Safer Internet Day: A Call for Responsibility As we observe Safer Internet Day, we are reminded of our collective responsibility to foster a digital environment that is secure and respectful. This global observance not only promotes safer and more responsible use of online technology but …
Introduction In today’s interconnected world, the importance of digital rights cannot be overstated. While the European Union is making commendable strides in this arena, Australia stands at a pivotal juncture to assert its leadership in championing online freedom. The nation’s commitment to democratic values, coupled …
Federal Judge Tightens DOGE Leash Over Critical Treasury Payment System Access
The Register by Brandon Vigliarolo and Jessica Lyon
A federal judge has mandated stricter regulatory oversight on the integration of Dogecoin (DOGE) within the U.S. Treasury’s critical payment systems, following concerns about the cryptocurrency’s potential to disrupt financial stability. This decision introduces a rigorous review and continuous monitoring framework, reflecting a significant movement towards regulating the use of cryptocurrencies in sensitive government transactions. The measure aims to safeguard against the inherent volatility of digital currencies potentially jeopardising essential financial operations.
Read More
Russia Ramps Up Cybersecurity Systems
The Jamestown Foundation by Luke Rodeheffer
In response to escalating cyber threats, Russia has significantly bolstered its cybersecurity defences. This strategic upgrade targets key national infrastructure, including government communications, critical databases, and energy networks, to shield against foreign cyber espionage and attacks. Alongside enhancing state systems, Russia has imposed stringent cybersecurity protocols on the private sector, especially in critical industries. These measures reflect Russia’s push toward cyber sovereignty and highlight the role of cybersecurity in global geopolitical dynamics. Read More
Coordinates of Millions of Smartphones Feared Stolen, Sparking Yet Another Lawsuit Against Data Broker
The Register by Thomas Claburn
After millions of smartphone users had their GPS coordinates allegedly stolen and sold by a data broker, a class-action lawsuit has been filed accusing the firm of major privacy violations. This lawsuit emphasises the dangers posed by the data brokerage industry’s practices of handling sensitive personal information. It calls for enhanced regulatory measures to protect individuals from unauthorised data harvesting and sale, highlighting the urgent need for legislative reforms to ensure privacy rights in the digital age are respected and enforced. Read More
US Cybersecurity Efforts for Spacecraft Are Up in the Air
Dark Reading by Robert Lemos
The U.S. is grappling with establishing a robust cybersecurity framework for its spacecraft as cyber threats targeting space assets intensify. The absence of a unified strategy to safeguard these crucial systems exposes them to significant risks, underscoring the need for dedicated efforts to secure space infrastructure. This involves enhancing collaborations among government entities, aerospace experts, and cybersecurity professionals to develop resilient mechanisms capable of defending against and mitigating potential cyberattacks in the increasingly contested space domain. Read More
Critical RCE Bug in Microsoft Outlook Now Exploited in Attacks
BleepingComputer by Sergiu Gatlan
A critical remote code execution vulnerability in Microsoft Outlook is currently being exploited, allowing hackers to execute malicious code on affected systems without user interaction. This vulnerability poses a severe security risk, prompting Microsoft to release an urgent patch. Users are strongly advised to update their software to protect against potential attacks that could lead to significant data breaches or further system compromise. The incident highlights the ongoing need for vigilance and prompt action in the face of evolving cyber threats. Read More
Thailand Cuts Power and Internet to Areas of Myanmar to Disrupt Scam Gangs
Bitdefender by Graham Cluley
Thailand’s authorities have taken a drastic approach to combating cybercrime by cutting off power and internet services in certain areas of Myanmar known for harbouring scam operations. This measure aims to disrupt the activities of groups involved in extensive online frauds that affect thousands across Southeast Asia. While effective in curtailing these operations, the strategy has raised ethical concerns about the impact on innocent civilians living in the affected areas, prompting a debate on the appropriateness of such severe measures in law enforcement strategies against cybercrime. Read More
Coercive Control to Be Treated Like Other Domestic Abuse Offences
The BBC by Imogen James
The UK is expanding its legal framework to criminalise coercive control in the same way as other forms of domestic abuse. The new measures will allow for harsher penalties and increased protections for victims. Lawmakers and advocates stress that digital surveillance, financial control, and online harassment are key components of modern coercion tactics. The reforms acknowledge the rising role of technology in abuse cases and emphasise the need for law enforcement and the judiciary to recognise and combat digital forms of domestic violence. Read More
Cybercriminals Use Go Resty and Node Fetch in 13 Million Password Spraying Attempts
The Hacker News by Ravie Lakshmanan
Threat actors are leveraging Go Resty and Node Fetch to execute large-scale password spraying attacks, attempting to breach accounts across multiple platforms. Security researchers observed over 13 million login attempts, with attackers exploiting weak credentials and outdated authentication methods. The report highlights the need for stronger password policies, multi-factor authentication, and proactive threat monitoring. As password spraying remains a persistent attack vector, organisations are urged to implement stricter authentication controls to counter mass credential-stuffing attacks. Read More
Attackers Target Education Sector, Hijack Microsoft Accounts
Dark Reading by Elizabeth Montalbano
The education sector is facing a surge in cyberattacks, with hackers hijacking Microsoft accounts to infiltrate networks. Threat actors are using compromised credentials to spread malware, exfiltrate sensitive student data, and disrupt school operations. Security analysts warn that educational institutions are particularly vulnerable due to lax cybersecurity controls and outdated infrastructure. Experts recommend bolstering account security with multi-factor authentication and stronger network segmentation to prevent attackers from moving laterally within compromised environments. Read More
Lawmakers Fear Elon Musk, DOGE Not Adhering to Privacy Rules
CyberScoop by Tim Starks
U.S. lawmakers are raising alarms over Elon Musk’s Department of Government Efficiency (DOGE), questioning whether it is complying with federal privacy regulations. Concerns centre on DOGE’s alleged access to sensitive federal data without proper oversight. Critics warn that such a lack of transparency could pose national security risks and set a dangerous precedent for private entities managing government infrastructure. Lawmakers are calling for greater accountability and regulatory scrutiny to ensure compliance with data protection standards. Read More
CISA Orders Agencies to Patch Linux Kernel Bug Exploited in Attacks
BleepingComputer by Sergiu Gatlan
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive requiring federal agencies to patch a newly discovered Linux kernel vulnerability that is being actively exploited. The flaw allows attackers to execute arbitrary code and escalate privileges on compromised systems. CISA warns that failing to apply the patch could leave critical infrastructure exposed to cyber threats. Organisations using affected Linux distributions are urged to update their systems immediately to mitigate the risk of exploitation. Read More
Abandoned AWS Cloud Storage: A Major Cyberattack Vector
Dark Reading by Jai Vijayan
Researchers warn that misconfigured and abandoned AWS cloud storage remains a significant security risk, with cybercriminals exploiting unsecured buckets to exfiltrate sensitive data. Attackers are actively scanning for exposed storage containers containing corporate records, API keys, and confidential documents. The report underscores the importance of cloud security hygiene, including regular audits, proper access controls, and encryption to prevent unauthorised access. Businesses are advised to monitor cloud assets and promptly decommission unused storage to mitigate data exposure risks. Read More
Crypto-Stealing Apps Found in Apple App Store for the First Time
BleepingComputer by Bill Toulas
Security analysts have uncovered cryptocurrency-stealing apps in the Apple App Store, marking the first known instance of such malware bypassing Apple’s stringent review process. The malicious apps disguise themselves as legitimate wallet utilities but siphon funds from users upon installation. The discovery raises concerns about Apple’s ability to detect sophisticated financial fraud apps. Users are advised to scrutinise app permissions, use verified wallets, and enable security features to prevent unauthorised transactions. Read More
Netgear Fixes Critical Bugs as Five Eyes Warn About Break-Ins at the Edge
The Register by Connor Jones
Netgear has patched multiple critical vulnerabilities in its routers following a warning from the Five Eyes intelligence alliance about nation-state actors exploiting network edge devices. Attackers have been leveraging these flaws to gain remote access to corporate and home networks. The disclosure highlights the need for regular firmware updates and robust endpoint protection. Organisations are encouraged to apply patches immediately and monitor network activity for potential intrusions. Read More
Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign
The Hacker News by Ravie Lakshmanan
North Korea’s Lazarus Group is deploying a cross-platform JavaScript-based stealer to target cryptocurrency wallets. The malware is designed to harvest credentials and drain funds from compromised systems. The campaign underscores Lazarus Group’s continued focus on financial cybercrime, exploiting both Windows and macOS users. Security researchers advise crypto traders to remain vigilant, use hardware wallets, and monitor for suspicious activity. Read More
Spain Arrests Suspected Hacker of US and Spanish Military Agencies
BleepingComputer by Bill Toulas
Spanish authorities have arrested an individual accused of hacking U.S. and Spanish military agencies. The suspect allegedly exfiltrated classified data and sold it on dark web marketplaces. Law enforcement officials are working with cybersecurity experts to assess the full extent of the breach. The case highlights ongoing threats to defense networks and the importance of securing sensitive military data against persistent cyber espionage operations. Read More
How Are Modern Fraud Groups Using GenAI and Deepfakes?
Dark Reading by Jennifer Lawinski
Cybercriminals are weaponising generative AI and deepfake technology to launch more convincing fraud campaigns. From AI-generated phishing emails to synthetic voice scams impersonating executives, fraud groups are leveraging automation to scale deception at an unprecedented level. Security experts warn that as AI tools become more accessible, detecting manipulated content will become increasingly difficult. Financial institutions and enterprises must invest in AI-driven fraud detection systems and enhanced user verification measures to counteract this rapidly evolving threat landscape. Read More
Global Ransomware Payments Plunge by a Third Amid Crackdown
The Guardian by Dan Milmo
Ransomware payments have dropped by a third in the past year, marking a significant shift in cybercriminal earnings. Law enforcement crackdowns, improved corporate cybersecurity strategies, and increased resistance to paying ransoms have contributed to this decline. However, experts caution that ransomware groups are adapting, with new extortion tactics such as data destruction and double extortion becoming more prevalent. While the financial impact of ransomware is decreasing, the volume of attacks remains high, signalling that the threat is evolving rather than disappearing. Read More
Taiwan Bans DeepSeek AI Over National Security Concerns, Citing Data Leakage Risks
The Hacker News by Ravie Lakshmanan
Taiwan has banned the use of China-developed DeepSeek AI, citing concerns over national security and potential data leakage risks. Officials warn that AI models trained under Chinese jurisdiction could be exploited for intelligence gathering, reinforcing fears of foreign influence in critical sectors. The move follows similar bans from other governments wary of AI-driven espionage. As geopolitical tensions intersect with AI governance, the decision underscores the growing scrutiny over AI models with opaque data handling policies and their potential risks to sovereignty. Read More
GrubHub Data Breach Impacts Customers, Drivers, and Merchants
BleepingComputer by Sergiu Gatlan
A data breach at GrubHub has compromised sensitive information belonging to customers, delivery drivers, and merchants, exposing personal details and payment data. Hackers exploited a security flaw to gain unauthorised access, raising concerns about the security measures in place for food delivery platforms. While GrubHub has yet to disclose the full extent of the breach, cybersecurity analysts stress the need for stronger data protection standards in the gig economy. Users are advised to update their credentials and monitor financial accounts for fraudulent activity. Read More
Google Patches Odd Android Kernel Security Bug Amid Signs of Targeted Exploitation
The Register by Iain Thomson
Google has released an emergency patch for an unusual Android kernel security vulnerability that appears to have been actively exploited in targeted attacks. The bug allowed attackers to gain deep access to affected devices, potentially compromising sensitive data. Security researchers note that the vulnerability was likely used in highly targeted campaigns, possibly by nation-state actors. Android users are urged to apply updates immediately, as unpatched devices remain at risk. This incident highlights the growing sophistication of mobile threats and the importance of timely security updates. Read More
Triskele Labs Annual State of Cyber 2024 Report (DFIR Report)
Triskele Labs
Triskele Labs’ latest Digital Forensics and Incident Response (DFIR) report provides a comprehensive analysis of cybersecurity trends, highlighting the growing sophistication of threat actors. The report examines the increasing use of AI-driven attacks, supply chain vulnerabilities, and ransomware tactics. Key takeaways include the necessity for robust incident response plans, real-time threat intelligence, and enhanced security automation. Businesses are encouraged to integrate proactive cybersecurity strategies to mitigate evolving risks. Read More
Cyber Insights 2025: OT Security
SecurityWeek by Kevin Townsend
As operational technology (OT) systems become more interconnected, cybersecurity risks in industrial environments are growing. This article explores how threat actors are increasingly targeting OT infrastructure to disrupt manufacturing, energy, and transportation sectors. Security experts highlight the urgent need for stronger segmentation, access controls, and continuous monitoring to prevent catastrophic failures. Organisations must prioritise OT security to defend against sophisticated cyber threats. Read More
How Agentic AI Will Be Weaponized for Social Engineering Attacks
SecurityWeek by Stu Sjouwerman
The rise of agentic AI—AI systems capable of autonomous decision-making—poses new social engineering risks. This article examines how attackers could exploit AI-driven chatbots and voice synthesis tools to manipulate victims at scale. From AI-powered phishing to deepfake scams, adversaries are refining their tactics to deceive even the most security-conscious users. Experts stress the need for AI threat detection frameworks and awareness training to counter the growing risk of AI-driven deception. Read More
Why Cybersecurity Needs Probability — Not Predictions
Dark Reading by Vishaal “V8” Hariprasad
Traditional cybersecurity approaches often rely on deterministic risk models, but experts argue that probability-based methods are more effective for anticipating emerging threats. This analysis explores how probabilistic modeling can improve decision-making, helping security teams prioritise threats based on likelihood rather than theoretical worst-case scenarios. By integrating probability-driven risk assessments, organisations can better allocate resources and enhance resilience against evolving cyber threats. Read More
What EU AI Act Means for Governance in Financial Sector
FinTech by Louis Thompsett
The EU AI Act is set to introduce strict governance requirements for financial institutions using artificial intelligence, placing an emphasis on transparency, accountability, and risk mitigation. Banks and fintech firms leveraging AI for decision-making—such as credit scoring and fraud detection—will need to implement comprehensive oversight frameworks to comply with the new regulations. Experts warn that non-compliance could result in severe penalties. The Act’s focus on explainability and fairness aims to prevent AI bias, ensuring financial AI models operate with ethical safeguards and consumer protections in mind. Read More
Highlights from Last Week’s Cybersecurity Research by evisec – CRD #16
CyAN Member and evisec CEO Henry Röigas
Highlights from the latest cybersecurity research sources by evisec:
Read MoreAn Opportunity for the EU to Support Digital Freedom
CyAN Blog by John Salomon
CyAN Communication Chief John Salomon explores how the EU can champion digital freedom while balancing security and regulation. With increasing concerns over government overreach, censorship, and data sovereignty, he argues that policymakers must prioritise frameworks that protect privacy without stifling innovation. The article calls for greater transparency in surveillance laws, stronger commitments to encryption, and a unified approach to digital rights across member states. As the EU refines its digital policies, Salomon urges decision-makers to seize this moment to reinforce fundamental freedoms in the online world. Read More
Australia’s Digital Destiny: Leading the Charge for Online Freedom
By Kim Chandler McDonald
In response to John Salomon’s blog post, CyAN Global VP Kim Chandler McDonald examines Australia’s role in shaping digital freedom, arguing that the country has a pivotal opportunity to set global standards for privacy, cybersecurity, and human rights online. She highlights the tension between national security interests and individual freedoms, emphasising the importance of legislative safeguards to prevent government overreach. The article calls for stronger encryption protections, ethical AI policies, and global collaboration to uphold digital rights. As Australia navigates its digital future, McDonald stresses that proactive leadership is essential to ensuring an open, secure, and equitable online ecosystem. Read More
Register Here Event Details Event Details Event Details Event Details Event DetailsInformation Security News: TSA’s Airport Facial-Recog Tech Faces Audit ProbeThe Register by Brandon VigliaroloThe U.S. Transportation Security Administration’s (TSA) facial recognition program is under audit by the Government Accountability Office (GAO) due to concerns over privacy, data security, and potential biases. The audit will assess …
January 28th was Data Protection Day—a global reminder that privacy isn’t just a legal formality or an operational headache. It’s a fundamental pillar of trust. If your business handles client or customer data (and let’s be honest, that includes almost every business these days), you …
In today’s hyper-connected, rapidly evolving digital landscape, traditional cybersecurity paradigms no longer suffice. The perimeter-based approach, which relied on securing the network boundary, has become obsolete as organizations increasingly adopt cloud computing, remote work, and AI-driven tools. The competitive nature of artificial intelligence (AI) further intensifies this shift, as both attackers and defenders leverage AI to outsmart one another. In this environment, identity has emerged as the new cybersecurity perimeter—a critical linchpin in safeguarding organisational data, systems, and operations.
The Erosion of Traditional Perimeters
Historically, organisations built their cybersecurity posture around the concept of a secure perimeter—firewalls, VPNs, and network access controls that protected assets within a defined boundary. However, this approach fails to account for the following shifts:
1. Remote Work: The global pivot to remote work during the pandemic led to a massive increase in access requests from outside the corporate network. Employees, contractors, and third-party vendors now access organisational resources from anywhere, using a wide range of devices.
2. Cloud Adoption: Enterprises increasingly host critical applications and data in the cloud, which blurs the boundaries of traditional networks. This shift decentralises access points and complicates traditional perimeter defences.
3. AI-Driven Collaboration: Tools powered by AI, such as advanced analytics, generative AI, and automation platforms, amplify productivity but also create new security challenges, including unpredictable data flows and potential vulnerabilities in AI models.
In this context, identity has become the foundational layer of security, requiring organisations to shift their focus to verifying who is accessing resources rather than where they are accessing them from.
Why Identity is the New Perimeter
Identity refers to the digital representation of individuals, systems, and devices within an organisation. Establishing and verifying identity is the gateway to all interactions with digital resources. Here’s why it plays a critical role:
1. Zero Trust Architecture
The principle of Zero Trust—“never trust, always verify”—relies heavily on identity. Instead of assuming users or devices are trustworthy based on their location within the network, Zero Trust continuously validates their identity, device health, and access privileges. By focusing on identity, organisations can enforce least-privilege access, ensuring users only access resources essential to their role.
2. Mitigating AI-Driven Threats
AI has become a double-edged sword. While it enhances cybersecurity defences through predictive analytics and automated responses, cybercriminals also exploit AI to launch sophisticated attacks such as:
• Deepfakes: AI-generated deepfakes can impersonate executives to authorize fraudulent transactions.
• AI-Powered Phishing: Attackers use generative AI to craft highly convincing phishing emails that bypass traditional detection methods.
• Automated Credential Stuffing: AI algorithms can test billions of stolen username-password combinations to gain unauthorised access.
Strong identity controls—such as multi-factor authentication (MFA), biometric authentication, and behavioural analysis—are critical to mitigating these threats.
3. Securing AI Models and Workflows
AI systems require secure training data, algorithms, and models. Compromising the identity of users or systems involved in AI development can lead to adversarial attacks, model poisoning, or intellectual property theft. Identity governance ensures that only authorized users have access to sensitive AI workflows and datasets.
4. Third-Party Risk Management
Organisations rely on third-party vendors for AI tools and cloud-based services, introducing additional risk. Identity-centric approaches like privileged access management (PAM) ensure external partners have appropriate, time-bound access without exposing sensitive resources.
Core Strategies for Building an Identity-Centric Cybersecurity Posture
To embrace identity as the new perimeter, organizations must adopt a holistic approach. Here are the key strategies:
1. Adopt a Zero Trust Framework
Implement Zero Trust principles to eliminate implicit trust and continuously verify users, devices, and their behaviour. This includes:
• Enforcing MFA across all applications and platforms.
• Using role-based access controls (RBAC) to limit access based on job responsibilities.
• Leveraging conditional access policies to dynamically adjust access based on risk factors (e.g., login location or device posture).
2. Leverage AI for Identity Management
AI can be a powerful ally in securing identity. Use AI-driven identity solutions to:
• Detect anomalous behaviour (e.g., unusual login times or locations).
• Automate provisioning and deprovisioning of user accounts.
• Predict and prevent credential-based attacks by identifying compromised accounts.
3. Strengthen Identity Governance
Identity governance ensures users have the right level of access at the right time. It includes periodic reviews of access privileges, automated approval workflows, and integration with HR systems to immediately revoke access when employees leave the organisation.
4. Secure Machine Identities
In an AI-driven environment, machine identities—representing applications, APIs, and AI models—are as critical as human identities. Protect these identities using:
• Digital certificates and encryption.
• Automated key management systems.
• Continuous monitoring of API usage patterns for signs of compromise.
5. Educate and Empower Users
Human error remains a significant vulnerability. Regularly train employees and third-party users on identity best practices, including recognizing phishing attempts, safeguarding credentials, and using MFA effectively.
The Role of Competitive AI in Cybersecurity
The rise of competitive AI has transformed both the threat landscape and the defensive toolkit for organisations. Attackers are using AI to scale their operations, while defenders must harness AI to stay one step ahead. In this arms race, identity-based solutions offer a strategic advantage:
1. Proactive Threat Detection: AI-powered tools can monitor identity-related events, such as login anomalies or unusual privilege escalation, and take immediate action to mitigate threats.
2. Adaptive Authentication: AI enhances adaptive authentication systems by analysing contextual signals (e.g., device type, behaviour patterns) to decide whether to grant access or require additional verification.
3. AI-Augmented Forensics: When breaches occur, AI can analyse identity-related logs at scale, identifying the root cause and preventing similar incidents.
The Future of Identity-Centric Security
As AI continues to advance, organisations must future-proof their identity strategies to address emerging challenges. Key trends include:
• Decentralized Identity: Blockchain-based identity systems may reduce reliance on centralized identity providers, improving privacy and control.
• Behavioural Biometrics: AI-driven analysis of typing patterns, mouse movements, and other behavioural traits will enhance authentication mechanisms.
• Quantum-Resistant Identity Solutions: With the advent of quantum computing, traditional encryption methods may become vulnerable. Organizations must explore quantum-resistant algorithms for identity protection.
Conclusion
In the current, and dynamic, environment where the competitive AI landscape is redefining both opportunities and threats, identity has become the cornerstone of organisational cybersecurity. By treating identity as the new perimeter, organizations can better navigate the complexities of remote work, cloud adoption, and AI-driven collaboration. Through Zero Trust principles, robust identity governance, and AI-enhanced security tools, businesses can protect their critical assets and maintain a strong cybersecurity posture in the face of evolving threats.
Identity is no longer just about access—it’s about trust, resilience, and adaptability in a world where the stakes have never been higher.
In today’s digital world, data privacy has become a paramount concern for organizations and individuals alike. As cyber threats grow increasingly sophisticated, organizations turn to robust security solutions like Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) to safeguard sensitive data. Beyond …
We are proud to share that two of our esteemed CyAN members, Bharat Raigangar and Dr. Mathew Nicho, are featured as the cover story in the December 2024 issue of Enterprise IT World MEA! his engaging cover story reflects their thought leadership and their commitment …
Please welcome our newest CyAN member, Will Rivera, from the United States!
Will Rivera is a seasoned leader with over 17 years of experience in advocacy and mission-driven organizations. As Managing Director at MyOwn Image, he drives nationwide efforts to combat technology-facilitated violence and promote intimate privacy, working at the intersection of digital safety and survivor support.
Previously, Will Rivera served as Crisis Intervention Director at Opportunities for Otsego, where he led 24/7 crisis response operations, managed two residential facilities, and connected thousands of individuals annually with critical resources. His trauma-informed leadership and streamlined protocols improved outcomes for survivors of domestic and sexual violence, homelessness, and exploitation.
A Trust & Safety professional and survivor advocate, Will has directly supported thousands impacted by violence, blending empathy with actionable solutions. His expertise in advocacy, policy reform, and community engagement bridges human needs with digital innovation.
Will is passionate about empowering advocates and advancing digital safety. His work aligns with those creating a more secure digital world, whether as users or providers of cybersecurity solutions. Together, we can build safer, more inclusive communities and fight cybercrime.
It’s great to have you on board, Will! We look forward to the expertise you bring and enabling you here at CyAN.
Don’t hesitate to connect with Will Rivera on LinkedIn to grow your networks mutually!
