comes great responsibility, and the dark side of AI is slowly emerging as a significant threat to global security.
According to recent reports, Shadow AI is already inside many apps and networks, posing a significant risk to organizations worldwide. This phenomenon refers to AI tools that are used without permission or oversight by security teams. These malicious AI entities can quietly connect to critical systems like Salesforce, creating hidden risks that traditional defenses often miss. Dvir Sasson, Director of Security Research at Reco, will be discussing this issue in an upcoming webinar, where he will reveal the ways in which Shadow AI is infiltrating apps and networks, and provide tips on how to lock it down.
Moreover, social engineering and deepfakes are becoming increasingly popular tools for attackers. Phishing-resistant MFA and device trust are essential components of a robust security strategy, but these measures are often insufficient against sophisticated attacks. Therefore, it is crucial for enterprises to secure the entire identity lifecycle – from enrollment to daily access to recovery – in order to prevent cyberattacks before they happen.
Cybersecurity experts have identified several new tools that can help organizations detect and block AI threats. GoResolver, an open-source tool developed by Volexity, uses control-flow graph similarity to recover hidden function names and reveal package structures automatically. Matano, another cloud-native security data lake built for AWS, provides security teams with full control over their logs without vendor lock-in.
However, attackers are not just relying on AI threats; they are also leveraging legitimate credentials to gain access to sensitive systems. This is particularly true in the case of VPN credentials, which can be abused to gain unrestricted access to systems with elevated privileges that mirror those of legitimate employees or administrators.
The use of legitimate credentials by threat actors entirely bypasses security barriers, giving them a "direct path to infiltrate networks, steal data, and deploy ransomware undetected." Identity-based attacks are attractive to threat actors because they can allow an adversary to carry out a range of malicious operations, often with minimal effort or without meeting much resistance from a security standpoint.
According to Cisco Talos, 41% of successful logins across websites protected by Cloudflare involve compromised passwords. This highlights the importance of robust password management strategies and the need for organizations to verify that their employees' credentials are valid and up-to-date.
Furthermore, data gathered by the company shows that Identity and access management (IAM) applications were most frequently targeted in MFA attacks, accounting for 24% of all attacks targeting multi-factor authentication (MFA). This further emphasizes the importance of securing identity-based attacks.
In addition to these AI-related threats, other malicious operations are also on the rise. The Iranian hacking group known as OilRig has been attributed to a series of cyberattacks against Iraqi state entities since 2024 that involve spear-phishing lures and backdoors. These attacks can execute commands, gather host information, and upload/download files using HTTP and email for C2 communications.
The PyTorch Lightning version 2.4.0 and earlier has several deserialization vulnerabilities that could potentially be exploited to execute malicious code when loading machine learning models from unknown or untrusted sources. The CERT Coordination Center (CERT/CC) warned of these issues, stating that a user could unknowingly load a malicious file from local or remote locations containing embedded code that executes within the system's context, potentially leading to full system compromise.
Another threat on the rise is Classiscam, an automated scam-as-a-service operation that uses Telegram bots to create fake websites impersonating legitimate services in an attempt to deceive victims into sharing their financial details. This scam also involves posing as a buyer or seller on online platforms to trick victims into transferring money for non-existent goods or services.
In conclusion, the world of AI has come to represent a significant threat to global security. Organizations must take proactive measures to secure their apps and networks against Shadow AI, social engineering, and deepfakes. By implementing robust security strategies, including phishing-resistant MFA, device trust, and identity-based attacks, organizations can prevent cyberattacks before they happen.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Dark-Side-of-AI-The-Unseen-Threats-Lurking-in-Your-Apps-and-Networks-ehn.shtml
https://thehackernews.com/2025/04/weekly-recap-vpn-exploits-oracles.html
Published: Mon Apr 7 09:45:26 2025 by llama3.2 3B Q4_K_M
