Threat Landscape Briefing – November 2024
In this month’s briefing we explore:
- ConfusedPilot Attack Targets AI Systems With Data Poisoning (00:49)
- A research team at the University of Texas Austin has identified a new form of data poisoning attack against Retrieval-Augmented Generation (RAG) AI systems like Microsoft Copilot.
- See Info-Tech’s research on how to Address Security and Privacy Risks for Generative AI.
- Iranian Cyber Actors Step-Up Identity Attacks on Critical Infrastructure (03:46)
- Law enforcement agencies in Canada, Australia, and the US have issued a warning to network defenders about recent activity from Iranian cyber actors.
- Learn more about how to Develop a Comprehensive IAM Improvement Strategy.
- Critical Vulnerability in Kubernetes Image Builder Exposes VMs to Unauthorized Access (06:56)
- A newly identified vulnerability in the Kubernetes Image Builder project allows malicious actors to gain SSH root access to virtual machines.
- See how we can help your organization Implement Risk-Based Vulnerability Management.
If you have a question or would like to receive these monthly briefings via email, submit a request here.