#cyberespionage

#cyberespionage

The attacker was using API calls to communicate with SaaS apps as command-and-control (C2) infrastructure to disguise their malicious traffic as benign, a common tactic used by threat actors when attempting to improve the stealth of their intrusions. Rather than abusing a weakness or security flaw, attackers rely on cloud-hosted products to function correctly and make their malicious traffic seem legitimate.

While this is a good start, traditional red-and-blue teaming cannot match the speed and complexity of modern adoption and AI-driven systems. Instead, agencies should look to combine continuous attack simulations with automated defense adjustments, enabling an automated purple teaming approach. Purple teaming shifts the paradigm from one-off testing to continuous, autonomous GenAI security by allowing agents to simulate AI-specific attacks and initiate immediate remediation within the same platform.

The Telegraph reports that the activity focused on phones used by senior aides around former prime ministers Boris Johnson, Liz Truss, and Rishi Sunak, with the suspected access stretching back to 2021. Intelligence sources described the compromise as extensive, with one saying the activity went "right into the heart of Downing Street," although it remains unclear whether the prime ministers' own devices were accessed directly.

Two people allegedly linked to China's infamous Salt Typhoon espionage hacking group seem to have previously received training through Cisco's prominent, long-running networking academy. Meanwhile, warnings are increasingly emerging from United States lawmakers in Congress that safeguards on expanded US wiretap powers have been failing, allowing US intelligence agencies to access more of Americans' data without adequate constraints. If you've been having trouble keeping track of all of the news and data coming out about infamous sex offender Jeffrey Epstein,

Suspected Chinese government-backed hackers have breached computer systems of U.S. law firm Williams & Connolly, which has represented some of America's most powerful politicians, as part of a larger spying campaign against multiple law firms, according to a letter the firm sent clients and a source familiar with the hack. The cyber intrusions have hit the email accounts of select attorneys at these law firms, as Beijing continues a broader effort to gather intelligence to support its multi-front competition with the U.S.