Welcome to this week’s edition of the Threat Source newsletter. 

Ever heard the phrase in this week’s title? 

For our non-British readers, here’s the quick version: Every year on November 5, people across the U.K. gather for bonfires, sparklers, fireworks, and attempting to literally handle a hot potato. I used to love these outings as a kid, but now, as a pet owner, I tend to stay in and try to calm the poor, scared creature during the fireworks.

Anyway, Bonfire Night is all about marking the evening when the Houses of Parliament didn’t get blown to pieces with gunpowder. 

The Gunpowder Plot was the work of a group of conspirators who planned to assassinate King James I by detonating explosives beneath the House of Lords during the State Opening of Parliament on Tuesday, Nov. 5, 1605. They rented a vault in the cellars below the building, packed it with 36 barrels of gunpowder, and designated a fellow named Guy Fawkes to light the fuse. 

Unbeknownst to the conspirators, an anonymous warning (the “Monteagle Letter”) was sent to one nobleman (who was due to attend the State Opening of Parliament), suggesting he come up with some sort of excuse to miss it: 

“My lord, out of the love I bear to some of your friends, I have a care of your preservation. I would advise you, as you tender your life, to devise some excuse to shift your attendance at this Parliament; for God and man hath concurred to punish the wickedness of this time. 

…for though there be no appearance of any stir, yet I say they shall receive a terrible blow this Parliament; and yet they shall not see who hurts them.” 

Taking the warning seriously, the message was passed up the chain to Robert Cecil, the King’s chief minister, and the authorities ordered a search. Sir Thomas Knyvet, a Justice of the Peace, led a team to check the cellarsbeneath the House of Lords. There they found Fawkes guarding the barrels, carrying a lantern and some slow matches. He was arrested on the spot. 

Several of Fawkes’ co-conspirators were killed while fleeing; the rest were captured, tried, and condemned. Fawkes himself was sentenced to be hanged, drawn, and quartered — though he died instantly after leaping from the scaffold and breaking his neck. 

To this day, November 5th events across the UK include the burning of an effigy of Guy Fawkes in the middle of the bonfire. It’s always struck me as a very odd national tradition. But then again, we are a country of strange customs… such as when we chase a wheel of cheese down a near-vertical hill. 

Centuries later, Fawkes’ face was stylised into a white mask with a sly grin for the graphic novel V for Vendetta. The mask became shorthand for protest and, eventually, for hacktivism. The man who didn’t light the fuse became the symbol for people trying to spark something. And that, Alanis, is ironic. 

For the Gunpowder Plot, it was the act of someone doing the Jacobean equivalent of “better check that out,” based on some received threat intelligence. It’s a similar gut impulse that still saves many a day in modern cybersecurity settings: the analyst who follows a hunch, the responder who looks twice at a legitimate tool behaving oddly… 

By the way, if you haven’t yet, do check out our latest Cisco Talos Incident Response report. It’s such a helpful tool for analysts whose days revolve around spotting suspicious behaviour.  

For example, this quarter we saw an internal phishing campaign that was launched from compromised O365 accounts, where attackers “modified the email-management rules to hide the sent phishing emails and any replies.” As Craig pointed out in the most recent episode of The Talos Threat Perspective, he often asks his customers, “Can you effectively identify malicious inbox rules across your environment — not just for a single user’s mailbox, and not just for the last 90 days?” 

So yes, while I think it’s still a bit odd that “Remember, remember the fifth of November” commemorates a disaster that never happened, most analysts I know would drink to that.

The one big thing 

Two Tool Talks in a row? Christmas came early. 

With the latest article, Cisco Talos’ Martin Lee explores how to empower autonomous AI agents with cybersecurity know-how, enabling them to make informed decisions about internet safety, such as evaluating the trustworthiness of domains. He demonstrates a proof-of-concept using LangChain and OpenAI, connected to the Cisco Umbrella API, so that AI agents can access real-time threat intelligence and make smarter security choices. 

Why do I care? 

As AI agents become more autonomous and interact with the internet on your behalf, their ability to distinguish safe from unsafe sites directly impacts your digital security. Equipping AI with real-time threat intelligence means fewer mistakes and better protection for your data and devices in an evolving threat landscape. 

So now what? 

If you work with or develop AI systems, consider incorporating real-time threat intelligence APIs like Cisco Umbrella to enhance your agents’ decision-making. As this technology evolves, staying informed and adapting these best practices will help ensure both your users and AI agents make safer choices online.

Top security headlines of the week 

CISA: High-severity Linux flaw now exploited by ransomware gangs 
Potential impact includes system takeover once root access is gained (allowing attackers to disable defenses, modify files, or install malware), lateral movement through the network, and data theft. (Bleeping Computer) 

Phone location data of top EU officials for sale, report finds 
Journalists in Europe found it was “easy” to spy on top European Union officials using commercially obtained location histories sold by data brokers, despite the continent having some of the strongest data protection laws in the world. (TechCrunch) 

Poland hit by another major cyberattack 
Polish authorities are investigating a large-scale cyberattack that compromised personal data belonging to clients of SuperGrosz, an online loan platform, Deputy Prime Minister and Minister for Digital Affairs Krzysztof Gawkowski confirmed. (Polskie Radio) 

Conduent admits its data breach may have affected around 10 million people 
The breach lasted nearly three months. Conduent is a major government contractor and works with more than 600 government entities globally, including those on state, local, and federal levels, and a majority ofFortune 100 companies. (Tech Radar) 

The password for the Louvre’s video surveillance system was “Louvre”
Experts have been raising concerns about the museum’s security for more than a decade. In 2014, the museum’s video surveillance server password was “LOUVRE,” while a software program provided by the company Thales was secured with a password “THALES.” (Cybernews)

Can’t get enough Talos? 

Tales from the Frontlines 
On Wednesday, Nov. 12, hear Talos IR share candid stories of critical incidents last quarter, how we handled them, and what they mean for your organization. Registration is required. 

Harnessing threat intel in Hybrid Mesh Firewall 
Join us on Thursday, Nov. 13 to learn how Talos combines expert human research with advanced AI/ML to detect and stop emerging threats. 

Dynamic binary instrumentation (DBI) with DynamoRio 
This blog introduces DBI and guides you through building your own DBI tool with the open-source DynamoRIO framework on Windows 11.

Upcoming events where you can find Talos 

• DeepSec IDSC (Nov. 18 – 21) Vienna, Austria 
• AVAR (Dec. 3 – 5) Kuala Lumpur, Malaysia

Most prevalent malware files from Talos telemetry over the past week 

SHA256: 9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507  
MD5: 2915b3f8b703eb744fc54c81f4a9c67f  
Talos Rep: https://talosintelligence.com/talos_file_reputation?s=9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507  
Example Filename: e74d9994a37b2b4c693a76a580c3e8fe_1_Exe.exe  
Detection Name: Win.Worm.Coinminer::1201 

SHA256: 41f14d86bcaf8e949160ee2731802523e0c76fea87adf00ee7fe9567c3cec610  
MD5: 85bbddc502f7b10871621fd460243fbc  
Talos Rep: https://talosintelligence.com/talos_file_reputation?s=41f14d86bcaf8e949160ee2731802523e0c76fea87adf00ee7fe9567c3cec610  
Example Filename: 85bbddc502f7b10871621fd460243fbc.exe  
Detection Name: W32.41F14D86BC-100.SBX.TG 

SHA256: 96fa6a7714670823c83099ea01d24d6d3ae8fef027f01a4ddac14f123b1c9974 
MD5: aac3165ece2959f39ff98334618d10d9  
Talos Rep: https://talosintelligence.com/talos_file_reputation?s=96fa6a7714670823c83099ea01d24d6d3ae8fef027f01a4ddac14f123b1c9974  
Example Filename: 96fa6a7714670823c83099ea01d24d6d3ae8fef027f01a4ddac14f123b1c9974.exe  
Detection Name: W32.Injector:Gen.21ie.1201 

SHA256: a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91  
MD5: 7bdbd180c081fa63ca94f9c22c457376  
Talos Rep: https://talosintelligence.com/talos_file_reputation?s=a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91  
Example Filename: e74d9994a37b2b4c693a76a580c3e8fe_3_Exe.exe  
Detection Name: Win.Dropper.Miner::95.sbx.tg 

SHA256: d933ec4aaf7cfe2f459d64ea4af346e69177e150df1cd23aad1904f5fd41f44a  
MD5: 1f7e01a3355b52cbc92c908a61abf643  
Talos Rep: https://talosintelligence.com/talos_file_reputation?s=d933ec4aaf7cfe2f459d64ea4af346e69177e150df1cd23aad1904f5fd41f44a  
Example Filename: cleanup.bat  
Detection Name: W32.D933EC4AAF-90.SBX.TG 

Cisco Talos Blog – ​Read More

• This blog explores how to equip autonomous AI agents with cybersecurity knowledge, enabling them to make informed decisions about internet safety, such as identifying trustworthy links and websites.
• It demonstrates a proof of concept using LangChain and OpenAI, integrated with the Cisco Umbrella API, to provide AI agents with real-time threat intelligence for evaluating domain dispositions.
• By learning to assess the safety of domains, AI agents can develop better cyber hygiene, making more intelligent decisions rather than simply being restricted by security gateways, which is crucial for the next generation of autonomous AI systems.

In the late 1960s, the science fiction author Philip K. Dick wrote “Do Androids Dream of Electric Sheep,” which, among other themes, explored the traits that distinguish humans from autonomous robots. As advances in generative AI allow us to create autonomous agents that are able to reason and act on humans’ behalf, we must consider the human traits and knowledge that we must equip agentic AI with to allow them to act autonomously, reasonably, and safely. 

One skill we need to impart on our AI agents is the ability to stay safe when navigating the internet. If agentic AI systems are interacting with websites and APIs in the same way as a human internet user, they need to be aware that not all websites or public APIs are trustworthy, and nor is user supplied input. Therefore, we must empower our AI agents with the ability to make appropriate cyber hygiene decisions. In an agentic world, it is for the autonomous agent to decide if it is safe and appropriate to “click the link.” 

The threat landscape is constantly shifting, so there are no hard and fast rules that we can teach AI systems about what is a safe link and what is not. AI agents must verify the disposition of links in real time to determine if something is malicious. 

There are many emerging approaches to building AI workflow systems that can integrate multiple sources of information to allow an AI agent to come to a decision about an appropriate course of action. In this blog, I show how it is possible to use one of these frameworks, LangChain, with OpenAI to enable an AI agent to access real-time threat intelligence via the Cisco Umbrella API. 

Prerequisites 

To implement this example you will need API keys for Cisco Umbrella and a paid OpenAI account. 

1. Obtain a new API key from OpenAI account with available credit. The key will not work if you have a free, unfunded account. 
2. Obtain a Cisco Umbrella API Key and Secret by following these steps. Be sure the check the “Investigate” box for the Key Scope. 
3. Save your keys as shell environment variables named “OPENAI_API_KEY”, “UMBRELLA_KEY” and “UMBRELLA_SECRET” (e.g., export  UMBRELLA_KEY=”nnnnnnnnnnnnnnnnnn”).

Code 

Follow along with the full sample code, which can be found in Talos’ GitHub repository. 

First, we need to describe the tool to the AI agent.

Then we include the newly described tool in the list of available tools.

Next, we create the large language model (LLM) instance that we will use. This example uses GPT-3.5-Turbo from OpenAI, but other LLM models are supported.

Now, let’s give instructions to the LLM, describing what the LLM should do using natural language structured in a Question, Thought, Action, Observation format. 

Create the agent and the executor instance that we will interact with.

As part of querying the Umbrella API, we must obtain a session token to pass to the Umbrella API with our request. This is obtained from an authentication call using our API key and secret.

Next, let’s define the tool that we have described to the AI system. It accepts input text as a parameter and checks for the presence of any domains. If any are found, the disposition of each one is checked.

The key functionality within the above code is “getDomainDisposition” which passes the domain to the Umbrella API to retrieve the disposition and categorization information about the domain.

We can now pass input text to “agent_executor” to discover the agent’s opinion.

This gives the response:

“Agent Response: www.cisco.com is safe to browse.”

Reassuringly, the agent reports that “cisco.com” is safe to connect to. If necessary, we can output the domain disposition report to see the logic by which the system arrives at this conclusion:

“This contains a URL. Considering www.cisco.com. The domain www.cisco.com has a positive disposition. The domain www.cisco.com is classified as: Computers and Internet, Software/Technology. Known malicious domains are never safe, domains with positive disposition are usually safe. A domain with an unknown disposition might be safe if it is categorized.”

Let’s try a different domain which is known to be malicious.

“Agent Response: do not connect”

When provided with a known malicious domain, the system identifies that the domain has a negative disposition and concludes that this is not a domain which is safe for connection. 

Now let’s try input text with two domains.

“Agent Response: www.umbrella.com is safe to connect to. test.example.com has an unknown disposition, so it is uncertain if it is safe to connect to.”

The system is able to provide separate advice for each domain when supplied with input containing a domain with a positive disposition and one with an unknown disposition. 

Finally, let’s see what happens when we pose an unrelated question without any domains.

“Agent Response: no opinion” 

Examining the logic shows that the system made the correct decision not to attempt to answer the question. 

“No URLs found. Since no internet domains were found in the user input, I have no information to assess the safety of any websites.“

Discussion 

This is very much proof-of-concept code, but it does show how we can integrate APIs offering real-time authoritative facts, such as the security disposition of domains from Umbrella, into the decision making process of AI agents. 

There are other approaches that we can use to arrive at the same result. We could put the AI agent behind a web security gateway or require the agent to use Umbrella DNS, which would enforce the restriction not to connect to malicious sites. However, to do so removes the ability for the AI agent to learn how to make sense of potentially conflicting information and to make good decisions. 

The current generation of LLM-based generative AI systems is only the beginning of the forthcoming advances in autonomous agentic AI. As part of building this next generation of AI systems, we need to ensure that they not only make good decisions, but understand cyber hygiene and have access to real-time threat intelligence on which to base their decision-making. 

Cisco Talos Blog – ​Read More

The year is 2024. A team of scientists from both the University of California San Diego and the University of Maryland, College Park, discovers an unimaginable danger looming over the world — its source hiding in space. They start sounding the alarm, but most people simply ignore them…

No, this isn’t the plot of the Netflix hit movie Don’t Look Up. This is the sudden reality in which we find ourselves following the publication of a study confirming that corporate VoIP conversations, military operation data, Mexican police records, private text messages and calls from mobile subscribers in both the U.S. and Mexico, and dozens of other types of confidential data are being broadcast unencrypted via satellites for thousands of miles. And to intercept it, all you need is equipment costing less than US$800: a simple satellite-TV receiver kit.

Today, we explore what might have caused this negligence, if it’s truly as easy to extract the data from the stream as described in a Wired article, why some data operators ignored the study and took no action, and, finally, what we can do to ensure our own data doesn’t end up on these vulnerable channels.

What happened?

Six researchers set up a standard geostationary satellite-TV antenna — the kind you can buy from any satellite provider or electronics store — on the university roof in the coastal La Jolla area of San Diego, Southern California. The researchers’ no-frills rig set them back a total of US$750: $185 for the satellite dish and receiver, $140 for the mounting hardware, $195 for the motorized actuator to rotate the antenna, and $230 for a TBS5927 USB-enabled TV tuner. It’s worth noting that in many other parts of the world, this entire kit likely would have cost them much less.

What distinguished this kit from the typical satellite-TV antenna likely installed outside your own window or on your roof was the motorized dish actuator. This mechanism allowed them to reposition the antenna to receive signals from various satellites within their line of sight. Geostationary satellites, used for television and communications, orbit above the equator and move at the same angular velocity as the Earth. This ensures they remain stationary relative to the Earth’s surface. Normally, once you point your antenna at your chosen communication satellite, you don’t need to move it again. However, the motorized drive allowed the researchers to quickly redirect the antenna from one satellite to another.

Every geostationary satellite is equipped with numerous data transponders used by a variety of telecom operators. From their vantage point, the scientists managed to capture signals from 411 transponders across 39 geostationary satellites, successfully obtaining IP traffic from 14.3% of all Ku-band transponders worldwide.

The researchers were able to use their simple US$750 rig to examine traffic from nearly 15% of all active satellite transponders worldwide. Source

The team first developed a proprietary method for precise antenna self-alignment, which significantly improved signal quality. Between August 16 and August 23, 2024, they performed an initial scan of all 39 visible satellites. They recorded signals lasting three to ten minutes from every accessible transponder. After compiling this initial data set, the scientists continued with periodic selective satellite scans and lengthy, targeted recordings from specific satellites for deeper analysis — ultimately collecting a total of more than 3.7TB of raw data.

The researchers wrote code to parse data transfer protocols and reconstruct network packets from the raw captures of satellite transmissions. Month after month, they meticulously analyzed the intercepted traffic, growing increasingly concerned with each passing day. They found that half (!) of the confidential traffic broadcast from these satellites was completely unencrypted. Considering that there are thousands of transponders in geostationary orbit, and the signal from each one can, under favorable conditions, be received across an area covering up to 40% of the Earth’s surface, this story is genuinely alarming.

Pictured at the University of San Diego roof setup, from left to right: Annie Dai, Aaron Schulman, Keegan Ryan, Nadia Heninger, and Morty Zhang. Not pictured: Dave Levin. Source

What data was broadcast with open access?

The geostationary satellites were found to be broadcasting an immense and varied amount of highly sensitive data completely unencrypted. The intercepted traffic included:

• Calls, SMS messages, and internet traffic from end-users; equipment identifiers and cellular encryption keys belonging to various operators, including T-Mobile and AT&T Mexico
• Internet data for users of in-flight Wi-Fi systems installed on commercial passenger aircraft
• Voice traffic from several major VoIP providers, including KPU Telecommunications, Telmex, and WiBo
• Government, law enforcement and military traffic: data originating from U.S. military ships; real-time geolocation and telemetry data from Mexican Armed Forces air, sea and ground assets; and information from Mexican law enforcement agencies — including data on drug trafficking operations and public assemblies
• Corporate data: internal traffic from major financial organizations and banks like Grupo Santander Mexico, Banjército, and Banorte
• Internal traffic from Walmart-Mexico, including details on warehouse inventory and price updates
• Messages from key U.S. and Mexican infrastructure facilities like oil and gas rigs and electricity providers

While most of this data seems to have been left unencrypted due to sheer negligence or a desire to cut costs (which we’ll discuss later), the presence of cellular data in the satellite network has a slightly more intriguing origin. This issue stems from what is known as backhaul traffic — used to connect remote cell towers. Many towers located in hard-to-reach areas communicate with the main cellular network via satellites: the tower beams a signal up to the satellite, and the satellite relays it back to the tower. Crucially, the unencrypted traffic the researchers intercepted was the data being transmitted from the satellite back down to the remote cell tower. This provided them access to things like SMS messages and portions of voice traffic flowing through that link.

Data operators’ response to the researchers’ messages

It’s time for our second reference to the modern classic by Adam McKay. The movie Don’t Look Up is a satirical commentary on our reality — where even an impending comet collision and total annihilation cannot convince people to take the situation seriously. Unfortunately, the reaction of critical infrastructure operators to the scientists’ warnings proved to be strikingly similar to the movie plot.

Starting in December 2024, the researchers began notifying the companies whose unencrypted traffic they’d successfully intercepted and identified. To gauge the effectiveness of these warnings, the team conducted a follow-up scan of the satellites in February 2025 and compared the results. They found that far from all operators took any action to fix the issues. Therefore, after waiting nearly a year, the scientists decided to publicly release their study in October 2025 — detailing both the interception procedure and the operators’ disappointing response.

The researchers stated that they were only publishing information about the affected systems after the problem had been fixed or after the standard 90-day waiting period for disclosure had expired. For some systems, an information disclosure embargo was still in effect at the time of the study’s publication, so the scientists plan to update their materials as clearance allows.

Among those who failed to address the notifications were: the operators of unnamed critical infrastructure facilities, the U.S. Armed Forces, Mexican military and law enforcement agencies, as well as Banorte, Telmex, and Banjército.

When questioned by Wired about the incident, in-flight Wi-Fi providers responded vaguely. A spokesperson for Panasonic Avionics Corporation said the company welcomed the findings by the researchers, but claimed they’d found that several statements attributed to them were either inaccurate or misrepresented the company’s position. The spokesperson didn’t specify what exactly it was that the company considered inaccurate. “Our satellite communications systems are designed so that every user-data session follows established security protocols,” the spokesperson said. Meanwhile, a spokesperson for SES (the parent company of Intelsat) completely shifted responsibility onto the users, saying, “Generally, our users choose the encryption that they apply to their communications to suit their specific application or need,” effectively equating using in-flight Wi-Fi with connecting to a public hotspot in a café or hotel.

The SES spokesperson’s response to Wired, along with a comment by Matthew Green, an associate professor of computer science at Johns Hopkins University in Baltimore. Source

Fortunately, there were also many appropriate responses, primarily within the telecommunications sector. T-Mobile encrypted its traffic within just a few weeks of being notified by the researchers. AT&T Mexico also reacted immediately, fixing the vulnerability and stating it was caused by a misconfiguration of some towers by a satellite provider in Mexico. Walmart-Mexico, Grupo Santander Mexico, and KPU Telecommunications all approached the security issue diligently and conscientiously.

Why was the data unencrypted?

According to the researchers, data operators have a variety of reasons — ranging from technical to financial — for avoiding encryption.

• Utilizing encryption can lead to a 20–30% loss in transponder bandwidth capacity.
• Encryption requires increased power consumption, which is critical for remote terminals, such as those running on solar batteries.
• For certain types of traffic, such as VoIP for emergency services, the lack of encryption is a deliberate measure taken to increase fault tolerance and reliability in critical situations.
• Network providers claimed that enabling encryption made it impossible to troubleshoot certain existing network problems within their current infrastructure. The providers did not elaborate on the specifics of that claim.
• Enabling link-layer encryption may require additional licensing fees for using cryptography in terminals and hubs.

Why did some vendors and agencies fail to react?

It’s highly likely they simply did not know how to respond. It’s difficult to believe that such a massive vulnerability could remain unnoticed for decades, so it’s possible the problem was intentionally left unaddressed. The researchers note that no single, unified entity is responsible for overseeing data encryption on geostationary satellites. Each time they discovered confidential information in their intercepted data, they had to expend considerable effort to identify the responsible party, establish contact, and disclose the vulnerability.

Some experts are comparing the media impact of this research to the declassified Snowden archives, given that the interception techniques used could be deployed for worldwide traffic monitoring. We can also liken this case to the infamous Jeep hack, which completely upended cybersecurity standards in the automotive industry.

We cannot exclude the possibility that this entire issue stems from simple negligence and wishful thinking — a reliance on the assumption that no one would ever “look up”. Data operators may have treated satellite communication as a trusted, internal network link where encryption was simply not a mandatory standard.

What can we as users do?

For regular users, the recommendations are similar to those we give for using any unsecured public Wi-Fi access point. Unfortunately, while we can encrypt the internet traffic originating from our devices ourselves, the same cannot be done for cellular voice data and SMS messages.

• For any confidential online operations, enable a reliable VPN that includes a kill switch. This ensures that if the VPN connection drops, all your traffic is immediately blocked rather than being routed unencrypted. Use your VPN when making VoIP calls, and especially when using in-flight Wi-Fi or other public access points. If you lean toward the paranoid side, leave your VPN on at all times. An effective and fast solution for your needs could be Kaspersky VPN Secure Connection.
• Utilize 5G networks whenever possible, as they feature higher encryption standards. However, even these can be insecure, so avoid discussing sensitive information via text or standard cellular voice calls.
• Use messaging apps that provide end-to-end encryption for traffic on user devices, such as Signal, WhatsApp, or Threema.
• If you’re using a cellular service in remote locations, minimize SMS chats and voice calls, or use services from operators that integrate encryption at the subscriber equipment level.

What else you need to know about telecommunication security:

• Attacks on 5G networks: the arms race continues
• How to protect yourself from SMS blaster scams
• Chatting offline: an overview of mesh messaging apps
• Messengers 101: safety and privacy advice
• What makes a messaging app secure?

Kaspersky official blog – ​Read More