SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsIn case you missed it last week, the US Cybersecurity and Infrastructure Security Agency (CISA) added the CitrixBleed 2 vulnerability (CVE-2025-5777) to the Known Exploited Vulnerabilities (KEV) catalog on Thursday, July 10, with a mitigation due date for Federal Civilian Executive Branch (FCEB) agencies of July 11. This appears to be the first time CISA has set a one-day window for addressing a vulnerability added to KEV. Citrix disclosed and issued a fix for the critical memory safety vulnerability in mid-June. CISA describes the flaw: "Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This vulnerability can lead to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server."
You already patched right? While Citrix appears to be slow coming around on this being actively exploited, they didn’t waste any time putting out a patch in June. You should have applied the update just as rapidly. Regardless, check for IoCs.
The Record
The Register
SCWorld
BleepingComputer
NIST
Threat actors are exploiting a critical (CVSS 10.0) remote code execution vulnerability in Wing FTP Server (CVE-2025-47812). The vulnerability was detected by researchers at RCE Security who reported the issue to the developer; the vulnerability was patched in Wing FTP Server version 7.4.4, which was released in mid-May. RCE Security published their write-up of the vulnerability on June 30. Within one day of the disclosure, researchers at Huntress observed the flaw being actively exploited. The vulnerability was added to the US Cybersecurity and Infrastructure Security Agency's (CISA's) Known Exploited Vulnerabilities (KEV) catalog on July 14 with a mitigation due date of August 4, 2025.
Even though the product has “FTP” as part of its name, the vulnerability affects HTTP(s), not FTP. It is easily exploited and as the headline states, exploits are already being used in the wild.
If you’re running Wing FTP, make sure you’ve updated to at least 7.4.4; if you haven’t, with the preponderance of attacks on file transfer solutions, assume compromise and proceed accordingly, to include evaluating alternative, more modern, solutions for information interchange.
So much work yet remains to get organizations to focus on the importance of patch management. If it takes having a vulnerability added to the KEV catalog for IT and Security departments to act, then we’ve failed. Why? Because it only took a bad guy one day to figure out the importance of the vulnerability.
The Record
Gov Infosecurity
BleepingComputer
Help Net Security
The Register
RCE Security
Huntress
NIST
A court in Rotterdam, Netherlands has sentenced an unnamed individual to three years in prison for stealing chip manufacturing technology from two employers and sharing the information with people in Russia. The individual "accessed his employer's network to retrieve files he did not need for his work," which constitutes computer hacking; he also violated EU sanctions against sharing sensitive information with Russia that have been in place since 2014. The data were taken from ASML and NXP, which are both part of the semiconductor industry.
This is a pretty straightforward legal issue with previous case law established. But what about an AI engine deployed by your company finding and indexing others’ intellectual property and exposing it? These types of cases are just starting to show up – data governance is a key part of AI security for several reasons.
We are all prepared for theft of IP by humans, but are we ready for data loss due to LLM/AI where data is aggregated outside your control? This has the potential to be more significant than learning about unsecured S3 buckets. AI governance has to be conscious, consistent, and deliberate. Your team is already leveraging AI to innovate, meet deliverables and remain relevant. Are you ready?
Humans continue to be the weakest link when it comes to protection of information (trade secrets in this case). Companies should use this case as part of a risk review of their insider threat program.
While computer crime may carry a lower risk of punishment than other forms of crime, that risk is rising. It is certainly no longer risk free.
A supply chain attack appears to have compromised two versions of the Gravity Forms WordPress plugin, a forms builder which has more than million active installations. The malware-infected versions of the plugin collect a host of "site metadata, including URL, admin path, theme, plugins, and PHP/WordPress version," and exfiltrate that information to external systems. According to Gravity Forms developer RocketGenius, "If installed, the malicious code modifications will block attempts to update the package and attempt to reach an external server to download additional payload. If it succeeds in executing this payload, it will then attempt to add an administrative account." The issue affects Gravity Forms version 2.9.11.1 manually downloaded on July 9 or 10; Gravity Forms 2.9.12 manually downloaded on July 10; and composer installs of version2.9.11.1 on July 9 or 10. Auto-updated versions were not compromised. In their write-up, RocketGenius has provided indicators of compromise and advice for securing infected sites. They have released Gravity Forms version 2.9.13.
Given the sequence of events, verify you really are on 2.9.13 of Gravity Forms. Check for the IoCs on the Gravity forms security incident notice: https://www.gravityforms.com/blog/security-incident-notice/, and if you are compromised, deactivate then delete the plugin, block access to gravityapi.org, and the companion IP addresses, then reinstall. Don’t use uninstall, that will wipe your settings.
Use of WordPress, while extremely popular, continues to be high risk. Google "alternatives to WordPress."
BleepingComputer
SecurityWeek
Gravity Forms
Patchstack
Wordfence
Researchers from PCA Cyber Security have published a security advisory warning of four flaws in the BlueSDK Bluetooth stack -- a "hardware-agnostic" Bluetooth implementation primarily designed for automotive systems -- that can be chained to allow "1-click Remote Code Execution" on affected devices made by a variety of vendors. PCA provides proof-of-concept (PoC) exploits for Mercedes-Benz AG, Volkswagen, and Skoda among impacted vendors. An attacker in physical range and able to pair a laptop with the target system, in some cases without the ignition activated and without requiring confirmation, could escalate privileges to "track GPS coordinates, record audio inside a car, obtain personal phonebook information, ... and obtain access to critical elements of a car" by moving laterally through other embedded Electronic Control Units (ECUs). Vendors outside the automotive industry may also be affected. BlueSDK developer OpenSynergy worked with PCA after being contacted in May 2024, releasing patches in September 2024, however it took until June 2025 for all original equipment manufacturers (OEMs) to receive the patch, possibly due to "long and complex vehicle supply chains." Users should update affected systems or disable Bluetooth functionality entirely to protect against this attack, dubbed "PerfektBlue." Nick Tausek, lead security automation architect at Swimlane, posits that "attacks like PerfektBlue historically do more to illustrate the complicated landscape of [Internet of Things] patching than they do to represent a real threat to your average user."
To exploit the flaw, the attacker needs to be in range and paired with the infotainment system, which can be done without interaction in some cases. As the BlueSDK is also in mobile and IoT devices, you need to make sure updates are applied. The flaw disclosure was held until OEMs had the patches widely deployed. Make sure your vehicle, if affected, has the latest update.
Nvidia has published a security advisory reminding users to ensure System-level error correction code (ECC) is enabled on the company's GPU products after researchers at the University of Toronto showed the viability of exploiting the Rowhammer effect on an NVIDIA A6000 GPU with GDDR6 memory. The Rowhammer effect is a type of disturbance error observed for over a decade, where repeatedly reading ("hammering") memory locations in densely-celled dynamic random-access memory (DRAM) can leak an electrical charge that may cause bits to flip in an adjacent memory row. This is the first demonstration of Rowhammer bit flipping in discrete GPUs, allowing the researchers to "tamper with another user’s data on the GPU," and to degrade a deep neural network (DNN) model's accuracy "from 80% to 0.1% using a single bit flip." The researchers responsibly disclosed this vulnerability to Nvidia and major cloud providers in January 2025. Enabling ECC to mitigate memory disruption varies by GPU architecture, and Nvidia provides instructions for out-of-band and in-band paths; ECC is enabled by default on Nvidia's Hopper and Blackwell Data Center classes of GPUs. The researchers note that enabling ECC may reduce performance and memory capacity.
ECC is enabled by default in the newer Nvidia products, and enabling ECC is recommended as a best practice to mitigate Rowhammer attacks. Make sure you analyze the impact to both performance and memory capacity before enabling ECC if you don’t currently have it turned on.
GPUHammer
Nvidia
BleepingComputer
Ars Technica
The Register
The Hacker News
Albemarle County in the US state of Virginia had published information and resources for residents in the wake of a ransomware attack on the county's IT systems conducted overnight on June 10, 2025, and discovered the following morning. The county immediately implemented security protocols and engaged third-party cybersecurity experts, also notifying the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Cyber Fusion Center of the Virginia State Police. Investigation of the incident indicates that data stored in the cloud were not accessed, but locally-stored names, addresses, and Social Security numbers of county residents may have been accessed, as well as data belonging to local government and public school employees, including "names, addresses, driver’s license numbers, Social Security numbers, passport numbers, military ID numbers, and state ID card numbers." Non-emergency phone lines were restored after two weeks of outages after the attack. Albemarle County is offering all affected individuals complimentary fraud consultation, identity theft restoration services, and 12 months of credit monitoring. The notice recommends vigilance and possible fraud alerts or freezes on credit reports, and provides resources for understanding and reporting identity theft.
As yet, no gang has claimed responsibility for the attack. On a positive note, the county is offering one year of ID theft/credit restoration now, while they are still determining exactly whose data was breached. Not a bad approach to consider for your own playbook, particularly if you expect a lengthy process to make this determination.
It would be helpful if they were to publish details on how the perpetrators gained access to the enterprise. For example, specifying what controls were in place that protected the cloud-based systems. I get that there are liability concerns, but sharing information helps protect us all from future ransomware events.
The US Cybersecurity and Infrastructure Security Agency (CISA) has published an Industrial Control System (ICS) advisory describing a weak authentication vulnerability in the End-of-Train and Head-of-Train remote linking protocol. CISA writes, "successful exploitation of this vulnerability could allow an attacker to send their own brake control commands to the end-of-train device, causing a sudden stoppage of the train which may lead to a disruption of operations, or induce brake failure." The issue was detected separately by two different researchers, first in 2012 and then again in 2016. The researcher who found the vulnerability in 2012 said he recently learned that it had first been reported to the Association of American Railroads (AAR) in 2005.
CVE-2025-1727, CVSS 3 score 8.1, affects the devices known as a Flashing Read End Device (FRED), which replaced the caboose, and can be exploited over RF, making typical control system mitigations such as isolation or VPN, challenging. Exploit requires both physical access/proximity and deep protocol knowledge, and mitigation requires an update to the standard, which is underway.
FRED was designed and built during a time when devices often lacked authentication and didn’t use encryption. Unfortunately, the device was never updated to address today’s cyber threats. With CISA issuing an advisory the proverbial cat is out of the bag. It can amount to negligence on the part of the AAR and the FRA for not fixing the security issue.
Two researchers discovered a weakness in a chatbot that fast food restaurant McDonald's uses to screen job applicants. The researchers write that they "identified two serious issues: the McHire administration interface for restaurant owners accepted the default credentials 123456:123456, and an insecure direct object reference (IDOR) on an internal API allowed us to access any contacts and chats we wanted." The chatbot was built by Paradox.ai, which has assumed responsibility for the situation. They have addressed both the default username/password issue and the API endpoint vulnerability and "are launching several new security initiatives including providing an easy way to contact [their] security team ... and a bug bounty program."
Another good example that AI is just software, and complex software at that. Demonstration of thorough pre-sales vulnerability testing (such as a well-managed bug bounty program) should be a minimum vendor security requirement.
We need to not only train our developers not to use default passwords but also avoid insecure object references, then make sure our QA processes support them doing so. Not only has Paradox.ai addressed the issue, but they also implemented a bug bounty/vulnerability disclosure program to aid in discovery of future flaws.
Wired
SCWorld
SecurityWeek
BleepingComputer
Paradox
Ian
SANS Internet Storm Center StormCast Tuesday, July 15, 2025
Web Honeypot Log Volume; Browser Extension Malware; RDP Forensics
https://isc.sans.edu/podcastdetail/9526
DShield Honeypot Log Volume Increase
Within the last few months, there has been a dramatic increase in honeypot log volumes and how often these high volumes are seen. This has not just been from Jesse’s residential honeypot, which has historically seen higher log volumes, but from all of the honeypots that Jesse runs.
https://isc.sans.edu/diary/DShield+Honeypot+Log+Volume+Increase/32100
Google and Microsoft Trusted Them. 2.3 Million Users Installed Them. They Were Malware.
Koi Security’s investigation of a single “verified” color picker exposed a coordinated campaign of 18 malicious extensions that infected a massive 2.3 million users across Chrome and Edge.
RDP Forensics
Comprehensive overview of Windows RDP Forensics
SANS Internet Storm Center StormCast Monday, July 14, 2025, 2025
Suspect Domain Feed; Wing FTP Exploited; FortiWeb Exploited; NVIDIA GPU Rowhammer
https://isc.sans.edu/podcastdetail/9524
Experimental Suspicious Domain Feed
Our new experimental suspicious domain feed uses various criteria to identify domains that may be used for phishing or other malicious purposes.
https://isc.sans.edu/diary/Experimental+Suspicious+Domain+Feed/32102
Wing FTP Server RCE Vulnerability Exploited CVE-2025-47812
Huntress saw active exploitation of Wing FTP Server remote code execution (CVE-2025-47812) on a customer on July 1, 2025. Organizations running Wing FTP Server should update to the fixed version, version 7.4.4, as soon as possible.
https://www.huntress.com/blog/wing-ftp-server-remote-code-execution-cve-2025-47812-exploited-in-wild
https://www.rcesecurity.com/2025/06/what-the-null-wing-ftp-server-rce-cve-2025-47812/
FortiWeb Pre-Auth RCE (CVE-2025-25257)
An exploit for the FortiWeb RCE Vulnerability is now available and is being used in the wild.
https://pwner.gg/blog/2025-07-10-fortiweb-fabric-rce
NVIDIA Vulnerable to Rowhammer
NVIDIA has received new research related to the industry-wide DRAM issue known as “Rowhammer”. The research demonstrates a potential Rowhammer attack against an NVIDIA A6000 GPU with GDDR6 Memory. The purpose of this notice is to reinforce already known mitigations to Rowhammer attacks.
https://nvidia.custhelp.com/app/answers/detail/a_id/5671/~/security-notice%3A-rowhammer---july-2025
Catch up on recent editions of NewsBites or browse our full archive of expert-curated cybersecurity news.
Browse ArchiveIn the Salt Typhon APT, attackers exploited CVE-2023-20198 and CVE-2023-20273 on Cisco routers. Join Craig Riddell, Field CISO, on July 22 for a demo and technical walkthrough on how to enforce identity-bound access and session control where NAC fails.
Webcast | AI-Driven SecOps: Unifying Controls, Automating Response, and Advancing the Modern SOC using Palo Alto’s XSIAM | Thursday, 31 July 2025 1:00PM ET Struggling with tool sprawl, alert fatigue, and slow response? Discover how Palo Alto’s XSIAM is redefining the modern SOC with AI-powered visibility and automation. Save your spot now.
Survey | The 2025 State of ICS/OT Cybersecurity Are your OT systems truly secure? Share your expertise in this 20-minute survey to help shape industry benchmarks—and get a shot at a $400 Amazon gift card. Take the survey today,
Webcast | Swimlane Turbine AI Automation in Security Operations | Tuesday, 12 Aug 2025 1:00PM ET Do more with less. See how Swimlane’s low-code AI platform slashes alert fatigue, unifies your stack, and accelerates incident response. Reserve your seat.