Dark mode: ON

Infosec Decoded Season 5 #64: Peak AI

With Doug Spindler and sambowne@infosec.exchange

Recorded Fri, Aug 15, 2025

AI

Scientists Are Getting Seriously Worried That We've Already Hit Peak AI
Progress is slowing down to a crawl.
There's a Compelling Theory Why GPT-5 Sucks so Much
Upcoming DeepSeek AI model failed to train using Huawei’s chips
Startup encountered persistent technical issues using Huawei Ascend chips.
Google Gemini will now learn from your chats—unless you tell it not to
Gemini is getting an option called Personal Context. When enabled, the chatbot will remember details about your past conversations, adapting its replies without being specifically prompted.
Rubrik adds rogue AI agent action rewind protection
Cyber-security and backup company Rubrik has an Agent Rewind offering that enables customers to undo mistaken agentic AI changes to applications and data by providing visibility into agents’ actions and an undo capability.

Politics

The GOP plot to gain 40 seats without winning any more votes
Party operatives think gerrymandering, a new Census and a friendly Supreme Court can help keep Republicans in power. The most important part will be the Supreme Court neutralizing the Voting Rights Act of 1965, so Southern states can resume Jim Crow-style districting which effectively denies voting rights to Black citizens.

Stephen Miller wants a new census omitting undocumented aliens, which seems unlikely to work.

Infosec

New Brain Interface Interprets Inner Monologues With Startling Accuracy
Scientists decoded the silent inner thoughts of four people with paralysis, a breakthrough that could transform assistive speech.
Russian Hackers Lurked in US Courts for Years, Took Sealed Files
They gained access by exploiting stolen user credentials and a cybersecurity vulnerability in an outdated server used by the federal judiciary, and specifically searched for sealed records.
New downgrade attack can bypass FIDO auth in Microsoft Entra ID
The new downgrade attack created by Proofpoint researchers employs a custom phishlet within the Evilginx adversary-in-the-middle (AiTM) framework to spoof a browser user agent that lacks FIDO support.

Specifically, the researchers spoof Safari on Windows, which is not compatible with FIDO-based authentication in Microsoft Entra ID. Microsoft Entra ID turns off FIDO authentication and instead returns an error. This error prompts the user to choose an alternate verification fallback method, such as the Microsoft Authenticator app, SMS code, or OTP.

Average ransomware payment now $1.1M: Coveware charts rise of data exfiltration
Exfiltration played a role in 74 percent of all cases, with many campaigns now focusing on data theft rather than traditional system encryption.

Credential-based intrusions dominate, with groups like Akira regularly exploiting exposed VPNs and remote services using stolen or weak credentials, often sourced from infostealers or successful phishing campaigns. Social engineering also continues to mature, with actors leveraging trusted communication channels like Microsoft Teams for vishing, SEO poisoning to deliver malware, and deceptive scripts masked behind fake security prompts or CAPTCHAs.