Top of the Day
Why Corporate AI Projects Succeed or Fail
(Dylan Walsh – Stanford HAI – 18 February 2025) It’s a mad competition for AI talent. Job postings for machine learning and AI engineers increased 70-80% in the beginning of 2024 compared with 2023. Companies are offering new recruits substantial compensation and big budgets to poke around their internal operations, interact with employees across the business, find problems or inefficiencies, and then build AI-based solutions to address them. “But in-house developments don’t seem to be working well: Even as companies invest a lot of money, a lot of projects are failing or not delivering their promised value,” says Arvind Karunakaran, an assistant professor of engineering at Stanford and a faculty affiliate at the Stanford Institute for Human-Centered Artificial Intelligence (HAI). “Something is going on in these very early stages of interaction between developers and other employees across the business that’s leading to these shortcomings.” – https://hai.stanford.edu/news/why-corporate-ai-projects-succeed-or-fail
31,068 miles: Meta plans world’s longest subsea cable to connect 5 continents
(Abhishek Bhardwaj – Interesting Engineering – 17 February 2025) Meta has announced its most ambitious subsea cable project – named Project Waterworth – which will reach five major continents. The multi-billion dollar, multi-year investment project was announced through a blog post by the company. Meta says that it will strengthen the scale and reliability of the “world’s digital highways by opening three new oceanic corridors with the abundant, high speed connectivity needed to drive AI innovation around the world.” – https://interestingengineering.com/innovation/meta-subsea-cables-project-waterworth
CTED Executive Director addresses the Fourth Ministerial Conference “No Money for Terror 2025” on countering the financing of terrorism
(UN CTED – 14 February 2025) On 13 February 2025, Assistant Secretary-General Natalia Gherman, CTED Executive Director, delivered a lead statement at the ministerial segment of the 4th “No Money for Terror” (NMFT) conference held in Munich, Germany. Hosted by Germany, the conference addressed key topics such as innovative approaches to multilateral cooperation, digital channels of terrorist financing, the importance of financial inclusion and the risk-based approach, and the nexus between organized crime and terrorism financing. – https://www.un.org/securitycouncil/ctc/news/cted-executive-director-addresses-fourth-ministerial-conference-%E2%80%9Cno-money-terror-2025%E2%80%9D
Between ambition and pragmatism: The future of cyber capacity-building in a fragmented world
(Nayia Barmpaliou, Patryk Pawlak – European Union Institute for Security Studies – 14 February 2025) This report provides a structured analysis of the evolving international cyber capacity-building (CCB) ecosystem, highlighting both its progress and persistent challenges. Over the past decade, CCB has emerged as a key mechanism for international cooperation, helping countries strengthen cyber resilience and fostering global partnerships. It explores how CCB efforts have developed within separate policy communities—such as international security, criminal justice, and ICT development—leading to inefficiencies and operational fragmentation. However, despite widespread consensus on its importance, efforts to scale, coordinate, and enhance the effectiveness of CCB remain fragmented. Ultimately, this report seeks to deepen the understanding of ideological and operational divides in CCB, assess their impact on effectiveness, and outline pathways for more cohesive and impactful international cooperation. – https://www.iss.europa.eu/publications/reports/between-ambition-and-pragmatism-future-cyber-capacity-building-fragmented
Defense, Intelligence, and Warfare
Saronic unveils plans for autonomous shipyard
(Courtney Albon – Defense News – 18 February 2025) Texas-based Saronic Technologies announced Tuesday it raised $600 million in private funding to build an autonomous shipyard it’s calling Port Alpha. The company plans to use the facility to grow its fleet of medium- and large-class autonomous surface vessels amid demand from the Pentagon for more drones of all kinds, including ships. – https://www.defensenews.com/naval/2025/02/18/saronic-unveils-plans-for-autonomous-shipyard/
Security
North Korea’s Kimsuky Taps Trusted Platforms to Attack South Korea
(Robert Lemos – Dark Reading – 19 February 2025) North Korea-linked threat groups are increasingly using living-off-the-land (LotL) techniques and trusted services to evade detection, with a recent Kimsuky campaign showcasing the use of PowerShell scripts and storing data in Dropbox folders, along with improved operational security. In the campaign, dubbed “DEEP#DRIVE” by security firm Securonix, the threat group used fake work logs, insurance documents, and crypto-related files to convince users to download and run a zipped shortcut file that gathers system configuration information and then executes PowerShell and .NET scripts. The attack tools upload the system data to Dropbox folders and then download additional commands and capabilities for further compromise. While the attackers showed some interest in quick financial wins — such as targeting cryptocurrency users — for the most part, the threat group focused on stealing sensitive data from South Korean government agencies and businesses, says Tim Peck, a senior threat researcher at Securonix. – https://www.darkreading.com/cyberattacks-data-breaches/north-koreans-kimsuky-attacks-rivals-trusted-platforms
China-Linked Threat Group Targets Japanese Orgs’ Servers
(Kristina Beek – Dark Reading – 18 February 2025) Winnti, a China-affiliated threat actor, has been linked to a new cyber campaign called RevivalStone, which has been observed targeting Japanese companies within the manufacturing, materials, and energy sectors. Winnti has been active since at least 2012, but only started targeting Asian manufacturing and materials organizations within the past few years. – https://www.darkreading.com/cyberattacks-data-breaches/china-linked-threat-group-japanese-orgs-servers
BlackLock On Track to Be 2025’s Most Prolific Ransomware Group
(Phil Muncaster – Infosecurity Magazine – 18 February 2025) Security researchers have lifted the lid on one of the fastest growing and formidable ransomware-as-a-service (RaaS) groups of 2025. Dubbed “BlackLock” (aka El Dorado or Eldorado), the RaaS outfit has been around since March 2024 and has increased its number of data leak posts by a staggering 1425% quarter-on-quarter in Q4 of last year, according to ReliaQuest. – https://www.infosecurity-magazine.com/news/blacklock-2025s-most-prolific/
Zacks Investment Research Breach Hits 12 Million
(Phil Muncaster – Infosecurity Magazine – 18 February 2025) A leading stock research and analysis firm appears to have been breached for the third time in just four years, with details from 12 million accounts published on the dark web. Published on BreachForums at the end of last month by a user with the moniker “Jurak,” the trove dates from an incident in June 2024, according to breach notification site, HaveIBeenPwned. “The 2024 breach included 12 million unique email addresses along with IP and physical addresses, names, usernames, phone numbers and unsalted SHA-256 password hashes. Zacks did not respond to multiple attempts to contact them about the incident,” it explained. – https://www.infosecurity-magazine.com/news/zacks-investment-research-breach/
Cyberattack likely to have ‘material impact’ on media giant Lee Enterprises’ bottom line
(James Reddick – The Record – 18 February 2025) Media conglomerate Lee Enterprises told regulators on Friday that hackers had stolen files and encrypted “critical applications” as part of an incident that impacted the operations of dozens of newspapers nationwide. Beginning in early February, deliveries of the print editions of some of Lee Enterprises newspapers — which include the St. Louis Post-Dispatch, Arizona Daily Star and dozens of others — were disrupted. The publications posted identical statements on their websites and in newspapers about a cyber incident. – https://therecord.media/cyberattack-lee-enterprises-news-media
Ecuador’s legislature says hackers attempted to access confidential information
(Daryna Antoniuk – The Record – 18 February 2025) Ecuador’s legislature, the National Assembly, reported that it suffered two cyberattacks on Monday aimed at disrupting its systems and accessing sensitive data. The assembly said in a statement that it was able to quickly “identify and counteract the situation” but did not provide further details about the impact of the incident or the threat actor behind it. – https://therecord.media/ecuador-national-assembly-cyberattack
Hackers use ‘sophisticated’ macOS malware to steal cryptocurrency, Microsoft says
(Daryna Antoniuk – The Record – 18 February 2025) Researchers have discovered a new variant of malware targeting macOS systems to steal cryptocurrency and data without being detected. In a report, threat intelligence specialists at Microsoft said that they have discovered the new XCSSET strain in limited attacks. XCSSET, first spotted in the wild in August 2020, spreads by infecting Xcode projects, which developers use to create apps for Apple devices. – https://therecord.media/hackers-use-macos-malware-to-steal-crypto
Pro-Russia Hackers NoName057(16) Hit Italian Banks and Airports
(Alessandro Mascellino – Infosecurity Magazine – 17 February 2025) A pro-Russia hacker group, NoName057(16), has launched a wave of DDoS (distributed denial-of-service) attacks targeting key Italian organizations. Early on Monday, the group disrupted the websites of major airports in Milan, including Linate and Malpensa, as well as the Transport Authority, the Intesa San Paolo bank and the ports of Taranto and Trieste. The attacks were reportedly minor, with the Italian National Cybersecurity Agency (ACN) stepping in swiftly to mitigate disruptions. Officials confirmed that services were restored quickly, with no significant impact on operations. – https://www.infosecurity-magazine.com/news/noname05716-hit-italian-banks/