#062 - Cyber AI Chronicle - How AI Agents Are Redefining Identity Attacks

PRESENTED BY

Cyber AI Chronicle

By Simon Ganiere · 30^th March 2025

Welcome back!

Project Overwatch is a cutting-edge newsletter at the intersection of cybersecurity, AI, technology, and resilience, designed to navigate the complexities of our rapidly evolving digital landscape. It delivers insightful analysis and actionable intelligence, empowering you to stay ahead in a world where staying informed is not just an option, but a necessity.

Table of Contents

• What I learned this week

  • TL;DR

• How AI Agents Are Redefining Identity Attacks

  • Critical Vulnerability Points

  • Defensive Strategies That Work

  • Your Next Move: Authentication Audit

  • Conclusion

• Worth a full read

  • Google - Cloud CISO Perspective: 5 tips for secure …

    • Key Takeaways

  • Tracing the thoughts of a large language model

    • Key Takeaways

  • Why hasn’t AI taken your job yet?

    • Key Takeaways

• Wisdom of the week

• Contact

What I learned this week

TL;DR

• The cybersecurity landscape is undergoing a profound transformation as AI-driven computer-using agents (CUAs) revolutionize identity-based attacks in multi-SaaS environments. These autonomous entities can mimic human behavior with uncanny precision, automate entire attack sequences, and orchestrate sophisticated campaigns across numerous cloud platforms simultaneously. In 2024, as stolen passwords became the catalyst for 80% of web app breaches, this convergence of widely available credentials and increasingly capable AI agents has created a perfect storm that traditional security measures are ill-equipped to handle. Organizations must urgently adopt AI-powered defenses, implement zero-trust architectures, and gain comprehensive visibility across their SaaS ecosystem to counter this rising threat. » READ MORE

• Even top officials aren't immune to operational security slip-ups: the "Signalgate" debacle saw senior U.S. leaders inadvertently sharing classified military plans with a journalist via the encrypted app Signal. As Costin Raiu mentioned on the Three Buddy Problem podcast, looks like someone discovered the risk of BYOD 😆 

• AI innovation is continuing at high speed with a mix of bigger, more powerful models (e.g., Gemini 2.5, DeepSeek V3-0324) and enhancements to existing systems. Multimodality—combining text, images, audio, and video—is a clear focus, as seen with OpenAI 4o Image Generation and OpenAI 4o Image Generation.

• The cyber threat landscape is equally busy with all of the usual activities (e.g. third-party breach, supply chain, double extortion, etc.) across multiple industries. It looks like Oracle is having a particularly difficult week with the claim about the Oracle Cloud breach - which Oracle hasn’t confirmed yet but customers have validated some of the data - and the Oracle Health breach.