Dataproof Communications

Key Takeaways CopyCop is scaling AI-driven influence operations globally. The Russian influence network known as CopyCop has created more than 300 fake media websites spanning North America, Europe, and beyond. The operation primarily uses AI-generated content to erode public trust and support for Ukraine. AI has become the new engine of manipulation. The network...

Let’s Encrypt will be reducing the validity period of the certificates we issue. We currently issue certificates valid for 90 days, which will be cut in half to 45 days by 2028. This change is being made along with the rest of the industry, as required by the CA/Browser Forum Baseline Requirements, which set the technical requirements that we must...

At the end of October 2025, Oracle released an emergency security alert addressing CVE-2025-61757, a high-severity authentication-bypass flaw that enables remote code execution in the Identity Manager product of Oracle Fusion Middleware (versions 12.2.1.4.0 and 14.1.2.1.0). Multiple threat actors are already exploiting the vulnerability in the wild, and it was added to CISA’s Known Exploited Vulnerabilities catalog on November 21, 2025.  Oracle Identity Manager is widely deployed across...

In November 2025, data breached from the Zilvia.net Nissan 240SX Silvia and Z Fairlady car forum was leaked. The breach exposed 288k unique email addresses along with usernames, IP addresses and salted MD5 password hashes sourced from the vBulletin based platform. Attempts to contact Zilvia.net about the incident were unsuccessful. - Read more

Key Takeaways Ransomware disrupts business on multiple fronts, causing operational shutdowns, financial strain, and lasting reputational harm. Modern attacks rely on multi-stage intrusion tactics, from credential theft to data extortion, that exploit gaps across people, processes, and technology. Recovery is complex and prolonged, often requiring sustained operational, legal, and communications efforts. Intelligence-led visibility is...

Key Takeaways Most “AI malware” observed so far falls into the AI malware Maturity Model (AIM3) Levels 1-3 (Experimenting through Optimizing), rather than fully automated campaigns. AI is currently a force multiplier on existing attacker tradecraft, not a source of fundamentally new TTPs. Many “first-ever AI malware” announcements are narrow research demos or PoCs...

Reuters news agency says it obtained document after visiting URL it predicted file would be uploaded toHow Rachel Reeves’s budget was leaked 40 minutes earlyThe chair of the Office for Budget Responsibility has said he felt mortified by the early release of its budget forecasts as the watchdog launched a rapid inquiry into how it had “inadvertently made it...

In 2011, the China Software Developer Network (CSDN) suffered a data breach that exposed over 6M user records. The data included email addresses alongside usernames and plain text passwords. - Read more

AI Security Insights for November 2025 - Read more

Kensington and Westminster councils investigating whether data has been compromised as Hammersmith and Fulham also reports hackThree London councils have reported a cyber-attack, prompting the rollout of emergency plans and the involvement of the National Crime Agency (NCA) as they investigate whether any data has been compromised.The Royal Borough of Kensington and Chelsea (RBKC), and Westminster city council, which...