Security Now Episode 1068: AI in Cybersecurity, Age Verification Challenges, and Data Breaches

This episode of Security Now covers a range of pressing cybersecurity issues, starting with the growing use of AI in hacking campaigns. The hosts discuss a recent incident where a Russian-speaking threat actor breached over 600 Fortinet firewalls by exploiting weak configurations—such as exposed management ports, weak passwords, and the absence of multi-factor authentication—rather than using zero-day vulnerabilities. The attackers employed AI tools like Claude and Deepseek to generate scripts for reconnaissance, vulnerability assessments, and offensive operations. While this raised concerns about AI-driven cyber threats, the hosts emphasize that AI is merely a tool, no different from a compiler or any other technology. Its use by malicious actors reflects broader trends in automation, not an inherent flaw in AI itself. The discussion underscores that both defenders and attackers will increasingly rely on AI, making it essential for security professionals to adapt without overreacting to its role in cybercrime. Another key topic is the legal and technical challenges surrounding age verification for online services. Apple recently updated its developer guidelines to comply with emerging laws in the U.S., Brazil, Australia, and other regions requiring age restrictions for apps. These regulations force platforms to determine users' ages, but this conflicts with existing privacy protections like COPPA (Children’s Online Privacy Protection Act), which restricts data collection from minors. The FTC responded by issuing a policy statement exempting age verification technologies from COPPA enforcement, allowing services to collect age-related data without fear of penalties. However, the hosts critique the fragmented and overly complex nature of these regulations, which vary by jurisdiction and create significant compliance burdens for developers. The conversation highlights the tension between protecting children online and preserving user privacy, suggesting that a more unified approach would have been preferable to the current patchwork of rules. The episode also examines a high-profile data breach involving Mexican government agencies, where attackers stole 150 gigabytes of sensitive data, including taxpayer records, voter information, and employee credentials. The breach was facilitated by AI-generated scripts, though the hosts stress that the real issue was poor security practices rather than the use of AI itself. This incident serves as a reminder that even sophisticated tools cannot compensate for fundamental security failures, such as unsecured databases or weak authentication. Additionally, the hosts discuss the activities of the hacking group "Scattered Spider," which has been recruiting women for social engineering attacks. The group’s tactics highlight how cybercriminals exploit human psychology, often targeting less secure or overlooked demographics to bypass technical defenses. Finally, the episode touches on a critical vulnerability in Cisco products, rated a perfect 10.0 on the CVSS (Common Vulnerability Scoring System) scale. Such a high score indicates a flaw that is easily exploitable and could lead to severe consequences, such as unauthorized access or data breaches. The hosts also mention a new hardware security module (HSM) that simplifies code signing—a process used to verify the authenticity of software—by securely managing cryptographic keys. This tool is particularly valuable for developers who need to sign code without exposing sensitive credentials. The discussion concludes with a look at the "ClickFix" exploit, which has evolved into a more dangerous variant called "CrashFix," used by cybercriminals to compromise systems. These examples illustrate the ongoing arms race between attackers and defenders, where even minor oversights can lead to major security incidents. The episode blends technical analysis with practical insights, making it valuable for both cybersecurity professionals and general listeners interested in staying informed about digital threats.