https://qrator.net/blog/details/2025-DDoS-bad-bots-and-BGP-incidents-statistics-and-overview/

Отчет qrator за 2025. Ключевые выводы:
"In 2025, DDoS attacks most frequently targeted the FinTech (26.6%), E-commerce (21.3%), Information and communication technology (13.4%), and Media (11.6%) segments. Together, these four segments accounted for nearly 75% of all recorded attacks.

At the microsegment level, the most frequently targeted sectors in 2025 were Payment systems (11.7%), Food retail (11.3%), Media, TV, radio, and bloggers (10.0%), Banks (7.7%), and Digital education (6.7%).

In December, we recorded two of the most intensive L3-L4 DDoS attacks of 2025. Both incidents targeted the Betting shops microsegment, with peak traffic rates reaching 3.06 Tbps and 3.51 Tbps — roughly three times higher than the 2024 record (1.14 Tbps).

The longest DDoS attack of 2025 lasted 119.2 hours, or nearly five days. For comparison, the 2024 record stood at 19 days (463.9 hours).

In 2025, we detected the largest DDoS botnet ever observed. Over the course of the year, it expanded from 1.33 million to 5.76 million infected devices, primarily located in Brazil, Vietnam, the United States, India, and Argentina.
The largest sources of L7 DDoS attacks in 2025 were Russia (16.82%), Brazil (15.92%), and the United States (11.99%). Compared to 2024, the most notable growth was observed in Brazil, Vietnam, and Argentina.

In our view, the emergence of DDoS botnets of this scale and the growing share of developing countries among sources of L7 DDoS attacks are driven by the rapid increase in vulnerable devices connected to high-speed Internet, as well as the active use of AI-based tools by attackers.

In 2025, the number of blocked bad bot requests increased by 30% year over year, averaging 2.2 billion requests per month.
The average “bot index” over the last nine months of 2025 was 2.1%.

The largest bad bot attack of 2025 lasted for approximately one month, during which more than 3.3 billion bot requests were blocked.

In 2025, the number of unique ASes responsible for route leaks remained at the same level as the year before. At the same time, the number of ASes involved in BGP hijacks decreased by 17% compared to 2024.

The number of global route leaks in 2025 was 37% lower than in 2024, while the number of global BGP hijacks remained exactly the same as in the previous year."

Альтернативный маркетплейс расширений для среды разработки Visual Studio OpenVSX запланировал введение ряда функций безопасности.

За последние несколько месяцев на маркетплейсе было зарегистрировано около сотни вредоносных расширений, включая впо типа червь.

https://blogs.eclipse.org/post/christopher-guindon/strengthening-supply-chain-security-open-vsx

Пользователи Firefox смогут в одном месте отключить весь функционал ИИ в браузере начиная с версии 148.
Почему это важно? Все риски, например промт инъекций, функционала ИИ связанного с анализом контента до конца оценены.

Более того ряд экспертов и организации типа Gartner рекомендуют по умолчанию отключать функционал ИИ в браузере.
https://blog.mozilla.org/en/firefox/ai-controls/

Тренды AI-безопасности к 2026 году

На основе обновлённой Responsible Scaling Policy (RSP) от Anthropic и AI Safety Report 2026 - того, как индустрия уже сейчас выстраивает AI-security 👇

1️⃣ AI Safety Levels (ASL) - безопасность пропорционально возможностям
Модели делятся на уровни - от ASL-1 до ASL-3+
Чем мощнее модель, тем строже меры:
• защита весов
• внутренние контроли
• многоуровневый мониторинг
• протоколы быстрого реагирования
Сейчас большинство систем - ASL-2, но движение к ASL-3 уже началось.

2️⃣ Многоуровневый мониторинг и anti-abuse
• real-time и асинхронный мониторинг
• red teaming перед деплоем
• поиск не только багов, но и сценариев злоупотреблений

3️⃣ Управление рисками мощных AI-систем
Речь уже не только про «взлом», но и про:
• дезинформацию
• манипуляции
• утечки данных
• нарушение приватности
AI-security = tech + social risks.

4️⃣ AI-безопасность как часть AppSec
Появляется AI-аналог OWASP!
• защита от prompt injection
• Secure AI Model Ops
• Zero Trust для моделей и данных
• контроль доступа к inference и training pipeline

5️⃣ Responsible scaling и внешняя экспертиза
Компании всё чаще привлекают внешних исследователей и сообщества для оценки рисков - безопасность перестаёт быть закрытой «внутренней темой».

Все!
😱🤯😳

Неплохие советы по старту пилота ИИ в финсекторе от PCI SSC

https://blog.pcisecuritystandards.org/the-ai-exchange-innovators-in-payment-security-featuring-soft-space
:
"What advice would you provide for an organization just starting their journey into using AI?

Always start with experiments and keep it simple:

Start with one clear, meaningful use case.

Identify internal champions to drive adoption responsibly.

Establish guardrails early. Do not reinvent the view – instead refer to existing publications such as ISO 38507, ISO 42001 and other related guidance.

Frame AI as augmentation, not replacement.

Explicitly maintain human verification checkpoints."

The Domains of AI Security - https://cscrdr.cloudapps.cisco.com/cscrdr/security/center/files/cisco-domains-of-ai-security.pdf

AI is deeply embedded in enterprise operations. As a result, the intersection of “AI” and “security” has become increasingly complex and often confusing. Organizations often struggle to communicate effectively about AI security because the same terms are used to describe fundamentally different domains and security objectives.

This paper proposes a practical, standardized taxonomy that disambiguates the distinct domains where AI and security intersect, providing clear definitions and categories to enable more precise and consistent communication among stakeholders, vendors, regulators, and practitioners

This taxonomy is intended as a starting point for industry dialogue. Organizations are encouraged to adapt and extend it to their specific contexts while preserving the core distinctions between domains.

https://blogs.windows.com/windows-insider/2026/02/03/announcing-windows-11-insider-preview-build-26220-7752-beta-channel/
Sysmon включили в состав Windows 11, пока только в версии insider preview.
По умолчанию sysmon отключен.

Краткая выжимка исследования Microsoft по обнаружению закладок в моделях ИИ.

Неочевидный результат рисеча - промтингом вытащить вредносные данные проще , чем изначальные правильные данные.
Бэкдоры срабатывают даже на вариации изначально внедренного триггера бэкдора, достаточно 1 оригинального токена.
https://www.microsoft.com/en-us/security/blog/2026/02/04/detecting-backdoored-language-models-at-scale/

Вот полная статья
https://arxiv.org/pdf/2602.03085