Dataproof Communications

Agentic AI represents a qualitative shift in how software operates. Traditional software executes deterministic instructions. Generative AI responds to human prompts with output that humans review and use at their discretion. Agentic AI differs from both. Agents connect to software tools and APIs and uses large language models (LLMs) as reasoning engines to plan and execute sequences...

Welcome to this week’s edition of the Threat Source newsletter.Last weekend, I witnessed a crime. Not a notable crime that you might read about in the press, but an unremarkable fraud attempt that nevertheless illustrates how new threat actor capabilities are emerging.I imagine that most people reading this probably field IT questions from friends, family, and your local community....

In a mature Security Operations Center, escalation is supposed to work like a scalpel, precise, intentional, and reserved for alerts that genuinely demand deeper expertise. But across many teams today, it has become something far less disciplined: a reflex, a pressure valve, a way to pass uncertainty up the chain. The consequences are predictable. Tier 2 drowns in rerouted...

This modern infostealer adopted server-side decryption of stolen credentials to bypass security controls - Read more

The UK’s cybersecurity agency offered advice to “high-risk’ individuals” on how to protect against social engineering and cyber-attacks - Read more

The Computer Weekly Security Think Tank considers the intersection of AI and IAM. In this article, learn how AI-driven IAM projects must account for important questions around data protection, user trust, accountability and control. - Read more

In this episode of the Talos Threat Perspective, we explore how identity is being used to gain, extend, and maintain access inside environments. Drawing on insights from the 2025 Talos Year in Review, we break down how attackers are: ·       Targeting identity systems and MFA workflows ·       Establishing persistent, high-trust access ·       Using internal phishing to move laterally ·       Could potentially exploit over-permissioned AI agents and identity-linked access ·       Blending...

Executive OverviewAdvanced persistent threats (APTs) are constantly and consistently changing tactics as network defenders plug holes in defenses. Static indicators of compromise (IoCs) for the BPFDoor have been widely deployed, forcing threat actors to get creative in their use of this particular strain of malware. What they came up with is ingenious.New research from Rapid7 Labs has uncovered undocumented...

A new phishing-as-a-service (PhaaS) campaign is abusing Microsoft’s device code authentication flow to gain unauthorized access to user accounts. Sekoia researchers first spotted the toolkit “EvilTokens” that lets attackers capture authentication tokens by tricking users into completing a legitimate login process in Microsoft’s own environment. The activity, observed since at least mid-February, relies on social...

View CSAF Summary Hitachi Energy is aware of a Jasper Report vulnerability that affects the Ellipse product versions mentioned in this document below. This vulnerability can be exploited to carry out remote code execution (RCE) attack on the product. Please refer to the Recommended Immediate Actions for information about the mitigation/remediation. The following versions of Hitachi Energy Ellipse are affected: Ellipse vers:Ellipse/<=9.0.50 (CVE-2025-10492) CVSS Vendor Equipment Vulnerabilities v3...