日本語
한국어
Tiếng Việt
简体中文
A cyberattack on critical infrastructure in the United States could have devastating consequences, according to Anne Neuberger, former deputy national security advisor and NSA cybersecurity director.
Speaking at the AI Expo for National Competitiveness, Neuberger expressed concerns about the resilience of US infrastructure, citing factors such as outdated technology, systems not designed for internet connectivity, and inadequate cybersecurity measures for operational systems.
Neuberger advocated for the integration of AI to bolster critical infrastructure security. She suggested AI could be instrumental in identifying vulnerabilities in legacy systems and utilizing digital twinning for enhanced infrastructure evaluation.
She also noted that previous workforce reductions at the Cybersecurity and Infrastructure Security Agency (CISA) have further exposed the US infrastructure.
Neuberger emphasized the importance of a targeted approach to national cyber defense, leveraging AI to address vulnerabilities in critical infrastructure.
CISA Faces Budget Cuts
CISA, the agency responsible for government system security and critical infrastructure protection, has been affected by budget cuts, leading to staff reductions and concerns about a potential “brain drain.”
Proposed budget cuts could further reduce CISA’s budget by 17 percent, resulting in additional staff losses.
ConnectWise Exploit Added to KEV Catalog
CISA added a ConnectWise exploit to its Known Exploited Vulnerabilities (KEV) catalog, addressing concerns raised by a ConnectWise message warning of a nation-state actor breaching its IT environment.
The identified vulnerability is CVE-2025-3935, a deserialization flaw in ASP.NET’s ViewState in ScreenConnect, patched by ConnectWise in April.
Other Critical Vulnerabilities:
- CVE-2021-32030 (CVSS 9.8): Authentication bypass in ASUS GT-AC2900 and EOL Lyra Mini Wi-Fi routers.
- CVE-2024-56145 (CVSS 9.3): Remote Code Execution (RCE) vulnerability in Craft CMS.
- CVE-2025-21480 & CVE-2025-21479 (CVSS 8.6): Memory corruption vulnerabilities in Qualcomm chipsets.
FBI Warns of Badbox 2.0 Botnet
The FBI issued a warning about the resurgence of the Badbox botnet, now Badbox 2.0, which compromises Android-based streaming devices, projectors, and digital picture frames. Cybercriminals are attempting to sell access to these infected devices.
Kaspersky researchers have also identified a new Mirai botnet variant targeting digital video recorder-based monitoring systems, exploiting CVE-2024-3721, an OS command injection vulnerability in TBK DVRs. Patches are available.
CISA’s App Security Program Under Scrutiny
Republican Congressman Andrew Garbarino is questioning CISA’s plan to discontinue its Mobile App Vetting (MAV) program, which assesses mobile apps for vulnerabilities and risks.
Garbarino has requested an explanation from Homeland Security Secretary Kristi Noem, emphasizing the importance of MAV in securing government-managed devices and addressing potential compromises.
Kettering Confirms Data Breach
Kettering confirmed that the 941 GB of patient data leaked online by the Interlock ransomware group is legitimate. The breach included sensitive information such as ID cards, payment data, and financial reports.
Doxxers Sentenced to Prison
Two cybercriminals, Sagar Steven Singh (a.k.a. “Weep”) and Nicholas Ceraolo (a.k.a. “Convict”), have been sentenced to 27 and 25 months in prison, respectively, for stealing data from a law enforcement database and using it to extort victims.
The pair, members of the “ViLE” doxxing gang, used stolen credentials to access nonpublic police records and intelligence reports.