This Week's Top Five Stories in Cyber
Project Glasswing: Securing Critical Software in the AI Era
When Anthropic’s Claude Mythos Preview revealed thousands of high-severity vulnerabilities in every major operating system, it didn’t take long for the industry to understand the implication.
The superior vulnerability detection capability of AI can sow unprecedented destruction in the hands of bad actors.
Hence, alighting firmly on the side of the defenders, Anthropic has pulled back the curtain on Project Glasswing – an ambitious effort to protect critical software from a new generation of cyber risks driven by AI.
This coalition brings together major industry players including AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA and Palo Alto Networks in an effort to secure critical software.
The move reflects a growing urgency across the tech sector. As AI systems become more capable, they are not only strengthening defences but also lowering the barrier for sophisticated cyber attacks.
How did Hasbro Handle a Cyber Attack on its Systems?
Games and entertainment giant Hasbro recently found itself in the middle of a scenario that it would rather keep in its board games: a high-stakes intrusion with uncertain rules and a ticking clock.
Hasbro owns Transformers, G.I. Joe, Power Rangers, Nerf, My Little Pony and Dungeons & Dragons, and is the company behind iconic board games like Monopoly, Twister and Clue.
However, in March, the company was hit by a cyber attack, as it detected unauthorised access inside its network, labelled “a security incident impacting certain Hasbro systems".
In a lesson to security leaders around the world, executives quickly sprung to action. Internal alarms were raised, incident response plans kicked in and external cybersecurity specialists were brought in to trace the intruder’s path.
What followed was a controlled shutdown. Key systems were taken offline, not as a failure but as a defensive play to contain any spread and stop attackers digging deeper. Industry reporting notes that parts of the company’s digital infrastructure – including sections of its website – went dark almost overnight.
Why are Red Hat & Google Cloud Extending their Partnership?
World’s premier open source solutions provider, Red Hat, has unveiled an expanded partnership with Google Cloud, designed to help organisations pick up the pace on application modernisation and cloud migration.
At the heart of the move is the introduction of Red Hat OpenShift directly into the Google Cloud console.
Alongside this comes tighter integration with native services and the full release of Red Hat OpenShift Virtualization on Red Hat OpenShift Dedicated on Google Cloud.
The announcement reflects a shared ambition to deliver a complete application platform where enterprises can confidently build, deploy and scale containerised, virtualised and AI-led workloads.
“Our customers are constantly looking for ways to simplify their infrastructure and accelerate innovation without sacrificing performance,” says Nirav Mehta, Vice President, Product Management at Google Cloud Compute Platform.
Why Russian Threat Actors are Targeting Internet Routers
Another Russian espionage operation has been uncovered.
As a recent investigation by global agencies has revealed, the culprit is no rogue cyber crime gang but a sophisticated cyber espionage wing of the GRU – the Russian Military Intelligence.
The threat actor is Forest Blizzard and the targets are the unsuspecting internet routers in your homes that can be used to spy on you.
These vulnerable small office/home office (SOHO) routers are of interest to these threat actors, as it enables them to perform Domain Name System (DNS) hijacking, which further down the line is used to harvest credentials.
“By compromising edge devices that are upstream of larger targets, threat actors could take advantage of less closely monitored assets to pivot into enterprise environments,” reads a Microsoft Threat Intelligence blog.
Lloyds & IBM’s Quantum Computing Bet to Detect Money Mules
The future of securing the BSFI sector against financial crime could lie in quantum computing.
A nine-month experiment by Lloyds Banking Group and IBM that could signal a transformative shift in how financial institutions detect and defend against sophisticated money laundering networks, has officially come to an end.
It comprised of one of the largest quantum computing trials ever conducted on real quantum hardware, focused on identifying money mule activity through advanced graph analytics.
By the trial’s conclusion, the team successfully detected a real-world money mule deliberately embedded within anonymised data, demonstrating that quantum systems could handle the intricate networks characteristic of contemporary financial crime.
The breakthrough could offer new capabilities for threat detection in an environment where criminals continually evolve their tactics to evade traditional security measures.
Executives
Nirav Mehta
VP of Product Management - Google Cloud Compute Platform
