Full Report
Cyber agencies call on ISPs to help combat "bulletproof" internet hosts that shield cybercriminals. Meanwhile, the CSA introduced a new methodology to assess the risks of autonomous AI. Plus, get the latest on the CIS benchmarks, drone-detection systems, and malware infections.Key takeawaysCrackdown on “bulletproof” hosting: International cyber agencies are urging ISPs and network defenders to help degrade internet infrastructure used by cybercriminals. New agentic AI risk framework: The Cloud Security Alliance introduced the Capabilities-Based Risk Assessment (CBRA) to help organizations quantify risks associated with autonomous AI systems. Fresh CIS Benchmarks: A new batch of configuration guides covers Windows Server 2025 and various Linux distros, alongside updates for software products from Google, IBM, Oracle and others.Here are five things you need to know for the week ending November 21.1 - Cyber agencies ask for help in defusing “bulletproof” internet hosts used by criminalsMulti-national cybersecurity agencies are asking ISPs and network defenders to help unmask and dismantle bulletproof hosting providers (BPH), which offer internet infrastructure services to cyber criminals.“The authoring agencies have observed a marked increase in cybercriminal actors using BPH infrastructure to support cyber operations against critical infrastructure, financial institutions, and other high-value targets,” reads the joint advisory “Bulletproof Defense: Mitigating Risks From Bulletproof Hosting Providers.”“BPH providers continue to pose a significant risk to the resilience and safety of critical systems and services,” adds the advisory from cyber agencies in Australia, Canada, the Netherlands, New Zealand, the U.K., and the U.S.BPHs intentionally ignore legal processes, abuse complaints, and law enforcement takedown requests, shielding cybercriminals and helping them launch ransomware attacks, extort data, deliver malware, conduct phishing campaigns, and more.They provide obfuscation through techniques like fast flux, effectively masking the identity and location of the perpetrators. However, identifying criminal activity facilitated by BPHs isn’t easy because BPH infrastructure is woven into the infrastructure of legitimate ISPs.“BPH providers lease their own infrastructure to cybercriminals. Increasingly, they resell stolen or leased infrastructure from legitimate hosting providers, data centers, ISPs, or cloud service providers who may unknowingly enable BPH providers to provide infrastructure to cybercriminals,” reads the document.The advisory offers guidance for ISPs and network defenders to take “nuanced” steps to gum up BPHs’ services without impacting legitimate infrastructure.Ultimately, the idea is to help degrade the effectiveness of BPHs’ infrastructure to the point where their cyber criminal customers are forced to leave their BPH safe havens and switch to legitimate service providers, which, unlike BPHs, do respond to abuse complaints and to law-enforcement requests. Recommendations include:Conducting rigorous traffic analysisCurating and automating reviews of "high confidence" lists of malicious internet resourcesEstablishing robust standards for ISP accountabilityProactively creating filtering toolsMaintaining transparent communication regarding malicious resource lists“Bulletproof hosting is one of the core enablers of modern cybercrime,” Acting CISA Director Madhu Gottumukkala said in a statement. “By shining a light on these illicit infrastructures and giving defenders concrete actions, we are making it harder for criminals to hide and easier for our partners to protect the systems Americans rely on every day.”In a related development, Australia, the U.K. and the U.S. jointly sanctioned Russia-based BPH company Media Land and its network, the U.S. Treasury Department said in a statement. Meanwhile the U.K. and U.S. governments also sanctioned Hypercore Ltd., a front company for BPH company Aeza Group, along with several individuals, it added.For more information about BPH:“Bulletproof hosting providers: Cracks in the armour of cybercriminal infrastructure” (Australian Cyber Security Centre)“Bulletproof hosting provider Proton66 steps-up malware campaigns” (SC World)“Why Bulletproof Hosting is Key to Cybercrime-as-a-Service” (Infosecurity Magazine)“US sanctions ‘bulletproof’ hosting provider Aeza for cybercrime ops” (SC World)“Key to Qilin's Ransomware Success: Bulletproof Hosting” (Bank Info Security)2 - CSA unveils agentic AI risk assessment toolTo assess the risks of using agentic AI, conventional risk models may fall short. So how can you determine the risks your organization faces from these autonomous AI tools?You might want to check out a new risk-assessment framework for agentic AI systems from the Cloud Security Alliance (CSA).The framework, called Capabilities-Based Risk Assessment (CBRA) is detailed in a new CSA white paper and evaluates agentic AI systems across four areas: System CriticalityAI AutonomyAccess PermissionsImpact RadiusThese factors are combined to generate a composite risk score, allowing enterprises to quantify the potential consequences of system failure or misuse. “AI autonomy and access are expanding faster than traditional risk management models can adapt,” Pete Chronis, Co-Chair of the CSA AI Safety Initiative CISO Council, said in a statement. “CBRA allows enterprises to align their governance investments with actual risk exposure – protecting high-impact agentic systems while accelerating safe innovation elsewhere,” he added.The CBRA is integrated with the CSA’s AI Controls Matrix (AICM). CBRA maps its three-tier risk levels — low, medium, and high — to the AICM’s library of over 240 AI-specific controls, so that security measures taken are proportionate to the risk.For more information about AI security, check out these Tenable Research blogs:“Frequently Asked Questions About DeepSeek Large Language Model (LLM)”“Frequently Asked Questions About Model Context Protocol (MCP) and Integrating with AI for Agentic Applications”“Frequently Asked Questions About Vibe Coding”“AI Security: Web Flaws Resurface in Rush to Use MCP Servers”“CVE-2025-54135, CVE-2025-54136: Frequently Asked Questions About Vulnerabilities in Cursor IDE (CurXecute and MCPoison)”3 - CIS releases batch of new and updated BenchmarksTime to tighten the screws on the software configurations of products from Oracle, Microsoft, Google, IBM, Apple, and more. The Center for Internet Security (CIS) just refreshed a variety of its existing Benchmarks and introduced multiple new ones.The following CIS Benchmarks were updated:CIS Palo Alto Firewall 11 Benchmark v1.2.0, which includes enhanced automated compliance and audit readinessCIS Oracle MySQL 8.0 Enterprise Benchmark v1.5.0, which includes improved account security by enforcing password policies for all accountsCIS Oracle MySQL 8.0 Community Server Benchmark v1.2.0, which includes backporting password enforcement recommendationsCIS Microsoft Azure Foundations Benchmark v5.0.0, which adds 22 new recommendations and updates 58 others to better align with cloud security practicesCIS Google Android Benchmark v1.6.0, which includes better alignment with iOS benchmarks for consistent mobile securityCIS Microsoft Edge Benchmark v4.0.0, which includes refined browser hardening with new ADMX-based security settingsCIS IBM Db2 11 Benchmark v1.2.0, which includes improved clarity and remediation stepsCIS also launched seven entirely new Benchmarks. The CIS Microsoft Windows Server 2025 Stand-alone Benchmark v1.0.0 provides foundational security guidance for the latest Windows server environment. Linux coverage was expanded with new Benchmarks for Red Hat Enterprise Linux 10, Rocky Linux 10 and AlmaLinux OS 10. Additionally, new guides were released for IBM z/OS with RACF, FortiGate 7.4.x, and Apple iOS/iPadOS 18 for Intune, the latter specifically tailored for device management via Microsoft Intune.Meanwhile, there are new Build Kits for various Oracle, Microsoft and Red Hat products. Build Kits automate the CIS Benchmarks’ configuration process.CIS Rocky Linux 10 Benchmark v1.0.0CIS Microsoft Windows Server 2025 Stand-alone Benchmark v1.0.0CIS Oracle Linux OS 10 Benchmark v1.0.0CIS AlmaLinux OS 10 Benchmark v1.0.0CIS Microsoft Edge Benchmark v4.0.0CIS Red Hat Enterprise Linux 10 Benchmark v1.0.1 Currently, CIS has 100-plus Benchmarks to harden the configurations of cloud platforms; databases; desktop and server software; mobile devices; operating systems; and more.To get more details, read the CIS blog “CIS Benchmarks Monthly Update October 2025.” For more information about the CIS Benchmarks list, check out its home page and FAQ, as well as:“Getting to Know the CIS Benchmarks” (CIS)“Security Via Consensus: Developing the CIS Benchmarks” (Dark Reading)“How to Unlock the Security Benefits of the CIS Benchmarks” (Tenable)“CIS Benchmarks Communities: Where configurations meet consensus” (Help Net Security)“CIS Benchmarks: DevOps Guide to Hardening the Cloud” (DevOps)4 - CISA: Drone-detection tools have their own cyber risksAs critical infrastructure organizations rush to buy drone-detection systems to protect themselves from malicious ones, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is raising a red flag: the detection tools themselves can be vulnerable.In a guide published this week to help critical infrastructure organizations choose these tools, CISA warned that an important aspect of the selection process is the cybersecurity posture of these unmanned aircraft systems (UAS), as drones are formally known.“Cybersecurity vulnerabilities can compromise the confidentiality, integrity, and availability of UAS detection information,” reads the guide “Unmanned Aircraft System Detection Technology Guidance.” Examples of cybersecurity flaws in these UAS-detection products include:Insecure collection and transfer of dataMalicious executables hidden within required software and firmware updatesVulnerable connected devices utilized by detection systemsCISA recommends that critical infrastructure organizations ask UAS-detection vendors questions including:Can your product’s operating system be physically accessed or tampered with?Can you provide both a software bill of materials (SBOM) and hardware bill of materials (HBOM) for your product?How long will you provide security and firmware updates for your product?What data does your product’s sensor collect and store?Who will have access to the data collected by your product?“The new risks and challenges from UAS activity demonstrate that the threat environment is always changing, which means our defenses must improve as well,” CISA Acting Director Madhu Gottumukkala said in a statement.The 12-page guide also addresses non-cyber criteria for choosing a drone-detection system.CISA published two other drone-security guides in July for critical infrastructure organizations: “Suspicious Unmanned Aircraft System Activity Guidance for Critical Infrastructure Owners and Operators” and “Safe Handling Considerations for Downed Unmanned Aircraft Systems.” 5 - Malware infections jump almost 40% in Q3Malware infection reports spiked 38% from the second to the third quarter of 2025, according to data from CIS’ Multi-State Information Sharing and Analysis Center (MS-ISAC) monitoring services.SocGholish, which attackers use in fake software-update attacks, once again ranked as the most prevalent malware variant, a spot it has held for the past two years.SocGholish’s prevalence reflects the popularity of fake software-update attacks among hackers. These attacks attempt to trick unsuspecting users into downloading a software update that appears legit. Of course, the “update” infects victims’ devices with malware.Following SocGholish is CoinMiner, a cryptocurrency miner that spreads via Windows Management Instrumentation (WMI), and Agent Tesla, a remote access trojan (RAT) known for harvesting credentials and capturing keystrokes.Notably, Q3 2025 saw the return of the Gh0st, Lumma Stealer, and TeleGrab variants, and the debut of Jinupd. According to CIS, Lumma Stealer’s reappearance is significant as it follows a previous law enforcement takedown of its "malware as a service" (MaaS) infrastructure for targeting banking data and personal information. Jinupd, the newcomer, is a point-of-sale (POS) infostealer that scrapes credit card data from memory, often disguising itself as a Java updater.The report tracks three primary infection vectors: Dropped (delivered by other malware), Malspam (malicious emails), and Malvertisement (malicious ads). However, "Multiple" was the leading infection vector category for this quarter. Here’s Q3’s malware hit parade:SocGholish, a downloader distributed through malicious websites that tricks users into downloading it by offering fake software updatesCoinMiner, a cryptocurrency miner that spreads using Windows Management Instrumentation (WMI)Agent Tesla, a RAT that captures credentials, keystrokes and screenshotsTeleGrab, an infostealer that targets Telegram, swiping cache and key files, hijacking chat sessions, and stealing contacts and chat historyZPHP, a RAT that captures credentials, keystrokes and screenshotsVenomRAT, an open-source malware whose features include keylogging, data exfiltration and screen capturingGh0st, a RAT designed to control infected endpoint devicesNanoCore, a RAT that spreads via malspam as a malicious Excel spreadsheetLumma Stealer, an infostealer used to swipe personal information, credentials, cookies and banking informationJinupd, a point-of-sales infostealer that steals credit card information by scraping memory from payment-processing applicationsTo get more information, check out the CIS blog “Top 10 Malware Q3 2025,” where you’ll find more details, context and indicators of compromise for each malware strain.For details on fake software-update attacks:“The Fake Browser Update Scam Gets a Makeover” (Krebs on Security)“Watch Out: Attackers Are Hiding Malware in 'Browser Updates'” (Dark Reading)“Hackers Use Fake Browser Updates for AMOS Malware Attacks Targeting Mac Users” (MSSP Alert)“Malware crooks find an in with fake browser updates, in case real ones weren't bad enough” (The Register)“Hackers have been spreading malware via fake Chrome updates” (TechRadar)
Analysis Summary
# Main Topic
Global crackdown on "bulletproof" hosting providers (BPH) used by cybercriminals, combined with new guidance on assessing autonomous AI risks, configuration best practices, and trends in Q3 2025 malware infections.
## Key Points
- **Bulletproof Hosting (BPH) Degradation:** International cyber agencies from Australia, Canada, the Netherlands, New Zealand, the U.K., and the U.S. issued a joint advisory urging ISPs and network defenders to actively degrade BPH infrastructure.
- **BPH Risk:** BPHs shield criminals, enabling ransomware, data extortion, malware delivery, and phishing against critical infrastructure and high-value targets, often using techniques like fast flux for obfuscation.
- **New AI Risk Framework:** The Cloud Security Alliance (CSA) introduced the Capabilities-Based Risk Assessment (CBRA) to quantify risks associated with autonomous AI systems based on System Criticality, AI Autonomy, Access Permissions, and Impact Radius.
- **CIS Benchmarks Released:** New and updated CIS Benchmarks were published, including foundational guides for Windows Server 2025 and RHEL 10 distributions (Rocky Linux 10, AlmaLinux OS 10).
- **Drone System Vulnerabilities:** CISA warned that drone detection systems (UAS) themselves can pose cybersecurity risks, including insecure data handling and vulnerabilities in required software/firmware.
- **Malware Spike:** Malware infection reports jumped 38% in Q3 2025 compared to Q2, with fake software-update attacks remaining highly prevalent.
## Threat Actors
- **Sanctioned Entities:** Russia-based BPH company Media Land and its network, along with Hypercore Ltd. (a front for Aeza Group), were jointly sanctioned by Australia, the U.K., and the U.S.
- **Malware Distributors:** Threat actors leveraging SocGholish, CoinMiner, Agent Tesla, and newly resurfaced Lumma Stealer.
## TTPs
- **Bulletproof Hosting Abuse:** BPHs intentionally ignore legal processes and law enforcement requests; they often lease or resell infrastructure from legitimate providers, embedding criminal infrastructure within legitimate networks.
- **Obfuscation:** Use of techniques like fast flux to mask the identity and location of perpetrators utilizing BPHs.
- **Fake Software Updates:** An ongoing, popular attack vector used to distribute malware like SocGholish.
- **Data Theft (Agent Tesla/Lumma/TeleGrab):** Credential harvesting, keystroke logging, and stealing session history/chat data.
- **Point-of-Sale Siphoning (Jinupd):** Scraping credit card data directly from memory in payment-processing applications.
- **Infection Vectors:** "Multiple" was the leading infection vector category in Q3, followed by Dropped, Malspam, and Malvertisement.
## Affected Systems
- **Infrastructure:** Critical infrastructure and financial institutions targeted by actors hiding behind BPHs; legitimate ISPs and cloud providers may be unknowingly affected.
- **Software/OS (CIS Benchmarks focus):** Windows Server 2025, Red Hat Enterprise Linux 10, Rocky Linux 10, AlmaLinux OS 10, Oracle MySQL 8.0, Microsoft Azure, Google Android, Microsoft Edge, IBM Db2 11.
- **Malware Targets:** Endpoint devices (RATs), banking data, personal information/cookies (Lumma Stealer), Telegram accounts (TeleGrab), and Point-of-Sale systems (Jinupd).
- **New Technology:** Unmanned Aircraft Systems (UAS) detection technology itself is a potential vector if improperly secured.
## Mitigations
- **For BPH Counteraction (ISPs/Defenders):**
- Conduct rigorous traffic analysis.
- Curate and automate reviews of "high confidence" malicious resource lists.
- Establish robust standards for ISP accountability.
- Proactively create filtering tools.
- Maintain transparent communication regarding malicious resource lists.
- Goal: Degrade BPH effectiveness until criminal customers move to legitimate providers.
- **For Agentic AI:** Implement the CSA's CBRA framework to align governance investments with actual risk exposure derived from System Criticality, Autonomy, Access Permissions, and Impact Radius.
- **For Configuration Hardening:** Apply the newly released CIS Benchmarks for current operating systems (Windows Server 2025, RHEL 10 variants) and software products.
- **For Drone Defense:**
- Inquire with UAS detection vendors about their cybersecurity posture.
- Request Software Bill of Materials (SBOM) and Hardware Bill of Materials (HBOM).
- Address physical access and tampering risks.
- Clarify data collection, storage, and access policies.
## Conclusion
The immediate threat landscape demands coordinated action against resilient criminal infrastructure facilitated by BPHs, requiring infrastructure partners (ISPs) to actively disrupt these "safe havens." Concurrently, organizations must rapidly adapt governance models (using frameworks like CSA CBRA) for emerging technologies like autonomous AI, while maintaining baseline security hygiene evidenced by the 38% surge in malware infections, particularly those distributed via social engineering like fake updates.