Cybersecurity Snapshot: Global Agencies Target Criminal “Bulletproof” Hosts, as CSA Unveils Agentic AI Risk Framework
None
<div morss_own_score="1.8536170212765959" morss_score="147.33635624475102"> <p>Cyber agencies call on ISPs to help combat “bulletproof” internet hosts that shield cybercriminals. Meanwhile, the CSA introduced a new methodology to assess the risks of autonomous AI. Plus, get the latest on the CIS Benchmarks, drone-detection systems, and malware infections.</p> <h2>Key takeaways</h2> <ol> <li><strong>Crackdown on “bulletproof” hosting:</strong> International cyber agencies are urging ISPs and network defenders to help degrade internet infrastructure used by cybercriminals.<br> </li> <li><strong>New agentic AI risk framework:</strong> The Cloud Security Alliance introduced the Capabilities-Based Risk Assessment (CBRA) to help organizations quantify risks associated with autonomous AI systems.<br> </li> <li><strong>Fresh CIS Benchmarks:</strong> A new batch of configuration guides covers Windows Server 2025 and various Linux distros, alongside updates for software products from Google, IBM, Oracle and others.</li> </ol> <p>Here are five things you need to know for the week ending November 21.</p> <h2>1 – Cyber agencies ask for help in defusing “bulletproof” internet hosts used by criminals</h2> <p>Multi-national cybersecurity agencies are asking ISPs and network defenders to help unmask and dismantle bulletproof hosting providers (BPH), which offer internet infrastructure services to cyber criminals.</p> <p>“The authoring agencies have observed a marked increase in cybercriminal actors using BPH infrastructure to support cyber operations against critical infrastructure, financial institutions, and other high-value targets,” reads the joint advisory “<a href="https://www.cisa.gov/resources-tools/resources/bulletproof-defense-mitigating-risks-bulletproof-hosting-providers">Bulletproof Defense: Mitigating Risks From Bulletproof Hosting Providers</a>.”</p> <p>“BPH providers continue to pose a significant risk to the resilience and safety of critical systems and services,” adds the advisory from cyber agencies in Australia, Canada, the Netherlands, New Zealand, the U.K., and the U.S.</p> <p>BPHs intentionally ignore legal processes, abuse complaints, and law enforcement takedown requests, shielding cybercriminals and helping them launch ransomware attacks, extort data, deliver malware, conduct phishing campaigns, and more.</p> <p>They provide obfuscation through techniques like fast flux, effectively masking the identity and location of the perpetrators.<br> </p> <p><img decoding="async" src="https://www.tenable.com/sites/default/files/inline/images/Cyber%20agencies%20ask%20for%20help%20in%20defusing%20%E2%80%9Cbulletproof%E2%80%9D%20internet%20hosts%20used%20by%20criminals.jpeg"></p> <p>However, identifying criminal activity facilitated by BPHs isn’t easy because BPH infrastructure is woven into the infrastructure of legitimate ISPs.</p> <p>“BPH providers lease their own infrastructure to cybercriminals. Increasingly, they resell stolen or leased infrastructure from legitimate hosting providers, data centers, ISPs, or cloud service providers who may unknowingly enable BPH providers to provide infrastructure to cybercriminals,” reads the document.</p> <p>The advisory offers guidance for ISPs and network defenders to take “nuanced” steps to gum up BPHs’ services without impacting legitimate infrastructure.</p> <p>Ultimately, the idea is to help degrade the effectiveness of BPHs’ infrastructure to the point where their cyber criminal customers are forced to leave their BPH safe havens and switch to legitimate service providers, which, unlike BPHs, do respond to abuse complaints and to law-enforcement requests. </p> <p>Recommendations include:</p> <ul> <li>Conducting rigorous traffic analysis</li> <li>Curating and automating reviews of “high confidence” lists of malicious internet resources</li> <li>Establishing robust standards for ISP accountability</li> <li>Proactively creating filtering tools</li> <li>Maintaining transparent communication regarding malicious resource lists</li> </ul> <p>“<a href="https://www.cisa.gov/news-events/news/cisa-unveils-guide-combat-bulletproof-hosting-cybercrime">Bulletproof hosting is one of the core enablers of modern cybercrime</a>,” Acting CISA Director Madhu Gottumukkala said in a statement. “By shining a light on these illicit infrastructures and giving defenders concrete actions, we are making it harder for criminals to hide and easier for our partners to protect the systems Americans rely on every day.”</p> <p>In a related development, <a href="https://home.treasury.gov/news/press-releases/sb0319">Australia, the U.K. and the U.S. jointly sanctioned Russia-based BPH company Media Land</a> and its network, the U.S. Treasury Department said in a statement. Meanwhile the U.K. and U.S. governments also sanctioned Hypercore Ltd., a front company for BPH company Aeza Group, along with several individuals, it added.</p> <p>For more information about BPH:</p> <ul> <li>“<a href="https://www.cyber.gov.au/about-us/view-all-content/publications/bulletproof-hosting-providers">Bulletproof hosting providers: Cracks in the armour of cybercriminal infrastructure</a>” <em>(Australian Cyber Security Centre)</em></li> <li>“<a href="https://www.scworld.com/news/bulletproof-hosting-provider-proton66-steps-up-malware-campaigns">Bulletproof hosting provider Proton66 steps-up malware campaigns</a>” <em>(SC World)</em></li> <li>“<a href="https://www.infosecurity-magazine.com/news/why-bulletproof-hosting-key-caas/">Why Bulletproof Hosting is Key to Cybercrime-as-a-Service</a>” <em>(Infosecurity Magazine)</em></li> <li>“<a href="https://www.scworld.com/news/us-sanctions-bulletproof-hosting-provider-aeza-for-cybercrime-ops">US sanctions ‘bulletproof’ hosting provider Aeza for cybercrime ops</a>” <em>(SC World)</em></li> <li>“<a href="https://www.bankinfosecurity.com/key-to-qilins-ransomware-success-bulletproof-hosting-a-29742">Key to Qilin’s Ransomware Success: Bulletproof Hosting</a>” <em>(Bank Info Security)</em></li> </ul> <h2>2 – CSA unveils agentic AI risk assessment tool</h2> <p>To assess the risks of using agentic AI, conventional risk models may fall short. So how can you determine the risks your organization faces from these autonomous AI tools?</p> <p>You might want to check out a new risk-assessment framework for agentic AI systems from the Cloud Security Alliance (CSA).</p> <p>The framework, called <a href="https://cloudsecurityalliance.org/artifacts/capabilities-based-risk-assessment-cbra-for-ai-systems">Capabilities-Based Risk Assessment (CBRA)</a> is detailed in a new CSA white paper and evaluates agentic AI systems across four areas: </p> <ul> <li>System criticality</li> <li>AI autonomy</li> <li>Access permissions</li> <li>Impact radius</li> </ul> <p>These factors are combined to generate a composite risk score, allowing enterprises to quantify the potential consequences of system failure or misuse.<br> </p> <p><img decoding="async" src="https://www.tenable.com/sites/default/files/inline/images/CSA%20unveils%20agentic%20AI%20risk%20assessment%20tool.jpg"></p> <p>“AI autonomy and access are expanding faster than traditional risk management models can adapt,” Pete Chronis, Co-Chair of the CSA AI Safety Initiative CISO Council, said in a statement. </p> <p>“CBRA allows enterprises to align their governance investments with actual risk exposure – <a href="https://cloudsecurityalliance.org/press-releases/2025/11/13/cloud-security-alliance-introduces-new-tool-for-assessing-agentic-risk">protecting high-impact agentic systems</a> while accelerating safe innovation elsewhere,” he added.</p> <p>The CBRA is integrated with the CSA’s AI Controls Matrix (AICM). CBRA maps its three-tier risk levels — low, medium, and high — to the AICM’s library of over 240 AI-specific controls, so that security measures taken are proportionate to the risk.</p> <p>For more information about <a href="https://www.tenable.com/products/ai-exposure">AI security</a>, check out these Tenable Research blogs:</p> <h2>3 – CIS releases batch of new and updated Benchmarks</h2> <p>Time to tighten the screws on the software configurations of products from Oracle, Microsoft, Google, IBM, Apple, and more. The Center for Internet Security (CIS) just refreshed a variety of its existing Benchmarks and introduced multiple new ones.</p> <p>The following CIS Benchmarks were updated:</p> <ul> <li><a href="https://www.cisecurity.org/insights/blog/cis-benchmarks-update-november-2025#pa"><strong>CIS Palo Alto Firewall 11 Benchmark v1.2.0</strong></a>, which includes enhanced automated compliance and audit readiness</li> <li><a href="https://www.cisecurity.org/insights/blog/cis-benchmarks-update-november-2025#o1"><strong>CIS Oracle MySQL 8.0 Enterprise Benchmark v1.5.0</strong></a>, which includes improved account security by enforcing password policies for all accounts</li> <li><a href="https://www.cisecurity.org/insights/blog/cis-benchmarks-update-november-2025#o2"><strong>CIS Oracle MySQL 8.0 Community Server Benchmark v1.2.0</strong></a>, which includes backporting password enforcement recommendations</li> <li><a href="https://www.cisecurity.org/insights/blog/cis-benchmarks-update-november-2025#az"><strong>CIS Microsoft Azure Foundations Benchmark v5.0.0</strong></a>, which adds 22 new recommendations and updates 58 others to better align with cloud security practices</li> <li><a href="https://www.cisecurity.org/insights/blog/cis-benchmarks-update-november-2025#and"><strong>CIS Google Android Benchmark v1.6.0</strong></a>, which includes better alignment with iOS benchmarks for consistent mobile security</li> <li><a href="https://www.cisecurity.org/insights/blog/cis-benchmarks-update-november-2025#edge"><strong>CIS Microsoft Edge Benchmark v4.0.0</strong></a>, which includes refined browser hardening with new ADMX-based security settings</li> <li><a href="https://www.cisecurity.org/insights/blog/cis-benchmarks-update-november-2025#ibm1"><strong>CIS IBM Db2 11 Benchmark v1.2.0</strong></a>, which includes improved clarity and remediation steps</li> </ul> <p>CIS also launched seven entirely new Benchmarks. The <a href="https://www.cisecurity.org/insights/blog/cis-benchmarks-update-november-2025#win"><strong>CIS Microsoft Windows Server 2025 Stand-alone Benchmark v1.0.0</strong></a> provides foundational security guidance for the latest Windows server environment. Linux coverage was expanded with new Benchmarks for <a href="https://www.cisecurity.org/insights/blog/cis-benchmarks-update-november-2025#red"><strong>Red Hat Enterprise Linux 10</strong></a>, <a href="https://www.cisecurity.org/insights/blog/cis-benchmarks-update-november-2025#rocky"><strong>Rocky Linux 10</strong></a> and <a href="https://www.cisecurity.org/insights/blog/cis-benchmarks-update-november-2025#alma"><strong>AlmaLinux OS 10</strong></a>. Additionally, new guides were released for <a href="https://www.cisecurity.org/insights/blog/cis-benchmarks-update-november-2025#ibm2"><strong>IBM z/OS with RACF</strong></a>, <a href="https://www.cisecurity.org/insights/blog/cis-benchmarks-update-november-2025#Fort"><strong>FortiGate 7.4.x</strong></a>, and <a href="https://www.cisecurity.org/insights/blog/cis-benchmarks-update-november-2025#app"><strong>Apple iOS/iPadOS 18 for Intune</strong></a>, the latter specifically tailored for device management via Microsoft Intune.</p> <p>Meanwhile, there are new Build Kits for various Oracle, Microsoft and Red Hat products. Build Kits automate the CIS Benchmarks’ configuration process.</p> <p><img decoding="async" src="https://www.tenable.com/sites/default/files/inline/images/Malware%20infections%20jump%20almost%2040%25%20in%20Q3.png"></p> <p>Currently, CIS has 100-plus Benchmarks to harden the configurations of cloud platforms; databases; desktop and server software; mobile devices; operating systems; and more.</p> <p>To get more details, read the CIS blog “<a href="https://www.cisecurity.org/insights/blog/cis-benchmarks-update-november-2025">CIS Benchmarks Monthly Update November 2025</a>.” For more information about the CIS Benchmarks list, check out its <a href="https://www.cisecurity.org/cis-benchmarks">home page</a> and <a href="https://www.cisecurity.org/cis-benchmarks/cis-benchmarks-faq">FAQ</a>, as well as:</p> <ul> <li>“<a href="https://www.cisecurity.org/insights/blog/getting-to-know-the-cis-benchmarks">Getting to Know the CIS Benchmarks</a>” <em>(CIS)</em></li> <li>“<a href="https://www.darkreading.com/cyber-risk/security-via-consensus-developing-cis-benchmarks">Security Via Consensus: Developing the CIS Benchmarks</a>” <em>(Dark Reading)</em></li> <li>“<a href="https://videos.tenable.com/watch/WJWfR77JpB6hh3Apq2vSAa">How to Unlock the Security Benefits of the CIS Benchmarks</a>” <em>(Tenable)</em></li> <li>“<a href="https://www.helpnetsecurity.com/2023/09/06/cis-benchmarks-communities-where-configurations-meet-consensus/">CIS Benchmarks Communities: Where configurations meet consensus</a>” <em>(Help Net Security)</em></li> <li>“<a href="https://devops.com/cis-benchmarks-devops-guide-to-hardening-the-cloud/">CIS Benchmarks: DevOps Guide to Hardening the Cloud</a>” <em>(DevOps)</em></li> </ul> <h2>4 – CISA: Drone-detection tools have their own cyber risks</h2> <p>As critical infrastructure organizations rush to buy drone-detection systems to protect themselves from malicious drones, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is raising a red flag: the detection tools themselves can be vulnerable.</p> <p>In a guide published this week to help critical infrastructure organizations choose these tools, CISA warned that an important aspect of the selection process is the cybersecurity posture of these unmanned aircraft systems (UAS), as drones are formally known.</p> <p>“Cybersecurity vulnerabilities can compromise the confidentiality, integrity, and availability of UAS detection information,” reads the guide “<a href="https://www.cisa.gov/resources-tools/resources/unmanned-aircraft-system-detection-technology-guidance">Unmanned Aircraft System Detection Technology Guidance</a>.”<br> </p> <p><img decoding="async" src="https://www.tenable.com/sites/default/files/inline/images/Drone-detection%20tools%20have%20their%20own%20cyber%20risks.png"></p> <p>Examples of cybersecurity flaws in these UAS-detection products include:</p> <ul> <li>Insecure collection and transfer of data</li> <li>Malicious executables hidden within required software and firmware updates</li> <li>Vulnerable connected devices utilized by detection systems</li> </ul> <p>CISA recommends that critical infrastructure organizations ask UAS-detection vendors questions including:</p> <ul> <li>Can your product’s operating system be physically accessed or tampered with?</li> <li>Can you provide both a software bill of materials (SBOM) and hardware bill of materials (HBOM) for your product?</li> <li>How long will you provide security and firmware updates for your product?</li> <li>What data does your product’s sensor collect and store?</li> <li>Who will have access to the data collected by your product?</li> </ul> <p>“The <a href="https://www.cisa.gov/news-events/news/cisa-releases-new-guides-safeguard-critical-infrastructure-unmanned-aircraft-systems-threats">new risks and challenges from UAS activity</a> demonstrate that the threat environment is always changing, which means our defenses must improve as well,” CISA Acting Director Madhu Gottumukkala said in a statement.</p> <p>The 12-page guide also addresses non-cyber criteria for choosing a drone-detection system.</p> <p>CISA published two other drone-security guides in July for critical infrastructure organizations: “<a href="https://www.cisa.gov/resources-tools/resources/suspicious-unmanned-aircraft-system-activity-guidance">Suspicious Unmanned Aircraft System Activity Guidance for Critical Infrastructure Owners and Operators</a>” and “<a href="https://www.cisa.gov/resources-tools/resources/safe-handling-considerations-downed-unmanned-aircraft-systems">Safe Handling Considerations for Downed Unmanned Aircraft Systems</a>.” </p> <h2>5 – Malware infections jump almost 40% in Q3</h2> <p>Malware infection reports spiked 38% from the second to the third quarter of 2025, according to data from CIS’ Multi-State Information Sharing and Analysis Center (MS-ISAC) monitoring services.</p> <p>SocGholish, which attackers use in fake software-update attacks, once again ranked as the most prevalent malware variant, a spot it has held for the past two years.</p> <p>SocGholish’s prevalence reflects the popularity of fake software-update attacks among hackers. These attacks attempt to trick unsuspecting users into downloading a software update that appears legit. Of course, the “update” infects victims’ devices with malware.</p> <p>Following SocGholish is CoinMiner, a cryptocurrency miner that spreads via Windows Management Instrumentation (WMI), and Agent Tesla, a remote access trojan (RAT) known for harvesting credentials and capturing keystrokes.</p> <p>Notably, Q3 2025 saw the return of the Gh0st, Lumma Stealer, and TeleGrab variants, and the debut of Jinupd. </p> <p>According to CIS, Lumma Stealer’s reappearance is significant as it follows a previous law enforcement takedown of its “malware as a service” (MaaS) infrastructure for targeting banking data and personal information. </p> <p>Jinupd, the newcomer, is a point-of-sale (POS) infostealer that scrapes credit card data from memory, often disguising itself as a Java updater.</p> <p>The report tracks three primary infection vectors: Dropped (delivered by other malware), Malspam (malicious emails), and Malvertisement (malicious ads). However, “Multiple” was the leading infection vector category for this quarter.<br> </p> <p><img decoding="async" src="https://www.tenable.com/sites/default/files/inline/images/CIS%20releases%20batch%20of%20new%20and%20updated%20Benchmarks.png"></p> <p>Here’s Q3’s malware hit parade:</p> <ul> <li><strong>SocGholish</strong>, a downloader distributed through malicious websites that tricks users into downloading it by offering fake software updates</li> <li><strong>CoinMiner</strong>, a cryptocurrency miner that spreads using Windows Management Instrumentation (WMI)</li> <li><strong>Agent Tesla</strong>, a RAT that captures credentials, keystrokes and screenshots</li> <li><strong>TeleGrab</strong>, an infostealer that targets Telegram, swiping cache and key files, hijacking chat sessions, and stealing contacts and chat history</li> <li><strong>ZPHP</strong>, a RAT that captures credentials, keystrokes and screenshots</li> <li><strong>VenomRAT</strong>, an open-source malware whose features include keylogging, data exfiltration and screen capturing</li> <li><strong>Gh0st</strong>, a RAT designed to control infected endpoint devices</li> <li><strong>NanoCore</strong>, a RAT that spreads via malspam as a malicious Excel spreadsheet</li> <li><strong>Lumma Stealer</strong>, an infostealer used to swipe personal information, credentials, cookies and banking information</li> <li><strong>Jinupd</strong>, a point-of-sales infostealer that steals credit card information by scraping memory from payment-processing applications</li> </ul> <p>To get more information, check out the CIS blog “<a href="https://www.cisecurity.org/insights/blog/top-10-malware-q3-2025">Top 10 Malware Q3 2025</a>,” where you’ll find more details, context and indicators of compromise for each malware strain.</p> <p>For details on fake software-update attacks:</p> </div><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2025/11/cybersecurity-snapshot-global-agencies-target-criminal-bulletproof-hosts-as-csa-unveils-agentic-ai-risk-framework/" data-a2a-title="Cybersecurity Snapshot: Global Agencies Target Criminal “Bulletproof” Hosts, as CSA Unveils Agentic AI Risk Framework"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Fcybersecurity-snapshot-global-agencies-target-criminal-bulletproof-hosts-as-csa-unveils-agentic-ai-risk-framework%2F&linkname=Cybersecurity%20Snapshot%3A%20Global%20Agencies%20Target%20Criminal%20%E2%80%9CBulletproof%E2%80%9D%20Hosts%2C%20as%20CSA%20Unveils%20Agentic%20AI%20Risk%20Framework" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Fcybersecurity-snapshot-global-agencies-target-criminal-bulletproof-hosts-as-csa-unveils-agentic-ai-risk-framework%2F&linkname=Cybersecurity%20Snapshot%3A%20Global%20Agencies%20Target%20Criminal%20%E2%80%9CBulletproof%E2%80%9D%20Hosts%2C%20as%20CSA%20Unveils%20Agentic%20AI%20Risk%20Framework" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Fcybersecurity-snapshot-global-agencies-target-criminal-bulletproof-hosts-as-csa-unveils-agentic-ai-risk-framework%2F&linkname=Cybersecurity%20Snapshot%3A%20Global%20Agencies%20Target%20Criminal%20%E2%80%9CBulletproof%E2%80%9D%20Hosts%2C%20as%20CSA%20Unveils%20Agentic%20AI%20Risk%20Framework" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Fcybersecurity-snapshot-global-agencies-target-criminal-bulletproof-hosts-as-csa-unveils-agentic-ai-risk-framework%2F&linkname=Cybersecurity%20Snapshot%3A%20Global%20Agencies%20Target%20Criminal%20%E2%80%9CBulletproof%E2%80%9D%20Hosts%2C%20as%20CSA%20Unveils%20Agentic%20AI%20Risk%20Framework" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Fcybersecurity-snapshot-global-agencies-target-criminal-bulletproof-hosts-as-csa-unveils-agentic-ai-risk-framework%2F&linkname=Cybersecurity%20Snapshot%3A%20Global%20Agencies%20Target%20Criminal%20%E2%80%9CBulletproof%E2%80%9D%20Hosts%2C%20as%20CSA%20Unveils%20Agentic%20AI%20Risk%20Framework" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.tenable.com/">Tenable Blog</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Juan Perez">Juan Perez</a>. Read the original post at: <a href="https://www.tenable.com/blog/cybersecurity-snapshot-agentic-ai-risk-framework-bulletproof-hosting-providers-cis-benchmarks-malware-report-11-20-2025">https://www.tenable.com/blog/cybersecurity-snapshot-agentic-ai-risk-framework-bulletproof-hosting-providers-cis-benchmarks-malware-report-11-20-2025</a> </p>