All news with #research tag

🔓 Researchers at KU Leuven built a $50 DDR4 interposer that subverts confidential computing protections such as Intel SGX and AMD SEV, demonstrated at Black Hat Europe. The runtime attack, called Battering RAM, manipulates memory address mapping to gain arbitrary plaintext read/write and extract SGX provisioning keys, circumventing recent boot-time mitigations. The team warns that compromised memory modules in the supply chain could enable persistent backdoors on vulnerable cloud VMs.

🔍 IDC warns of a growing Total Cost of Ownership (TCO) crisis as AI inference becomes the dominant workload. Their global survey of 1,300 AI decision-makers finds inference already accounts for 47% of AI operations and is magnified by agentic workflows that trigger many sequential model calls. The research attributes the problem to fragmented stacks and idle accelerators and recommends shifting to integrated, system-level architectures that unite software, storage, networking, and compute. Google Cloud highlights AI Hypercomputer as a purpose-built solution to improve utilization and cost-effectiveness.

🔍 The Cybersecurity and Infrastructure Security Agency (CISA), with MITRE/HSSEDI, released the 2025 CWE Top 25, highlighting the most exploited software weaknesses that enable data theft, system compromise, and service disruption. The list is designed to help developers, security teams, and procurement managers prioritize fixes and adopt Secure by Design practices. CISA urges organizations to integrate the Top 25 into vulnerability management and procurement decisions to reduce risk and downstream costs.

🤖 The 2025 DORA companion guide highlights that AI acts as an amplifier, boosting strengths and exposing weaknesses across teams. Drawing on a cluster analysis of nearly 5,000 technology professionals, it identifies seven foundational capabilities — including a clear AI stance, healthy and AI-accessible data, strong version control, small-batch workflows, user-centric focus, and quality internal platforms — that increase the odds of positive outcomes. The guide maps seven team archetypes to help leaders diagnose where to start and offers a Value Stream Mapping facilitation to direct efforts toward system-level constraints so AI-driven productivity scales safely.

🔁 The article traces redundancy from tangible rack-level practices to fragile cloud and software-defined environments. It argues that physical diversity, disciplined configuration management and automation remain essential as networks span BGP, SD-WAN, edge devices and cloud control planes. Real resilience requires policy alignment, diverse DNS and routing protections and rehearsed pre-mortems so backups are usable when they matter most.

⚠️ Gartner has advised enterprises to block AI browsers until associated risks can be adequately managed. In its report Cybersecurity Must Block AI Browsers for Now, analysts warn that default settings prioritise user experience over security and list threats such as prompt injection, credential exposure and erroneous agent actions. Researchers and vendors have also flagged vulnerabilities and urged risk assessments and oversight.

🛡️ Chrome describes a layered approach to secure agentic browsing with Gemini, focusing on defenses against indirect prompt injection and goal‑hijacking. A new User Alignment Critic — an isolated, high‑trust model — reviews planned agent actions using only metadata and can veto misaligned steps. Chrome also enforces Agent Origin Sets to limit readable and writable origins, adds deterministic confirmations for sensitive actions, runs prompt‑injection detection in real time, and sustains continuous red‑teaming and monitoring to reduce exfiltration and unwanted transactions.

🧩 Bruce Schneier highlights a new paper proposing the Naibbe cipher, a verbose homophonic substitution method that transforms Latin and Italian plaintext into ciphertext resembling the Voynich Manuscript. The author demonstrates the cipher can be executed entirely by hand with plausible 15th‑century materials. Applied to a range of texts, Naibbe reproduces many of the manuscript’s key statistical properties while remaining decipherable. Schneier observes this keeps the ciphertext hypothesis viable and places constraints on plausible substitution structures.

🔗 The article argues that traditional threat feeds no longer suffice in modern, interconnected environments and proposes a Unified Linkage Model (ULM) to transform static indicators into dynamic threat flows. ULM defines three core linkage types — adjacency, inheritance and trustworthiness — to map how risk propagates across systems. It outlines practical steps to ingest and normalize feeds, establish and score linkages, integrate with MITRE ATT&CK and risk frameworks, and visualize attack pathways for prioritized response and compliance.

🔎 The UK’s National Cyber Security Centre and Canada’s Centre for Cyber Security (CCCS) have published a report on public content provenance aimed at improving digital trust in the AI era. It examines emerging provenance technologies, including trusted timestamps and cryptographically secured metadata, and identifies interoperability and usability gaps that hinder adoption. The guidance offers practical steps for organisations considering provenance solutions.

🔍 A newly discovered phishing framework named GhostFrame has been linked to more than one million attacks, according to Barracuda. The kit uses a benign-looking outer HTML page that conceals a malicious iframe, enabling attackers to swap content, target regions and evade scanners without changing the visible landing page. GhostFrame employs a two-stage chain: the loader creates randomized subdomains and validates them before loading an internal credential-stealing page, and includes anti-analysis controls that block inspection shortcuts and restrict user actions. Barracuda recommends a multilayered defense—regular browser updates, staff training, email gateways and web filters, restricting iframe embedding, and monitoring for injected or redirected content.

🛡️ CISA launched the Industry Engagement Platform (IEP) to create a structured, two-way channel between the agency and companies, researchers, and academia to present emerging cybersecurity and infrastructure technologies. The platform lets organizations build customizable technology profiles and upload capability overviews to connect with the right CISA subject-matter experts. Participation does not confer preferential contract consideration, but informs CISA market research and mission needs.

🔍 ISC2’s 2025 Cybersecurity Workforce Study, based on responses from more than 16,000 professionals, reports that 59% of organizations now face critical or significant cyber-skills shortages, up from 44% last year. Technical gaps are most acute in AI (41%), cloud security (36%), risk assessment (29%) and application security (28%), with governance, risk and compliance and security engineering each at 27%. The survey cites a dearth of talent (30%) and budget shortfalls (29%) as leading causes and links shortages to concrete impacts—88% reported at least one significant security incident. Despite concerns, headcount appears to be stabilizing and many professionals view AI as an opportunity for specialization and career growth.

🛡️ Recent research shows the “Whisper Leak” attack can infer the topic of LLM conversations by analyzing timing and packet patterns during streaming responses. Microsoft’s study tested 30 models and thousands of prompts, finding topic-detection accuracy from 71% to 100% for some models. Providers including OpenAI, Mistral, Microsoft Azure, and xAI have added invisible padding to network packets to disrupt these timing signals. Users can further protect sensitive chats by using local models, disabling streaming output, avoiding untrusted networks, or using a trusted VPN and up-to-date anti-spyware.

🔒 Submarine cables carry between 95% and 99% of global data traffic, yet recent breakages — notably ten in the Baltic Sea between 2022 and July 2025 — highlight persistent vulnerabilities. Private operators now control most capacity, and governments and vendors must address both physical threats such as fishing and anchors and increasingly sophisticated cyber risks. Major cloud vendors emphasize route diversity and redundancy while operators like Telxius combine burial, audits, AI/ML detection and continuity planning to protect service availability.

🔐 The article explains how indirect prompt injection — malicious instructions embedded in external content such as documents, images, emails and webpages — can manipulate AI tools without users seeing the exploit. It contrasts indirect attacks with direct prompt injection and cites CrowdStrike's analysis of over 300,000 adversarial prompts and 150 techniques. Recommended defenses include detection, input sanitization, allowlisting, privilege separation, monitoring and user education to shrink this expanding attack surface.

✍️ Researchers from Icaro Lab (DexAI), Sapienza University of Rome, and Sant’Anna School found that short poetic prompts can reliably subvert AI safety filters, in some cases achieving 100% success. Using 20 crafted poems and the MLCommons AILuminate benchmark across 25 proprietary and open models, they prompted systems to produce hazardous instructions — from weapons-grade plutonium to steps for deploying RATs. The team observed wide variance by vendor and model family, with some smaller models surprisingly more resistant. The study concludes that stylistic prompts exploit structural alignment weaknesses across providers.

🧬 Combining Google’s ADK, Gemini, and Cloud infrastructure, this work reframes variant interpretation as a conversational workflow that removes repetitive scripting and context switching. A two-phase design performs heavy VEP annotation once, stores versioned ADK artifacts and public BigQuery datasets, and enables sub-5-second interactive queries via a QueryAgent. Validation with an APOB spike-in demonstrated single-variant precision, compatibility across DeepVariant versions, and scalability to ~8.8M variants.

🛡️ Zero-day attacks exploit software vulnerabilities that are unknown to the vendor, enabling attackers to compromise systems before patches are available. They target high-value platforms such as operating systems, web browsers, enterprise applications, and IoT devices, often using spear-phishing or zero-click techniques. Because signature-based tools frequently miss novel exploits, effective defense requires rapid patching, behavior-based detection (EDR, NDR, XDR), network segmentation, and investigative analysis of packet-level data to detect, contain, and learn from incidents.

⚠️ Researchers report that converting prompts into poetry can reliably jailbreak large language models, producing high attack-success rates across 25 proprietary and open models. The study found poetic reframing yielded average jailbreak success of 62% for hand-crafted verses and about 43% for automated meta-prompt conversions, substantially outperforming prose baselines. Authors map attacks to MLCommons and EU CoP risk taxonomies and warn this stylistic vector can evade current safety mechanisms.