This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On August 08, 2025

Monday 8/4

How to mitigate AI-powered social engineering attacks (Delinea)

AI can convincingly simulate identities across multiple channels and formats, making AI-powered social engineering attacks more convincing and likely to fool even the savviest, most security-conscious employees. Additionally, AI can execute attacks at scale, learn from its successes, and continually become smarter and stealthier.

https://delinea.com/blog/how-to-mitigate-ai-powered-social-engineering-attacks

Exploiting Direct Send: Attackers Abuse Microsoft 365 to Deliver Internal Phishing Attacks (Proofpoint)

Threat actors are exploiting Microsoft 365’s Direct Send feature to deliver phishing emails that appear to originate from within the organization, undermining internal trust, and increasing the risk of successful social engineering attacks.

https://www.proofpoint.com/us/blog/email-and-cloud-threats/attackers-abuse-m365-for-internal-phishing

Tuesday 8/5

ICYMI: On July 31, 2025, Gotham’s CTO, Ken Phelan, was joined by Nerdio’s Chief Revenue Officer, Joseph Landes, to discuss the future of virtual desktop infrastructure (VDI). Click the link below for the full video:

https://www.youtube.com/watch?v=DJjcaCq9WiU

Wednesday 8/6

How To Prevent Candidate Fraud with HR Identity Verification (HYPR)

The rise in candidate fraud is costing businesses a fortune and putting their security at risk. That's why strong identity verification isn't just a good idea — it's essential for keeping your company safe.

https://blog.hypr.com/prevent-candidate-fraud-with-hr-identity-verification

The AI Trust Gap: Why Transparency Will Define the Next Era of SOC Security (Abnormal AI)

This shift toward transparency reflects a broader evolution in how organizations view the SOC. Increasingly, leaders and analysts alike are thinking long-term—not just about detection speed or alert volume, but about what kind of operating model AI makes possible.

https://abnormal.ai/blog/ai-trust-gap-soc-security

Social Engineering on the Rise — New Unit 42 Report (Palo Alto Networks)

Social engineering is the most common initial access vector observed by Unit 42, with phishing accounting for 65% of social engineering-driven cases. These attacks often target privileged accounts (66%), utilize impersonation of internal personnel (45%) and involve callback or voice-based techniques (23%), which are becoming more sophisticated as attackers leverage AI.

https://www.paloaltonetworks.com/blog/2025/07/social-engineering-rise-new-unit-42-report/

Thursday 8/7

AI agents are the new insider threat. Secure them like human workers. (Citrix)

Without a defined identity, an attacker can effectively assign one. They can make your AI agent do whatever they want, and you wouldn’t even know it’s not following your instructions. The agent becomes a perfect insider threat that never sleeps, never questions orders, and operates stupidly fast.

https://www.citrix.com/blogs/2025/08/04/ai-agents-are-the-new-insider-threat-secure-them-like-human-workers/

Too Many Alerts, Too Few Hands: Why SOCs Must Embrace AI (Pure Storage)

Today’s security operations centers are overwhelmed. AI and automation offer a practical, scalable path to reducing alert fatigue, false positives, and burnout. While AI can help, it’s not as simple as plug and play. 

https://blog.purestorage.com/perspectives/why-socs-must-embrace-ai/

Friday 8/8

How to comply with CISA’s SCuBA (without the headaches) (Axonius)

The Cybersecurity and Infrastructure Security Agency’s (CISA) Secure Cloud Business Applications (SCuBA) project and Binding Operational Directive (BOD) 25-01 provide a strong foundation for civilian agencies. These initiatives create uniform security configurations to put agencies on a path toward more resilient, secure clouds.

https://www.axonius.com/blog/comply-with-cisa-scuba

‘Plague’ malware exploits Pluggable Authentication Module to breach Linux systems (CyberArk)

Plague exploits the core of Linux authentication by embedding itself as a PAM module. Its silent persistence and ability to bypass SSH login make it a formidable threat. Mitigating such risks starts with removing unnecessary privileges before they’re abused.

https://www.cyberark.com/resources/blog/plague-malware-exploits-pluggable-authentication-module-to-breach-linux-systems