Cybersecurity

Black Hat demo reveals risks in hybrid Microsoft environments

Security researcher Dirk-jan Mollema demonstrated methods for bypassing authentication in hybrid Active Directory (AD) and Entra ID environments at the Black Hat conference in Las Vegas. The techniques could let attackers impersonate any synced hybrid user, including privileged accounts, without triggering alerts.

Mollema demonstrated how a low-privilege cloud account can be converted into a hybrid user, granting administrative rights. He also demonstrated ways to modify internal API policies, bypass enforcement controls, and impersonate Exchange mailboxes to access emails, documents, and attachments.

Microsoft has addressed some issues by hardening global administrator security and removing specific API permissions from synchronised accounts. However, a complete fix is expected only in October 2025, when hybrid Exchange and Entra ID services will be separated.

Until then, Microsoft recommends auditing synchronisation servers, using hardware key storage, monitoring unusual API calls, enabling hybrid application splitting, rotating SSO keys, and limiting user permissions.

Experts say hybrid environments remain vulnerable if the weakest link is exploited, making proactive monitoring and least-privilege policies critical to defending against these threats.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Trump’s potential Nvidia deal with China raises national security risks

The US President Donald Trump has shattered decades of US national security precedent by striking a deal with Nvidia and AMD that allows the sale of certain banned AI chips to China, but at a certain price.

In an arrangement without modern parallels, the companies will resume exports of their H20 processors to the Chinese market in exchange for giving the US government a 15% share of related revenues.

The move reopens a channel for sensitive technology sales and introduces a transactional element into what had long been treated as a matter of uncompromising national security.

For decades, Washington’s export controls on strategic technologies were blunt instruments: if a product was deemed too sensitive, no amount of corporate lobbying or lost revenue could override the ban.

Trump’s approach breaks from that tradition, effectively monetising access to restricted technologies. He has even floated the idea of allowing a weakened version of Nvidia’s cutting-edge Blackwell chip to be sold in China, a possibility that has set off alarm bells among national security hawks.

Republican and Democratic lawmakers have condemned the decision, warning it risks transforming US security policy into a ‘pay-for-play’ system.

Representative John Moolenaar, who chairs the House Select Committee on China, argued that export controls should remain a first line of defence against adversaries, not a bargaining chip. His Democratic counterpart, Raja Krishnamoorthi, cautioned that putting a dollar value on national security sends the wrong message to both allies and rivals.

The Trump administration has defended the arrangement by downplaying the risk. Commerce Secretary Howard Lutnick called the H20 Nvidia’s ‘fourth-best’ chip, noting that it is already widely used in China. The administration also framed the move to keep Chinese companies tied to US technology rather than turning to rival suppliers. Yet questions loom over the legality of the revenue-sharing scheme.

Trade experts have raised the possibility that it could be interpreted as an export tax, something the US Constitution prohibits, though details of the agreement remain opaque.

Beyond legal debates, the financial implications are significant. Analysts predict the levy could cut gross margins on China-bound chips by as much as 15 percentage points, trimming overall profitability for Nvidia and AMD.

In turn, this change of course could prompt other US companies selling strategic goods to China, from aerospace to advanced materials, to wonder if they too will face similar revenue-sharing requirements.

For some, it could be a costly burden; for others, it might be the only way to retain access to China’s lucrative market.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

University of Western Australia hit by password breach

The University of Western Australia has ordered a mass password reset for all staff and students after detecting unauthorised access to stored password data.

The incident was contained over the weekend by the university’s IT and security teams, who then moved to recovery and investigation. Australian authorities have been notified.

While no other systems are currently believed to have been compromised, access to UWA services remains locked until credentials are changed.

The university has not confirmed if its central access management system was targeted.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Trump weighs scaled-down Nvidia chip sales to China

President Donald Trump has signalled that he may permit Nvidia to sell a toned-down version of its latest Blackwell AI chip to China, which could substantially shift US tech export policy.

The idea, still under discussion with Nvidia CEO Jensen Huang, would involve reducing the chip’s computing power by 30% to 50%, creating what Trump described as an ‘unenhanced’ model for the Chinese market. While framed as a compromise, critics warn that even these stripped-down chips could fuel Beijing’s AI ambitions.

The announcement follows an unprecedented agreement between the Trump administration, Nvidia, and AMD, under which the US government would collect 15% of revenue from certain AI chip sales to China.

Washington insiders have expressed unease, noting that, with enough scaled-down hardware, China could still build AI supercomputers capable of competing with or surpassing American capabilities.

Saif Khan, a former White House technology adviser, cautioned that the move could accelerate China’s path toward AI dominance, undoing years of strict export controls.

Currently, Nvidia’s most advanced chip approved for sale in China is the H20, built on older Hopper architecture. The H20 was specifically designed to comply with restrictions imposed under President Biden and entered the Chinese market in 2024.

Although shipments were halted earlier this year, the Trump administration recently granted clearance for exports to resume. Trump dismissed the H20 as ‘obsolete’ and claimed China had already mastered it, suggesting the new Blackwell variant would offer a fresh revenue stream while staying within national security boundaries.

Nvidia’s flagship US Blackwell chip, unveiled in March 2024, is up to 30 times faster than its predecessor, making it a significant leap in AI performance. Details about the proposed Chinese variant remain undisclosed, but Reuters previously reported it would come at a lower cost and reduced power.

The US Commerce Department has begun issuing licenses for the H20, with officials insisting these exports do not threaten national security.

For Nvidia and AMD, the deal represents a rare case of direct government revenue-sharing tied to foreign sales, reflecting Trump’s hands-on approach to corporate negotiations. His administration has previously pressured tech executives to prioritise domestic manufacturing and has intervened in leadership appointments.

Nvidia, for its part, has stated it will follow all US export rules, while AMD confirmed receiving approval to ship some AI processors to China without directly addressing the revenue-sharing clause.

Beijing’s reaction so far has been muted. China’s foreign ministry declined to comment on the potential Blackwell deal but has repeatedly accused Washington of using technology controls to ‘maliciously contain and suppress’ Chinese industry.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

US Judiciary confirms cyberattack, moves to reinforce systems

The US Judiciary has confirmed suffering a cyberattack and says it is reinforcing systems to prevent further breaches. In a press release, it described ‘escalated cyberattacks of a sophisticated and persistent nature’ targeting its case management system and sensitive files.

Most documents in the judiciary’s electronic system are public; however, some contain confidential or proprietary information that is sealed from public view. The documents, it warned, are of interest to threat actors, prompting courts to introduce stricter controls on access under monitored conditions.

The Administrative Office of the US Courts is collaborating with Congress, the Department of Justice, the Department of Homeland Security, and other relevant agencies on security measures. No details were given on the exact methods of reinforcement.

The US court system has been a frequent target of cybercrime. Previous incidents include a 2020 federal court breach, a 2024 attack on Washington state courts, and a ransomware strike on the Los Angeles Superior Court in summer 2024.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

AI-powered heist drains $1m from crypto wallets via Firefox add-ons

Hackers have stolen over $1 million in cryptocurrency using AI-generated malicious Firefox extensions disguised as legitimate wallet tools.

The group, known as GreedyBear, created over 150 fake add-ons for platforms like MetaMask and Phantom, bypassing security checks to drain funds from thousands of users. Analysts say AI enabled the attackers to automate coding and deployment at an industrial scale.

The theft comes amid a record-breaking year for crypto crime, with Chainalysis data showing over $2.17 billion stolen so far in 2025. Many incidents exploit smart contract flaws and human error, with access control attacks accounting for the most recent losses.

Security experts warn that AI is now a double-edged sword, helping attackers and defenders. They urge exchanges, developers, and users to adopt AI-powered monitoring, stronger verification, and collaborative defences to restore trust in digital assets.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Users warned to update WinRAR after active attacks

A critical flaw in the Windows version of WinRAR is being exploited to install malware that runs automatically at startup. Users are urged to update to version 7.13 immediately, as the software does not update itself.

Tracked as CVE-2025-8088, the vulnerability allows malicious RAR files to place content in protected system folders, including Windows startup locations. Once there, the malware can steal data, install further payloads and maintain persistent access.

ESET researchers linked the attacks to the RomCom hacking group, a Russian-speaking operation known for espionage and ransomware campaigns. The flaw has been used in spear-phishing attacks where victims opened infected archives sent via email.

WinRAR’s July update fixes the cybersecurity issue by blocking extractions outside user-specified folders. Security experts recommend caution with email attachments, antivirus scanning of archives and regular checks of startup folders for suspicious files.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

UAE Ministry of Interior uses AI and modern laws to fight crime

The UAE Ministry of Interior states that AI, surveillance, and modern laws are key to fighting crime. Offences are economic, traditional, or cyber, with data tools and legal updates improving investigations. Cybercrime is on the rise as digital technology expands.

Current measures include AI monitoring, intelligent surveillance, and new laws. Economic crimes like fraud and tax evasion are addressed through analytics and banking cooperation. Cross-border cases and digital evidence tampering continue to be significant challenges.

Traditional crimes, such as theft and assault, are addressed through cameras, patrols, and awareness drives. Some offences persist in remote or crowded areas. Technology and global cooperation have improved results in several categories.

UAE officials warn that AI and the internet of Things will lead to more sophisticated cyberattacks. Future risks include evolving criminal tactics, privacy threats, skills shortages, and balancing security and individual rights.

Opportunities include AI-powered security, stronger global ties, and better cybersecurity. Dubai Police have launched a bilingual platform to educate the public, viewing awareness as the first defence against online threats.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Nvidia and AMD to pay 15% share of China AI chip revenue to secure US export licences

Nvidia and Advanced Micro Devices have agreed to hand 15% of their Chinese AI chip sales revenue to the US government in return for export licences.

The arrangement, covering Nvidia’s H20 accelerator and AMD’s MI308 model, is considered unusual and could prove contentious for both companies and Beijing.

The deal reflects Washington’s willingness to link trade concessions to financial payments, but analysts note there is little precedent for such a targeted export levy.

Critics warn the move could undermine the national security rationale for export controls, making it harder to convince allies to adopt similar measures. Beijing, meanwhile, has voiced security concerns over the H20 chip’s performance and alleged vulnerabilities.

Industry observers suggest the payment requirement could discourage further expansion by US chipmakers in China, the world’s largest semiconductor importer, and give local producers an advantage in building domestic capacity.

Chinese firms such as Huawei are already increasing market share amid tighter restrictions on US technology.

The potential sums involved are significant. Before restrictions were imposed, Nvidia had generated over $7 billion in H20 sales to China in a single quarter. In comparison, AMD could earn up to $5 billion annually if full access to the market resumed.

However, uncertainties over demand and regulatory conditions remain.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

BlackSuit infrastructure dismantled in global raid

US law enforcement, alongside nine other nations, dismantled the BlackSuit ransomware gang’s infrastructure, replacing its leak site with a takedown notice after a coordinated operation. The group, formerly known as Royal, had amassed over $370 million in ransoms since 2022.

More than 450 victims were targeted across critical infrastructure sectors, with ransom demands soaring up to $60 million. Dallas suffered severe disruption in a notable attack, affecting emergency services and courts.

German authorities seized key infrastructure, securing data that is now under analysis to identify further collaborators. The operation also included confiscating servers, domains and digital assets used for extortion and money laundering.

New research indicates that members of BlackSuit may already be shifting to a new ransomware operation called Chaos. US agencies seized $2.4 million in cryptocurrency linked to a Chaos affiliate, marking a significant blow to evolving cybercrime efforts.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!