Expert Interview: Sean Peisert on Cybersecurity Research

Sean Peisert leads cybersecurity research at Berkeley Lab, focusing on protecting data and infrastructure vital to science and society. His team employs physics-based monitoring and privacy-preserving techniques for high-performance computing (like NERSC) and energy delivery systems. They aim to secure scientific research tools, the power grid, and nuclear safeguards. Peisert’s innovative approach to cybersecurity emphasizes enabling collaboration and fostering automated responses to threats while allowing safe data sharing. The lab's long-term vision positions it as a leader in forward-thinking cybersecurity solutions.

https://newscenter.lbl.gov/2025/07/30/expert-interview-sean-peisert-on-cybersecurity-research/

Social Engineering on the Rise — New Unit 42 Report

TLDR: Palo Alto Networks' 2025 Unit 42 report highlights a significant rise in social engineering attacks, with over a third of incidents starting from these tactics, primarily phishing (65%). Attackers exploit trust and human behavior rather than technical vulnerabilities, leading to business disruptions and data exposure. AI enhances these attacks, allowing for personalized lures and scalable strategies. Organizations are urged to address overpermissions, alert gaps, and strengthen identity security to mitigate risks.

https://www.paloaltonetworks.com/blog/2025/07/social-engineering-rise-new-unit-42-report/

What if Your Passkey Device Is Stolen? How to Manage Risk in Our Passwordless Future

If your passkey device is stolen, risk management hinges on device security measures. Passkeys are stored securely within the device's operating system, making unauthorized access difficult. It’s crucial to enable device locking, remote wiping, and strong authentication measures. If your device is unlocked and accessed by a thief, securing apps with additional passwords can help. Deleting passkeys from the stolen device may be necessary, depending on your password manager's security settings. Overall, preparing for potential theft is essential to mitigate risks associated with passwordless authentication.

https://www.zdnet.com/article/what-if-your-passkey-device-is-stolen-how-to-manage-risk-in-our-passwordless-future/

Zero Knowledge Proofs Alone Are Not a Digital ID Solution to Protecting User Privacy

Zero Knowledge Proofs (ZKPs) alone cannot safeguard user privacy in digital ID systems. While they enable age verification without sharing personal information, they don't prevent issuer abuse or limit data collection. ZKPs may create more burdens on users and don't address the broader issues of existing data privacy laws. Effective protection requires comprehensive legal safeguards beyond just technology.

https://www.eff.org/deeplinks/2025/07/zero-knowledge-proofs-alone-are-not-digital-id-solution-protecting-user-privacy

Hacker Slips Malicious ‘wiping’ Command Into Amazon’s Q AI Coding Assistant – and Devs are Worried

Hacker infiltrated Amazon's ‘Q' AI coding assistant, implanting a command that could potentially erase local files and dismantle AWS infrastructure. The malicious code passed Amazon's verification, causing developer concern and criticism over security practices. Amazon responded, claiming no customer resources were affected and stating security is a priority. However, the incident raised significant trust issues among developers, who demand more transparency and accountability.

https://www.zdnet.com/article/hacker-slips-malicious-wiping-command-into-amazons-q-ai-coding-assistant-and-devs-are-worried/

AI Has Broken Trust. Here’s How We’re Rebuilding It

AI has eroded trust in digital interactions. Rebuilding it requires prioritizing whether a user is a real human before verifying their identity through multi-factor authentication. Historical reliance on single-factor authentication has proven inadequate, especially with advancements in generative AI, with high-quality synthetic voices and abundant voice cloning models complicating security. Effective defense strategies now must focus on detecting synthetic identities prior to authentication processes, emphasizing the need for a robust, layered security approach.

https://www.pindrop.com/article/rebuilding-ai-broken-trust/

Deepfake Cybercrime Is Soaring, Experts Say

Deepfake cybercrime is increasing due to AI advancements, posing serious threats including bank fraud and political disinformation, as discussed in a Fordham presentation. Detection is challenging; for example, a $25 million scam involved deepfake videos of company executives. Deepfake-related losses exceeded $200 million recently. To combat this, awareness and technological solutions are essential.

https://now.fordham.edu/university-news/deepfake-cybercrime-is-soaring-experts-say/

Basic Cybersecurity Lapses Are Leaving US Infrastructure Exposed, Top Experts Warn

Experts warn U.S. infrastructure is vulnerable due to basic cybersecurity failures, emphasizing the need for better security measures like firewalls and patching. Key officials highlight the urgency for improved authentication technologies and increased public-private collaboration to combat rising cyber threats from nation-state actors and criminals.

https://www.nextgov.com/cybersecurity/2025/07/basic-cybersecurity-lapses-are-leaving-us-infrastructure-exposed-top-experts-warn/406971/

McDonald’s AI Breach Reveals The Dark Side Of Automated Recruitment

McDonald's AI hiring system, McHire, suffered a significant breach exposing millions of job applicants' personal data due to serious security flaws, including weak passwords and unregulated access. Researchers accessed sensitive information by simply using default login credentials, highlighting the inadequacy of basic security practices. The incident exposes a broader trend where rapid technology deployment often neglects essential security measures, indicating that companies must prioritize safeguarding personal data amidst automation efforts.

https://www.forbes.com/sites/tonybradley/2025/07/15/mcdonalds-ai-breach-reveals-the-dark-side-of-automated-recruitment/

How Passkeys Work: The Complete Guide to Your Inevitable Passwordless Future

TLDR: Passkeys offer a secure, passwordless authentication method using public key cryptography, eliminating the need to share secrets with websites or apps, thus reducing theft risks. They involve workflows for discovery, registration, authentication, and deletion. Passkeys rely on standards like WebAuthn and FIDO2, with authenticators managing cryptographic tasks.

https://www.zdnet.com/article/how-passkeys-work-the-complete-guide-to-your-inevitable-passwordless-future/

Free Certificates for IP Addresses: Security Problem or Solution?

Let’s Encrypt is now issuing free certificates for IP addresses, enhancing security by allowing access to websites and home devices without domain names. However, this poses risks; cybercriminals could exploit certificates for malicious sites, deceiving users with fake links that appear secure. The certificates are short-term (valid for six days) to mitigate abuse, highlighting the need for vigilance in users against potential phishing and the necessity of good cybersecurity practices.

https://www.malwarebytes.com/blog/news/2025/07/free-certificates-for-ip-addresses-security-problem-or-solution

Europe’s EUVD Could Shake up the Vulnerability Database Ecosystem

EU launches EUVD to improve vulnerability tracking, aimed at enhancing resilience in cybersecurity against reliance on US databases like NVD and CVE, addressing recent funding and operational gaps. ENISA promotes collaboration with existing systems for actionable insights. Effective risk management requires contextualization and integration with broader frameworks. The EUVD's success depends on community engagement and avoiding fragmentation in threat intelligence reporting.

https://www.reversinglabs.com/blog/euvd-vulnerability-database-ecosystem

Threat Research: Hundreds of MCP Servers Vulnerable to Abuse

Summary: Backslash's research reveals that many Model Context Protocol (MCP) servers are vulnerable due to misconfigurations, exposing them to various security risks like unauthorized access, command execution, and data exfiltration. Key issues identified include network exposure allowing access from any local device, and excessive permissions permitting arbitrary commands on host machines. This vulnerability combination can lead to total control by an attacker. Users are advised to consult the Backslash MCP Security Hub for server safety, while developers should implement best practices for securing MCPs against these risks.

https://www.backslash.security/blog/hundreds-of-mcp-servers-vulnerable-to-abuse

Cybercriminal Abuse of Large Language Models

Cybercriminals exploit large language models (LLMs) for illicit activities, using uncensored models or creating their own to bypass safety features. They employ these models for tasks like generating phishing emails, scanning vulnerabilities, and writing malware. Techniques like jailbreaking and obfuscation allow them to manipulate legitimate LLMs for harmful purposes. Cybercriminals also face risks of scams when accessing fraudulent LLM services. As LLM technology evolves, it serves as a tool for enhancing traditional cyber threats.

https://blog.talosintelligence.com/cybercriminal-abuse-of-large-language-models/

Scroll to Top