Cybersecurity Strategy, AI Risks, and US University Phishing Attacks

US National Security Strategy and Cyber Influence

• 🇺🇸 The White House released a new 33-page National Security Strategy prioritizing technology leadership and economic protection.
• 🎯 The strategy emphasizes controlling advanced technologies and countering foreign cyber-enabled threats, with China's IP theft and influence operations as major targets.
• 🤝 It calls for real-time network discovery, attribution, and response through close government-private industry cooperation and hardened communication networks.
• 🌍 A shift from democracy promotion to self-interest may lead to a more fractured global landscape, with Europe potentially weakening cyber defense coordination.

AI and Prompt Injection Risks

• ⚠️ The UK's NCSC warns that Large Language Models (LLMs) may never be fully protected from prompt injection attacks.
• 🧠 LLMs can confuse user input for commands, allowing attackers to extract data or manipulate decisions due to their inherent inability to separate instructions from data.
• 🚨 Prompt injection is considered a persistent risk, potentially triggering global security breaches unless systems are designed with strong limitations and careful risk management.

Cyber Threats and Vulnerabilities

• 🎓 A report indicates at least 18 US universities were targeted by a months-long phishing campaign using the evil jinx toolkit to bypass MFA by stealing session cookies.
• 🇷🇺 Russian authorities have restricted FaceTime and Snapchat, citing their use in criminal activities as part of a broader effort to tighten control over online communications.
• 🏥 A bipartisan group of senators is reviving the Health Care Cybersecurity and Resiliency Act to modernize regulations and improve cyber security readiness in the health sector.
• 🇵🇹 Portugal has amended its cyber security law to create a legal safe harbor for good-faith security researchers, exempting certain hacking activities under strict conditions.
• 🌐 A large-scale campaign has targeted Palo Alto GlobalProtect portals and Sonic Wall API endpoints, primarily using credential stuffing and scanning activities.
• 🇰🇵 A Maryland man was sentenced for his role in a scheme allowing North Korean IT workers to use his identity to obtain US software development jobs, funding sanctioned government operations.

Business Brief and AI Hoaxes

• 💰 Cybersecurity funding remains strong, with several firms like Zaffron Security, Augment, and Code Notary announcing significant investments.
• 🤝 M&A activity includes ServiceNow's planned acquisition of identity service company Vasa for a reported $1 billion.
• 🚆 An AI-generated image falsely claimed a bridge collapse in northern England, causing brief train ground halts and delays while inspectors confirmed the bridge's integrity.