Tag: Cyber Security

Sep 19, 2025The Hacker NewsAI Automation / Security Operations

Run by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community – all free to import and deploy through the platform’s Community Edition.

The workflow we are highlighting streamlines security alert handling by automatically identifying and executing the appropriate Standard Operating Procedures (SOPs) from Confluence. When an alert triggers, AI agents analyze it, locate relevant SOPs, and perform required remediation steps – all while keeping the on-call team informed via Slack.

It was created by Michael Tolan, Security Researcher L2 at Tines, and Peter Wrenn, Senior Solutions Engineer at Tines.

In this guide, we’ll share an overview of the workflow, plus step-by-step instructions for getting it up and running.

The problem – manual alert triage and SOP execution

For security teams, responding to alerts efficiently requires quickly identifying the threat type, locating the appropriate SOP, and executing the required remediation steps.

From a workflow perspective, teams often have to:

• Manually analyze incoming security alerts
• Search through Confluence for relevant SOPs
• Document findings and actions in case management systems
• Execute multiple remediation steps across different security tools
• Update the case management system again after the fact
• Notify stakeholders about incidents and actions taken

This manual process is time-consuming, prone to human error, and can lead to inconsistent handling of similar alerts.

The solution – AI-powered alert triage with automated SOP execution

This prebuilt workflow automates the entire alert triage process by leveraging AI agents and Confluence SOPs. The workflow helps security teams respond faster and more consistently by:

• Using AI to analyze and classify incoming alerts
• Automatically locating relevant SOPs in Confluence
• Creating structured case records for tracking
• Deploying a second AI agent (subagent) to execute remediation steps
• Documenting all actions and notifying the on-call team via Slack

The result is a streamlined response to security alerts that ensures consistent handling according to established procedures.

Key benefits of this workflow

• Reduced mean time to remediation (MTTR)
• Consistent application of security procedures
• Comprehensive documentation of all actions taken
• Reduced analyst fatigue from repetitive tasks
• Improved visibility through automated notifications

Workflow overview

Tools used:

• Tines – workflow orchestration and AI platform (free Community Edition available)
• Confluence – knowledge management platform for SOPs

This specific workflow also uses the following pieces of software. However, you can use whatever enrichment/remediation tools currently existing within your technology stack alongside Tines and Confluence.

• CrowdStrike – threat intelligence and EDR platform
• AbuseIPDB – IP reputation database
• EmailRep – email reputation service
• Okta – identity and access management
• Slack – team collaboration platform
• Tavily – AI research tool
• URLScan.io – URL analysis service
• VirusTotal – file and URL scanning service

How it works

Part 1: Alert Ingestion and Analysis

• Receive security alert from integrated security tools
• AI agent analyzes the alert to determine type and severity
• System searches Confluence for relevant SOPs based on alert classification
• Create a case record with alert details and identified SOP

Part 2: Remediation and Documentation

• Second AI agent reviews the case and SOP instructions
• AI agent orchestrates remediation actions across appropriate security tools
• All actions are documented in the case history
• Slack notification is sent to the on-call team with alert details and actions taken

Configuring the workflow – step-by-step guide

1. Log into Tines or create a new account.

2. Navigate to the pre-built workflow in the library. Select import.

3. Set up your credentials

You’ll need credentials for all the tools used in this workflow. You can add or remove whatever tools you wish to suit your environment.

• Confluence
• CrowdStrike
• AbuseIPDB
• EmailRep
• Okta
• Slack
• Tavily
• URLScan.io
• VirusTotal

From the credentials page, select New credential, scroll down to the relevant credential and complete the required fields. Follow the credential guides at explained.tines.com if you need help.

4. Configure your actions.

Set your environment variables. In this particular workflow, that specifically requires setting the Slack channel for notifications (hardcoded to #alerts by default, but can be adjusted in the Slack action).

5. Customize the AI prompts

The workflow includes two key AI agents:

• Alert Analysis Agent: Customize the prompt to help identify alert types
• Remediation Agent: Customize the prompt to guide remediation actions

6. Test the workflow.

Create a test alert to verify:

• Alert is properly classified
• Correct SOP is retrieved from Confluence
• Case is created with appropriate details
• Remediation steps are executed
• Slack notification is sent

7. Publish and operationalize

Once tested, publish the workflow and integrate with your security tools to begin receiving live alerts.

If you’d like to test this workflow, you can sign up for a free Tines account.

Cybersecurity researchers have discerned evidence of two Russian hacking groups Gamaredon and Turla collaborating together to target and co-comprise Ukrainian entities.

Slovak cybersecurity company ESET said it observed the Gamaredon tools PteroGraphin and PteroOdd being used to execute Turla group’s Kazuar backdoor on an endpoint in Ukraine in February 2025, indicating that Turla is very likely actively collaborating with Gamaredon to gain access to specific machines in Ukraine and deliver the Kazuar backdoor.

“PteroGraphin was used to restart the Kazuar v3 backdoor, possibly after it crashed or was not launched automatically,” ESET said in a report shared with The Hacker News. “Thus, PteroGraphin was probably used as a recovery method by Turla.”

In a separate instance in April and June 2025, ESET said it also detected the deployment of Kazuar v2 through two other Gamaredon malware families tracked as PteroOdd and PteroPaste.

Both Gamaredon (aka Aqua Blizzard and Armageddon) and Turla (aka Secret Blizzard and Venomous Bear) are assessed to be affiliated with the Russian Federal Security Service (FSB), and are known for their attacks targeting Ukraine.

“Gamaredon has been active since at least 2013. It is responsible for many attacks, mostly against Ukrainian governmental institutions,” ESET said.

“Turla, also known as Snake, is an infamous cyber espionage group that has been active since at least 2004, possibly extending back into the late 1990s. It mainly focuses on high-profile targets, such as governments and diplomatic entities, in Europe, Central Asia, and the Middle East. It is known for having breached major organizations such as the US Department of Defense in 2008 and the Swiss defense company RUAG in 2014.”

The cybersecurity company said Russia’s full-scale invasion of Ukraine in 2022 likely fueled this convergence, with the attacks primarily focusing on the Ukrainian defense sector in recent months.

One of Turla’s staple implants is Kazuar, a frequently updated malware that has previously leveraged Amadey bots to deploy a backdoor called Tavdig, which then drops the .NET-based tool. Early artifacts associated with the malware have been spotted in the wild as far back as 2016, per Kaspersky.

PteroGraphin, PteroOdd, and PteroPaste, on the other hand, are part of a growing arsenal of tools developed by Gamaredeon to deliver additional payloads. PteroGraphin is a PowerShell tool that uses Microsoft Excel add-ins and scheduled tasks as a persistence mechanism and uses the Telegraph API for command-and-control (C2). It was first discovered in August 2024.

The exact initial access vector used by Gamaredon is not clear, but the group has a history of using spear-phishing and malicious LNK files on removable drives using tools like PteroLNK for propagation.

In all, Turla-related indicators have been detected on seven machines in Ukraine over the past 18 months, out of which four were breached by Gamaredon in January 2025. The deployment of the latest version of Kazuar (Kazuar v3) is said to have taken place towards the end of February.

“Kazuar v2 and v3 are fundamentally the same malware family and share the same codebase,” ESET said. “Kazuar v3 comprises around 35% more C# lines than Kazuar v2 and introduces additional network transport methods: over web sockets and Exchange Web Services.”

The attack chain involved Gamaredon deploying PteroGraphin, which was used to download a PowerShell downloader dubbed PteroOdd that, in turn, retrieved a payload from Telegraph to execute Kazuar. The payload is also designed to gather and exfiltrate the victim’s computer name and system drive’s volume serial number to a Cloudflare Workers sub-domain, before launching Kazuar.

That said, it’s important to note here that there are signs suggesting Gamaredon downloaded Kazuar, as the backdoor is said to have been present on the system since February 11, 2025.

In a sign that this was not an isolated phenomenon, ESET revealed that it identified another PteroOdd sample on a different machine in Ukraine in March 2025, on which Kazuar was also present. The malware is capable of harvesting a wide range of system information, along with a list of installed .NET versions, and transmitting them to an external domain (“eset.ydns[.]eu”).

The fact that Gamaredon’s toolset lacks any .NET malware and Turla’s Kazuar is based in .NET suggests this data gathering step is likely meant for Turla, the company assessed with medium confidence.

The second set of attacks was detected in mid-April 2025, when PteroOdd was used to drop another PowerShell downloader codenamed PteroEffigy, which ultimately contacted the “eset.ydns[.]eu” domain to deliver Kazuar v2 (“scrss.ps1”), which was documented by Palo Alto Networks in late 2023.

ESET said it also detected a third attack chain on June 5 and 6, 2025, it observed a PowerShell downloader referred to as PteroPaste being employed to drop and install Kazuar v2 (“ekrn.ps1”) from the domain “91.231.182[.]187” on two machines located in Ukraine. The use of the name “ekrn” is possibly an attempt by threat actors to masquerade as “ekrn.exe,” a legitimate binary associated with ESET endpoint security products.

“We now believe with high confidence that both groups – separately associated with the FSB – are cooperating and that Gamaredon is providing initial access to Turla,” ESET researchers Matthieu Faou and Zoltán Rusnák said.

Sep 19, 2025Ravie LakshmananRansomware / Cybercrime

Law enforcement authorities in the U.K. have arrested two teen members of the Scattered Spider hacking group in connection with their alleged participation in an August 2024 cyber attack targeting Transport for London (TfL), the city’s public transportation agency.

Thalha Jubair (aka EarthtoStar, Brad, Austin, and @autistic), 19, from East London and Owen Flowers, 18, from Walsall, West Midlands were arrested at their home addresses on Tuesday, the National Crime Agency (NCA) said. They are 19 and 18, respectively.

It’s worth noting that Flowers was initially arrested for his alleged involvement in the TfL attack in September 2024, but was subsequently released on bail. The agency said it found evidence of Flowers targeting U.S. healthcare companies, and that he has also been charged with conspiring with others to infiltrate and damage the networks of SSM Health Care Corporation and Sutter Health.

Jubair has also been charged under the Regulation of Investigatory Powers Act (RIPA) 2000 for failing to surrender PINs and passwords for devices seized by law enforcement from him on March 19, 2025.

“This attack caused significant disruption and millions in losses to TfL, part of the UK’s critical national infrastructure,” Deputy Director Paul Foster, head of the NCA’s National Cyber Crime Unit, said. “Earlier this year, the NCA warned of an increase in the threat from cyber criminals based in the U.K. and other English-speaking countries, of which Scattered Spider is a clear example.”

In tandem, the U.S. Department of Justice (DoJ) unsealed a complaint charging Jubair with conspiracies to commit computer fraud, wire fraud, and money laundering in relation to at least 120 computer network intrusions and extorting 47 U.S. entities from May 2022 to September 2025.

These attacks involved the use of social engineering techniques to gain unauthorized access to the target networks, and then leveraging that access to steal and encrypt information, and demand ransom from victims in return for regaining control and preventing the leak of the exfiltrated data.

According to the complaint, victims paid at least $115,000,000 in ransom payments. The incidents, the DoJ added, caused widespread disruption to U.S. businesses and organizations, including critical infrastructure and the federal court system, in October 2024 and January 2025.

In July 2024, the DoJ said law enforcement seized cryptocurrency wallets on a server allegedly controlled by Jubair and confiscated digital assets worth about $36 million at the time. Jubair is also said to have transferred a portion of the proceeds that originated from one of the victims, worth about $8.4 million at the time, to another wallet.

Jubair has been charged with computer fraud conspiracy, two counts of computer fraud, wire fraud conspiracy, two counts of wire fraud, and money laundering conspiracy. If convicted, he faces a maximum penalty of 95 years in prison.

“Jubair went to great and sophisticated lengths to keep himself anonymous while he and his criminal associates continued to attack these victims and extort tens of millions of dollars in ransom payments,” said Alina Habba, Acting U.S. Attorney and Special Attorney for the District of New Jersey.

Sep 19, 2025Ravie LakshmananData Breach / Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of two sets of malware that were discovered in an unnamed organization’s network following the exploitation of security flaws in Ivanti Endpoint Manager Mobile (EPMM).

“Each set contains loaders for malicious listeners that enable cyber threat actors to run arbitrary code on the compromised server,” CISA said in an alert.

The vulnerabilities that were exploited in the attack include CVE-2025-4427 and CVE-2025-4428, both of which have been abused as zero-days prior to them being addressed by Ivanti in May 2025.

While CVE-2025-4427 concerns an authentication bypass that allows attackers to access protected resources, CVE-2025-4428 enables remote code execution. As a result, the two flaws could be chained to execute arbitrary code on a vulnerable device without authentication.

According to CISA, the threat actors gained access to server running EPMM by combing the two vulnerabilities around May 15, 2025, following the publication of a proof-of-concept (PoC) exploit.

This permitted the attackers to run commands that made it possible to collect system information, download malicious files, list the root directory, map the network, execute scripts to create a heapdump, and dump Lightweight Directory Access Protocol (LDAP) credentials, the agency added.

Further analysis determined that the cyber threat actors dropped two sets of malicious files to the “/tmp” directory, each of which enabled persistence by injecting and running arbitrary code on the compromised server:

• Set 1 – web-install.jar (aka Loader 1), ReflectUtil.class, and SecurityHandlerWanListener.class
• Set 2 – web-install.jar (aka Loader 2) and WebAndroidAppInstaller.class

Specifically, both sets contain a loader which launches a malicious compiled Java class listener that intercepts specific HTTP requests and processes them to decode and decrypt payloads for subsequent execution.

“ReflectUtil.class manipulates Java objects to inject and manage the malicious listener SecurityHandlerWanListener in Apache Tomcat,” CISA said. “[SecurityHandlerWanListener.class] malicious listener that intercepts specific HTTP requests and processes them to decode and decrypt payloads, which dynamically create and execute a new class.”

WebAndroidAppInstaller.class, on the other hand, works differently by retrieving and decrypting a password parameter from the request using a hard-coded key, the contents of which are used to define and implement a new class. The result of the execution of the new class is then encrypted using the same hard-coded key and generates a response with the encrypted output.

The end result is that it allows the attackers to inject and execute arbitrary code on the server, enabling follow-on activity and persistence, as well as exfiltrate data by intercepting and processing HTTP requests.

To stay protected against these attacks, organizations are advised to update their instances to the latest version, monitor for signs of suspicious activity, and implement necessary restrictions to prevent unauthorized access to mobile device management (MDM) systems.

Sep 18, 2025Ravie LakshmananData Breach / Network Security

SonicWall is urging customers to reset credentials after their firewall configuration backup files were exposed in a security breach impacting MySonicWall accounts.

The company said it recently detected suspicious activity targeting the cloud backup service for firewalls, and that unknown threat actors accessed backup firewall preference files stored in the cloud for less than 5% of its customers.

“While credentials within the files were encrypted, the files also included information that could make it easier for attackers to potentially exploit the related firewall,” the company said.

The network security company said it’s not aware of any of these files being leaked online by the threat actors, adding it was not a ransomware event targeting its network.

“Rather this was a series of brute-force attacks aimed at gaining access to the preference files stored in backup for potential further use by threat actors,” it noted. It’s currently not known who is responsible for the attack.

As a result of the incident, the company is urging customers to follow the steps below –

• Login to MySonicWall.com and verify if cloud backups are enabled
• Verify if affected serial numbers have been flagged in the accounts
• Initiate containment and remediation procedures by limiting access to services from WAN, turning off access to HTTP/HTTPS/SSH Management, disabling access to SSL VPN and IPSec VPN, reset passwords and TOTPs saved on the firewall, and review logs and recent configuration changes for unusual activity

In addition, affected customers have also been recommended to import fresh preferences files provided by SonicWall into the firewalls. The new preferences file includes the following changes –

• Randomized password for all local users
• Reset TOTP binding, if enabled
• Randomized IPSec VPN keys

“The modified preferences file provided by SonicWall was created from the latest preferences file found in cloud storage,” it said. “If the latest preferences file does not represent your desired settings, please do not use the file.”

The disclosure comes as threat actors affiliated with the Akira ransomware group have continued to target unpatched SonicWall devices for obtaining initial access to target networks by exploiting a year-old security flaw (CVE-2024-40766, CVSS score: 9.3).

Earlier this week, cybersecurity company Huntress detailed an Akira ransomware incident involving the exploitation of SonicWall VPNs in which the threat actors leveraged a plaintext file containing recovery codes of its security software to bypass multi-factor authentication (MFA), suppress incident visibility, and attempt to remove endpoint protections.

“In this incident, the attacker used exposed Huntress recovery codes to log into the Huntress portal, close active alerts, and initiate the uninstallation of Huntress EDR agents, effectively attempting to blind the organization’s defenses and leave it vulnerable to follow-on attacks,” researchers Michael Elford and Chad Hudson said.

“This level of access can be weaponized to disable defenses, manipulate detection tools, and execute further malicious actions. Organizations should treat recovery codes with the same sensitivity as privileged account passwords.”

Cybersecurity researchers have discovered a new malware loader codenamed CountLoader that has been put to use by Russian ransomware gangs to deliver post-exploitation tools like Cobalt Strike and AdaptixC2, and a remote access trojan known as PureHVNC RAT.

“CountLoader is being used either as part of an Initial Access Broker’s (IAB) toolset or by a ransomware affiliate with ties to the LockBit, Black Basta, and Qilin ransomware groups,” Silent Push said in an analysis.

Appearing in three different versions – .NET, PowerShell, and JavaScript – the emerging threat has been observed in a campaign targeting individuals in Ukraine using PDF-based phishing lures and impersonating the National Police of Ukraine.

It’s worth noting that the PowerShell version of the malware was previously flagged by Kaspersky as being distributed using DeepSeek-related decoys to trick users into installing it.

The attacks, per the Russian cybersecurity vendor, led to the deployment of an implant named BrowserVenom that can reconfigure all browsing instances to force traffic through a proxy controlled by the threat actors, enabling the attackers to manipulate network traffic and collect data.

Silent Push’s investigation has found the JavaScript version is the most fleshed out implementation of the loader, offering six different methods for file downloading, three different methods for executing various malware binaries, and a predefined function to identify a victim’s device based on Windows domain information.

The malware is also capable of gathering system information, setting up persistence on the host by creating a scheduled task that impersonates a Google update task for the Chrome web browser, and connecting to a remote server to await further instructions.

This includes the ability to download and run DLL and MSI installer payloads using rundll32.exe and msiexec.exe, transmit system metadata, and delete the created scheduled task. The six methods used to download files involve the use of curl, PowerShell, MSXML2.XMLHTTP, WinHTTP.WinHttpRequest.5.1, bitsadmin, and certutil.exe.

“By using LOLBins like ‘certutil’ and ‘bitsadmin,’ and by implementing an ‘on the fly’ command encryption PowerShell generator, CountLoader’s developers demonstrate here an advanced understanding of the Windows operating system and malware development,” Silent Push said.

A notable aspect of CountLoader is its use of the victim’s Music folder as a staging ground for malware. The .NET flavor shares some degree of functional crossover with its JavaScript counterpart, but supports only two different types of commands (UpdateType.Zip or UpdateType.Exe), indicating a reduced, stripped-down version.

CountLoader is supported by an infrastructure comprising over 20 unique domains, with the malware serving as a conduit for Cobalt Strike, AdaptixC2, and PureHVNC RAT, the last of which is a commercial offering from a threat actor known as PureCoder. It’s worth pointing out that PureHVNC RAT is a predecessor to PureRAT, which is also referred to as ResolverRAT.

Recent campaigns distributing PureHVNC RAT have leveraged the tried-and-tested ClickFix social engineering tactic as a delivery vector, with victims lured to the ClickFix phishing page through fake job offers, per Check Point. The trojan is deployed by means of a Rust-based loader.

“The attacker lured the victim through fake job advertisements, allowing the attacker to execute malicious PowerShell code through the ClickFix phishing technique,” the cybersecurity company said, describing PureCoder as using a revolving set of GitHub accounts to host files that support the functionality of PureRAT.

Analysis of the GitHub commits has revealed that activity was carried out from the timezone UTC+03:00, which corresponds to many countries, including Russia, among others.

The development comes as the DomainTools Investigations team has uncovered the interconnected nature of the Russian ransomware landscape, identifying threat actor movements across groups and the use of tools like AnyDesk and Quick Assist, suggesting operational overlaps.

“Brand allegiance among these operators is weak, and human capital appears to be the primary asset, rather than specific malware strains,” DomainTools said. “Operators adapt to market conditions, reorganize in response to takedowns, and trust relationships are critical. These individuals will choose to work with people they know, regardless of the name of the organization.”

AI’s growing role in enterprise environments has heightened the urgency for Chief Information Security Officers (CISOs) to drive effective AI governance. When it comes to any emerging technology, governance is hard – but effective governance is even harder. The first instinct for most organizations is to respond with rigid policies. Write a policy document, circulate a set of restrictions, and hope the risk is contained. However, effective governance doesn’t work that way. It must be a living system that shapes how AI is used every day, guiding organizations through safe transformative change without slowing down the pace of innovation.

For CISOs, finding that balance between security and speed is critical in the age of AI. This technology simultaneously represents the greatest opportunity and greatest risk enterprises have faced since the dawn of the internet. Move too fast without guardrails, and sensitive data leaks into prompts, shadow AI proliferates, or regulatory gaps become liabilities. Move too slow, and competitors pull ahead with transformative efficiencies that are too powerful to compete with. Either path comes with ramifications that can cost CISOs their job.

In turn, they cannot lead a “department of no” where AI adoption initiatives are stymied by the organization’s security function. It is crucial to instead find a path to yes, mapping governance to organizational risk tolerance and business priorities so that the security function serves as a true revenue enabler. Over the course of this article, I’ll share three components that can help CISOs make that shift and drive AI governance programs that enable safe adoption at scale.

1. Understand What’s Happening on the Ground

When ChatGPT first arrived in November 2022, most CISOs I know scrambled to publish strict policies that told employees what not to do. It came from a place of positive intent considering sensitive data leakage was a legitimate concern. However, while policies written from that “document backward” approach are great in theory, they rarely work in practice. Due to how fast AI is evolving, AI governance must be designed through a “real-world forward” mindset that accounts for what’s really happening on the ground inside an organization. This requires CISOs to have a foundational understanding of AI: the technology itself, where it is embedded, which SaaS platforms are enabling it, and how employees are using it to get their jobs done.

AI inventories, model registries, and cross-functional committees may sound like buzzwords, but they are practical mechanisms that can help security leaders develop this AI fluency. For example, an AI Bill of Materials (AIBOM) offers visibility into the components, datasets, and external services that will feed an AI model. Just as a software bill of materials (SBOM) clarifies third-party dependencies, an AIBOM ensures leaders know what data is being used, where it came from, and what risks it introduces.

Model registries serve a similar role for AI systems already in use. They track which models are deployed, when they were last updated, and how they’re performing to prevent “black box sprawl” and inform decisions about patching, decommissioning, or scaling usage. AI committees ensure that oversight doesn’t fall on security or IT alone. Often chaired by a designated AI lead or risk officer, these groups include representatives from legal, compliance, HR, and business units – turning governance from a siloed directive into a shared responsibility that bridges security concerns with business outcomes.

2. Align Policies to the Speed of the Organization

Without real-world forward policies, security leaders often fall into the trap of codifying controls they cannot realistically deliver. I’ve seen this firsthand through a CISO colleague of mine. Knowing employees were already experimenting with AI, he worked to enable the responsible adoption of several GenAI applications across his workforce. However, when a new CIO joined the organization and felt there were too many GenAI applications in use, the CISO was directed to ban all GenAI until one enterprise-wide platform was selected. Fast forward one year later, that single platform still hadn’t been implemented, and employees were using unapproved GenAI tools that exposed the organization to shadow AI vulnerabilities. The CISO was stuck trying to enforce a blanket ban he couldn’t execute, fielding criticism without the authority to implement a workable solution.

This kind of scenario plays out when policies are written faster than they can be executed, or when they fail to anticipate the pace of organizational adoption. Policies that look decisive on paper can quickly become obsolete if they don’t evolve with leadership changes, embedded AI functionality, and the organic ways employees integrate new tools into their work. Governance must be flexible enough to adapt, or else it risks leaving security teams enforcing the impossible.

The way forward is to design policies as living documents. They should evolve as the business does, informed by actual use cases and aligned to measurable outcomes. Governance also can’t stop at policy; it needs to cascade into standards, procedures, and baselines that guide daily work. Only then do employees know what secure AI adoption really looks like in practice.

3. Make AI Governance Sustainable

Even with strong policies and roadmaps in place, employees will continue to use AI in ways that aren’t formally approved. The goal for security leaders shouldn’t be to ban AI, but to make responsible use the easiest and most attractive option. That means equipping employees with enterprise-grade AI tools, whether purchased or homegrown, so they do not need to reach for insecure alternatives. In addition, it means highlighting and reinforcing positive behaviors so that employees see value in following the guardrails rather than bypassing them.

Sustainable governance also stems from Utilizing AI and Protecting AI, two pillars of the SANS Institute’s recently published Secure AI Blueprint. To govern AI effectively, CISOs should empower their SOC teams to effectively utilize AI for cyber defense – automating noise reduction and enrichment, validating detections against threat intelligence, and ensuring analysts remain in the loop for escalation and incident response. They should also ensure the right controls are in place to protect AI systems from adversarial threats, as outlined in the SANS Critical AI Security Guidelines.

Learn More at SANS Cyber Defense Initiative 2025

This December, SANS will be offering LDR514: Security Strategic Planning, Policy, and Leadership at SANS Cyber Defense Initiative 2025 in Washington, D.C. This course is designed for leaders who want to move beyond generic governance advice and learn how to build business-driven security programs that steer organizations to safe AI adoption. It will cover how to create actionable policies, align governance with business strategy, and embed security into culture so you can lead your enterprise through the AI era securely.

If you’re ready to turn AI governance into a business enabler, register for SANS CDI 2025 here.

Note: This article was contributed by Frank Kim, SANS Institute Fellow.

Sep 18, 2025Ravie LakshmananMalware / Supply Chain Attack

Cybersecurity researchers have discovered two new malicious packages in the Python Package Index (PyPI) repository that are designed to deliver a remote access trojan called SilentSync on Windows systems.

“SilentSync is capable of remote command execution, file exfiltration, and screen capturing,” Zscaler ThreatLabz’s Manisha Ramcharan Prajapati and Satyam Singh said. “SilentSync also extracts web browser data, including credentials, history, autofill data, and cookies from web browsers like Chrome, Brave, Edge, and Firefox.”

The packages, now no longer available for download from PyPI, are listed below. They were both uploaded by a user named “CondeTGAPIS.”

• sisaws (201 Downloads)
• secmeasure (627 Downloads)

Zscaler said the package sisaws mimics the behavior of the legitimate Python package sisa, which is associated with Argentina’s national health information system, Sistema Integrado de Información Sanitaria Argentino (SISA).

However, present in the library is a function called “gen_token()” in the initialization script (__init__.py) that acts as a downloader for a next-stage malware. To achieve this, it sends a hard-coded token as input, and receives as response a secondary static token in a manner that’s similar to the legitimate SISA API.

“If a developer imports the sisaws package and invokes the gen_token function, the code will decode a hexadecimal string that reveals a curl command, which is then used to fetch an additional Python script,” Zscaler said. “The Python script retrieved from PasteBin is written to the filename helper.py in a temporary directory and executed.”

Secmeasure, in a similar fashion, masquerades as a “library for cleaning strings and applying security measures,” but harbors embedded functionality to drop SilentSync RAT.

SilentSync is mainly geared towards infecting Windows systems at this stage, but the malware is also equipped with built-in features for Linux and macOS as well, making Registry modifications on Windows, altering the crontab file on Linux to execute the payload on system startup, and registering a LaunchAgent on macOS.

The package relies on the secondary token’s presence to send an HTTP GET request to a hard-coded endpoint (“200.58.107[.]25”) in order to receive Python code that’s directly executed in memory. The server supports four different endpoints –

• /checkin, to verify connectivity
• /comando, to request commands to execute
• /respuesta, to send a status message
• /archivo, to send command output or stolen data

The malware is capable of harvesting browser data, executing shell commands, capturing screenshots, and stealing files. It can also exfiltrate files and entire directories in the form of ZIP archives. Once the data is transmitted, all the artifacts are deleted from the host to sidestep detection efforts.

“The discovery of the malicious PyPI packages sisaws and secmeasure highlight the growing risk of supply chain attacks within public software repositories,” Zscaler said. “By leveraging typosquatting and impersonating legitimate packages, threat actors can gain access to personally identifiable information (PII).”

Sep 18, 2025Ravie LakshmananVulnerability / Browser Security

Google on Wednesday released security updates for the Chrome web browser to address four vulnerabilities, including one that it said has been exploited in the wild.

The zero-day vulnerability in question is CVE-2025-10585, which has been described as a type confusion issue in the V8 JavaScript and WebAssembly engine.

Type confusion vulnerabilities can have severe consequences as they can be weaponized by bad actors to trigger unexpected software behavior, resulting in the execution of arbitrary code and program crashes.

Google’s Threat Analysis Group (TAG) has been credited with discovering and reporting the flaw on September 16, 2025.

As is typically the case, the company did not share any additional specifics about how the vulnerability is being abused in real-world attacks, by whom, or the scale of such efforts. This is done to prevent other threat actors from exploiting the issue before users can apply a fix.

“Google is aware that an exploit for CVE-2025-10585 exists in the wild,” it acknowledged in a terse advisory.

CVE-2025-10585 is the sixth zero-day vulnerability in Chrome that has been either actively exploited or demonstrated as a proof-of-concept (PoC) since the start of the year. This includes: CVE-2025-2783, CVE-2025-4664, CVE-2025-5419, CVE-2025-6554, and CVE-2025-6558.

To safeguard against potential threats, it’s advised to update their Chrome browser to versions 140.0.7339.185/.186 for Windows and Apple macOS, and 140.0.7339.185 for Linux. To make sure the latest updates are installed, users can navigate to More > Help > About Google Chrome and select Relaunch.

Users of other Chromium-based browsers, such as Microsoft Edge, Brave, Opera, and Vivaldi, are also advised to apply the fixes as and when they become available.

The threat actor known as TA558 has been attributed to a fresh set of attacks delivering various remote access trojans (RATs) like Venom RAT to breach hotels in Brazil and Spanish-speaking markets.

Russian cybersecurity vendor Kaspersky is tracking the activity, observed in summer 2025, to a cluster it tracks as RevengeHotels.

“The threat actors continue to employ phishing emails with invoice themes to deliver Venom RAT implants via JavaScript loaders and PowerShell downloaders,” the company said. “A significant portion of the initial infector and downloader code in this campaign appears to be generated by large language model (LLM) agents.”

The findings demonstrate a new trend among cybercriminal groups to leverage artificial intelligence (AI) to bolster their tradecraft.

Known to be active since at least 2015, RevengeHotels has a history of hospitality, hotel, and travel organizations in Latin America with the goal of installing malware on compromised systems.

Early iterations of the threat actor’s campaigns were found to distribute emails with crafted Word, Excel, or PDF documents attached, some of which exploit a known remote code execution flaw in Microsoft Office (CVE-2017-0199) to trigger the deployment of Revenge RAT, NjRAT, NanoCoreRAT, and 888 RAT, as well as a piece of custom malware called ProCC.

Subsequent campaigns documented by Proofpoint and Positive Technologies have demonstrated the threat actor’s ability to refine their attack chains to deliver a wide range of RATs such as Agent Tesla, AsyncRAT, FormBook, GuLoader, Loda RAT, LokiBot, Remcos RAT, Snake Keylogger, and Vjw0rm.

The main goal of the attacks is to capture credit card data from guests and travelers stored in hotel systems, as well as credit card data received from popular online travel agencies (OTAs) such as Booking.com.

According to Kaspersky, the latest campaigns involve sending phishing emails written in Portuguese and Spanish bearing hotel reservation and job application lures to trick recipients into clicking on fraudulent links, resulting in the download of a WScript JavaScript payload.

“The script appears to be generated by a large language model (LLM), as evidenced by its heavily commented code and a format similar to those produced by this type of technology,” the company said. “The primary function of the script is to load subsequent scripts that facilitate the infection.”

This includes a PowerShell script, which, in turn, retrieves a downloader named “cargajecerrr.txt” from an external server and runs it via PowerShell. The downloader, as the name implies, fetches two additional payloads: a loader that’s responsible for launching the Venom RAT malware.

Based on the open-source Quasar RAT, Venom RAT is a commercial tool that’s offered for $650 for a lifetime license. A one-month subscription bundling the malware with HVNC and Stealer components, costs $350.

The malware is equipped to siphon data, act as a reverse proxy, and features an anti-kill protection mechanism to ensure that it runs uninterrupted. To accomplish this, it modifies the Discretionary Access Control List (DACL) associated with the running process to remove any permissions that could interfere with its functioning, and terminates any running process that matches any of the hard-coded processes.

“The second component of this anti-kill measure involves a thread that runs a continuous loop, checking the list of running processes every 50 milliseconds,” Kaspersky said.

“The loop specifically targets those processes commonly used by security analysts and system administrators to monitor host activity or analyze .NET binaries, among other tasks. If the RAT detects any of these processes, it will terminate them without prompting the user.”

The anti-kill feature also comes fitted with the ability to set up persistence on the host using Windows Registry modifications and re-run the malware anytime the associated process is not found in the list of running processes.

Should the malware be executed with elevated privileges, it proceeds to set the SeDebugPrivilege token and marks itself as a critical system process, thereby allowing it to persist even when there is an attempt to terminate the process. It also forces the computer’s display to remain on and prevents it from entering sleep mode.

Lastly, the Venom RAT artifacts incorporate capabilities to spread via removable USB drives and terminate the process associated with Microsoft Defender Antivirus, as well as tamper with the task scheduler and Registry to disable the security program.

“RevengeHotels has significantly enhanced its capabilities, developing new tactics to target the hospitality and tourism sectors,” Kaspersky said. “With the assistance of LLM agents, the group has been able to generate and modify their phishing lures, expanding their attacks to new regions.”