As anticipated, artificial intelligence (AI) is now being utilised by spammers to create unique messages that do not register as spam.
The tool AkiraBot has been specifically designed to evade CAPTCHAs and post advertisements via web forms and chat boxes.
There have been instances of an AWS attack via EC2 where requests end in /?url=hxxp://169.254.169.254/latest/meta-data/iam/security-credentials.
This IP address is important as it is where Amazon EC2 makes the Instance Metadata Service available, which includes AWS credentials and important information, suggesting a Server Side Request Forgery (SSRF).
SAP Linux images have been found to have vulnerable setuid binaries that can be used for privilege escalation; one example is the binary icmbnd.
Google is attempting to make end-to-end encryption easier by offering Gmail users the option of using symmetric encryption; this, however, does mean that whoever runs the KACL server has the key to decrypt messages.
