Threat Landscape Briefing – November 2024

In this month’s briefing we explore:

  • ConfusedPilot Attack Targets AI Systems With Data Poisoning (00:49)
    • A research team at the University of Texas Austin has identified a new form of data poisoning attack against Retrieval-Augmented Generation (RAG) AI systems like Microsoft Copilot.
    • See Info-Tech’s research on how to Address Security and Privacy Risks for Generative AI.
  • Iranian Cyber Actors Step-Up Identity Attacks on Critical Infrastructure (03:46)
  • Critical Vulnerability in Kubernetes Image Builder Exposes VMs to Unauthorized Access (06:56)
    • A newly identified vulnerability in the Kubernetes Image Builder project allows malicious actors to gain SSH root access to virtual machines.
    • See how we can help your organization Implement Risk-Based Vulnerability Management.

If you have a question or would like to receive these monthly briefings via email, submit a request here.

Featured Speakers

Michel Hebert

Principal Research Director, Security & Privacy
Read Bio

Carlos Rivera

Principal Research Advisor, Security & Privacy
Read Bio

Jonathan Nelson

Principal Advisory Director
Read Bio

Visit our Exponential IT Research Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019