Maria Varmazis

You're listening to the Cyberwire Network powered by N2K.

Do you know how the space and cybersecurity domains connect? T minus Space Cyber Briefing is your guide through the space based systems that expand the attack surface. I'm Maria Varmazis host here at N2K CyberWire and I'm excited to share that T minus is back now as a weekly podcast, the T Minus Space Cyber Briefing. We have a new dedicated focus on two great things that are even better together. Space and cybersecurity. Because whether we realize it or not, we all depend on space based systems that are, by the way, increasingly Internet enabled. We're talking cybersecurity technologies, policies and organizations that are securing the critical space based infrastructure that powers, protects and connects our lives here on Earth. So join me for T Minus Space Cyber Briefing. New episodes every Sunday.

Dave Bittner

Maybe that's an urgent message from your CEO, or maybe it's a deep fake trying to target your business. Doppel is the AI native social engineering defense platform fighting back against impersonation and manipulation. As attackers use AI to make their tactics more sophisticated. Doppel uses it to fight back from automatically dismantling cross channel attacks to building team resilience and more. Doppel outpacing what's next in social engineering? Learn more@doppel.com that'S-O-P p e l.com. Battlefield AI sparks debate Election Cyber threats rise. A critical Windows flaw is under active attack. CISO weighs new reporting rules Russian targets face a stealthy hacking campaign. A 19 year old Linux bug gets its day in the sun. We've got today's business update. Our guest is Heather Celin, CISO at box discussing how governed AI starts with solving the unstructured data problem and Microsoft hits refresh on research relations. It's Monday, june 1st, 2026. I'm dave buettner and this is your cyberwire intel brief. Thanks for joining us here today. It's great to have you with us. The Trump administration is accelerating the use of artificial intelligence across the US military, arguing it's critical to maintaining America's strategic advantage. Defense Secretary Pete Hegseth has pushed for rapid AI adoption and opposed restrictions that could limit lawful military applications, while President Trump has expressed concern that new regulations could weaken U.S. competitiveness, particularly against China. At the same time, some military leaders and technology companies are urging caution. Admiral Frank Bradley, head of US Special Operations Command, was warned that humans must remain confident AI systems deliver force only where intended. Military officials described AI as both a battlefield tool that speeds targeting and decision making and a support system that reduces administrative burdens and cognitive workload without replacing human judgment. The debate has fueled tensions between the Pentagon and AI company Anthropic, which raised concerns about autonomous weapons and surveillance. Despite these disputes, experts note the military generally adopts new technologies, carefully balancing operational effectiveness with the need to avoid mistakes, civilian harm and unintended consequences. A new report from Checkpoint warns that the 2026 U.S. midterm elections face elevated cyber threats targeting political organizations, fundraising platforms, media outlets and voters. Researchers found a sharp rise in newly registered election related domains, many of which could later be used for phishing impersonation, fraudulent fundraising or misinformation campaigns. The report identifies phishing, AI enabled disinformation, influence operations and account compromise as the most likely threats. Email remains the primary attack vector, accounting for 82% of malicious file attacks. Researchers also found thousands of leaked credentials tied to major fundraising platforms ActBlue and WinRed, creating opportunities for fraud and unauthorized access. Artificial intelligence is making scams, deepfakes and misinformation more convincing and easier to produce at scale. The report also highlights ongoing influence efforts by foreign adversaries, including Russia, China and Iran. While voting systems themselves are not the primary target, experts warn that attacks on communication channels, fundraising platforms and public trust could significantly impact the election environment. Belgium's national cybersecurity agency is warning that attackers are actively exploiting a critical Windows NET logon vulnerability patched by Microsoft back in May. The flaw, a stack based buffer overflow with a CVSS score of 9.8, allows unauthenticated remote code execution on Windows domain controllers through specially crafted network requests. It affects all supported Windows Server versions, including Windows Server 2025. While details of current attacks remain limited, the CCB is urging organizations to patch immediately to protect vulnerable servers. Elsewhere, CISA has added a Palo Alto network's Pan OS authentication bypass flaw to its known exploited vulnerabilities catalog after reports of active attacks. The vulnerability affects global protect portals and gateways, allowing attackers to forge authentication cookies and establish authorized VPN access under certain configurations. Rapid7 observed exploitation across multiple organizations beginning in mid May, with some attackers gaining internal network access. Palo Alto patched the flaw on May 13, and CISA has ordered federal agencies to remediate affected systems by today. CISA will hold a series of virtual town Halls from June 15th through the 18th to gather final industry feedback on cyber incident reporting rules required under the 2022 Cyber Incident Reporting for Critical Infrastructure Act. The sessions are expected to help determine which critical infrastructure organizations must report cyber incidents and ransomware payments what qualifies as a reportable incident and what information must be disclosed. Industry groups have criticized earlier proposals as overly broad and burdensome, raising concerns about compliance costs and overlapping reporting requirements. The meetings may also signal whether the Trump administration plans to narrow the rule before CISA finalizes regulations that have been delayed. Amid extensive stakeholder feedback and debate, researchers at Kaspersky have uncovered a previously unknown hacking group that quietly targeted Russian maritime universities, energy organizations, diplomatic missions, government agencies and financial institutions for nearly two years. The campaign, active since at least 2024, used long, dormant periods to avoid detection. Recent attacks relied on the Ravage penetration testing framework and began with phishing emails containing malicious zip files disguised as Microsoft Excel configuration files. More than half of the observed attacks targeted maritime educational institutions. Kaspersky said the group appears well established and highly stealthy, but did not attribute the campaign to any known threat actor or identify its motive. Researchers have disclosed a 19 year old Linux privilege escalation vulnerability dubbed SIFSwitch, that can allow low privileged users to gain root access on affected systems. The flaw resides in the Linux kernel's CIFS subsystem and the CIFSutils authentication helper used for SMB network file sharing. According to researcher Asim Veladi Oglu Manizada, attackers can manipulate authentication requests to trick the root privileged helper into switching namespaces and executing attacker controlled code. The issue stems from insufficient validation of request origins and key descriptions. Several Linux distributions are vulnerable, particularly those with CIFSutils installed by default, though some distributions block the attack path by default or are unaffected. Major Linux vendors have already released patches, and proof of concept code has been published to help organizations test their defenses. India's Central Board of Secondary Education said it has identified and contained vulnerabilities in its onmark online grading portal after they were publicly reported by a teenage cybersecurity researcher. The government run exam board stated it has been closely monitoring the issue and taking corrective action. Onmark, introduced this year, allows teachers to digitally grade scanned copies of students physical exam answer sheets for one of India's most important school leaving examinations. The board did not disclose additional details about the vulnerabilities or their impact. Turning to our Monday business breakdown, cybersecurity investment activity remained strong last week with several funding rounds and acquisitions announced across the sector. London based Revenge AI raised $15 million in a series A round led by the NATO Innovation Fund to advance software supply chain security. Canadian Identity Security company LastWall secured $11.5 million to expand beyond its US federal base, while London based threat intelligence startup Infrawatch raised $3 million in pre seed funding, Spain's Orbic Cybersecurity obtained 2 million euros to support growth, international expansion and hiring and Maryland based Provision IAM received $1.25 million in strategic investments. Mergers and acquisitions were equally active. Zscaler announced plans to acquire Symmetry Systems to strengthen identity visibility and AI governance capabilities. Check Point agreed to acquire Deep Checks to accelerate its AI security roadmap. Eurazeo will acquire Germany's nextron Systems to expand digital forensics capabilities, while Sykurion acquired Secuvant to enhance managed detection, vulnerability management and compliance services. Overall, the deals highlight continued investor focus on AI security, identity management, threat intelligence and digital forensics. Coming up after the break, my conversation with Heather Salen, CISO at Box. We're discussing how governed AI starts with solving the unstructured data problem and Microsoft hits refresh on research relations. Stay with us. What's the one thing in business that's spreading as fast as AI? AI risk. Every new tool your team signs up for. Every vendor that turns on AI features, every new integration, each one creates another opportunity for something to go wrong. And most security programs just weren't built for AI's pace of growth. Enter Vanta. Vanta is the number one agentic trust platform used by more than 16,000 fast moving companies like Ramp, Cursor and Harvey to help ensure they're always audit ready. And now Vanta is helping companies watch for the risks that show up between audits across vendors, AI tools and their entire environment. The Vanta agent works like a 24.7grc engineer in the background, finding issues, drafting fixes and cutting vendor assessment time by up to 50%. Whether you're a fast growing startup or a global enterprise, Vanta is here to help you automate your security and compliance and earn and prove trust. Get started today@vanta.com cyber that's V A N T A dot com cyber.

Advertisement Voice

Study and play come together on a Windows 11 PC and for a limited time, college students get the best of both worlds. Get the unreal college deal Everything you need to study, study and play with select Windows 11 PCs. Eligible students get a year of Microsoft 365 Premium and a year of Xbox Game Pass ultimate with a custom color Xbox wireless controller. Learn more@windows.com studentoffer law supplies last ends June 30th terms at aka Ms. CollegePC.

Dave Bittner

Heather Selen is CISO at Box and in today's sponsored Industry Voices conversation we discuss how governed AI starts with solving the UNSTRUCTURED data problem.

Heather Selin

So I think enterprises for a long time have struggled to govern their unstructured data. So when I say unstructured data, this is content that may live on users local devices, it may live in the Cloud, in Microsoft 365 in box, in other cloud storage providers and you have this distributed content problem that may not be, you know, it may not be labeled correctly, it may not be classified correctly, it may not be permissioned and controlled correctly. Which I think organizations have tolerated that unstructured content governance problem for a long time because the blast radius was limited. We were talking about humans accessing that content, not agents. Now as we're starting to talk about agents accessing that content on such a large scale scale, that problem becomes much more critical to solve.

Dave Bittner

Well, let's talk about that problem. What is the issue here of providing access to this sort of data to say an agentic AI?

Heather Selin

Let me start with an example, right? Let's say the legal team is working on a deal, a new partnership deal that's material non public information. They have this data in their folders. It's not classified appropriately. Access isn't properly controlled. You know, a human that's not supposed to have access may not find that data because they're not looking for it. Right. But let's say the product team is now using an agent to go research that same company that the legal team is doing a deal with. And now that agent is taking the data, it's surfacing it to the product team, it's creating roadmaps, it's actually acting on that knowledge. Now you've got a really big problem that most likely would not have existed if it was just humans needing to access this content. Agents will go access whatever content they can to try to solve the problem. And the blast radius is just much bigger when you're working with agents.

Dave Bittner

So it's really kind of that insatiable desire to gobble up every piece of data that it has permission to touch. Is that a good way to describe it?

Heather Selin

Yeah, that's right. And the permissions are off of these agents are often very vast because they need to do multiple step processes, right. So that a lot of times the agents don't have those restrictive permissions within them, which is why it's so important to have those restrictive permissions on your content and to have that content classified.

Dave Bittner

Well, walk me through the process then. If I want to do a better job with this and I want to get the data in a proper condition before I expose it here, what sorts of things do I need to prepare for?

Heather Selin

So this is one thing that I get really excited about, because AI can actually help us here too. It's not just part of the problem, it's part of the solution. So I think one thing that organizations have really struggled with is the data classification piece. It's really hard to do that manually and it's really hard to get humans to go in and properly classify data, especially when you're talking years and years and years of unstructured content. So AI can actually help us classify that content, not just based on keywords or, you know, regexes like historical. DLP solutions have provided security teams in the past, but AI can actually understand what the content is, how sensitive the content is, and it can proactively put those labels on the content for us and automatically apply permissions based on what it thinks the content is. So this is a great example of, you know, yes, AI causes some security challenges, but it can also help be part of the solution to those.

Dave Bittner

Help me understand here. When going through this process, are we making copies of the data or are we creating a roadmap to where the data is stored? How exactly does it work?

Heather Selin

No, you're not creating copies of the data. What you're doing is the. You can have an agent that actually reads and understands what's the in the document, and it can apply a label to that content. And then once that content actually has a label attached to it, it can flow with it wherever it goes. Right, because you want the content to stay classified, no matter where it's going across your systems. And then you can apply whatever controls you deem appropriate. So let's say you have a document that you labeled as sensitive. Let's say it's your most restrictive setting. You can apply really strict permissions. You can say, we don't want this to be shared with anyone outside of the organization, we don't want this to be shared publicly. And you can apply those strict access controls based on the classification labels.

Dave Bittner

What if I'm in a business line that has compliance requirements? I suspect this is going to help me along the way there as well.

Heather Selin

Yes, this would definitely help with that. I think there's a lot of compliance requirements out there that want you to have strict controls over access to sensitive data, and this helps you do that. If you don't know what data you have or where it's sitting and it's not properly classified, it's really difficult to say that you're controlling that data appropriately.

Dave Bittner

Does this help improve the quality of the output that I could potentially get out of my AI agent.

Heather Selin

Yes, that's another great benefit as well. One of the struggles of agents, when you have distributed content, it means the context is also distributed. So agents do better work when they have more context to work from. And if that context is distributed across multiple systems, the agent may have access to one system but not another. It may be working from different, not a complete picture of the context that it needs. So when you're doing this with how we've historically used AI as an assistant, it may surface a bad answer, it may surface an incomplete answer, a hallucination, something you're not permissioned to see. But I think we're talking about a whole new level of risk when you're looking at agents operating with that, because an agent will go one step further and then take action based on that data, even if it's missing the context.

Dave Bittner

Can we dig into some of those risks? I mean, I can imagine that this would be an area where if folks don't have the tools that they need or that they desire, it's going to be open to shadow AI.

Heather Selin

Yes, that is very real. And I think all of the security leaders that I speak with on a regular basis are working actively to try to solve this problem. So I think as security leaders and practitioners, it's really important for us to say, not to say no to AI. I think we have to equip people with the tools that they need to do their jobs in a secure, safe manner. Otherwise they're going to go around it and you're going to have the shadow AI problem. No matter how hard you try to control it, people will find ways to use these tools to make them more productive. And I think here at Box, that's one thing that's very important for us is we need people to use AI. We want them to be productive, we want them to be better at their jobs. We just want to make sure they do it securely. So I think it's really important to provide safe ways for teams to experiment and determine if these tools are really useful before we go on and fully implement them.

Dave Bittner

What is it like when an organization decides to go down this path? How heavy a lift is it? I can imagine people being a little intimidated. They've been around for years and I don't know where all my stuff is. Right.

Heather Selin

Yes, it's a very real challenge. Especially, you know, when you have large organizations, they have, you know, 40, 50, 100 years even of content. You know, it's. Where do we. Where do we start. Another thing AI can really help with is archiving content that's no longer relevant. You don't need agents to go back and probably search, you know, 100 years worth of content, nor do you want to try to classify 100 years worth of content. So I think you have to figure out what's really critical. I think, you know, in reality, like it's really difficult to put all of your content into a single place, but it's easier if you can do that and you can have better control, better context, better governance. If all or most of your content is in a single content layer.

Dave Bittner

How do you dial in human oversight here?

Heather Selin

Yes, I think human oversight becomes really important for critical actions. Again, the blast radius for agents across your content is much bigger than it is for humans when agents are operating. In the example I mentioned at the beginning, going back to, you know, the legal team having some very sensitive non public information for a deal, they're working. If an agent is grabbing that and acting on it and taking that information, putting it into maybe a product roadmap, slacking product leaders about this new information, it's found your blast radius just gets so much bigger. So I think having a human in the loop for these types of sensitive actions really is still necessary. Now there's going to be some low risk things. As you know, we start to get more comfortable with agents that we're going to let them do on their own because we're comfortable with the controls over our content and we're comfortable with the guardrails that we have in place for the agents. But there's going to be some actions that are so sensitive, such as deleting whole files, sharing whole folders publicly, that we may still want humans in the loop for.

Dave Bittner

What are your recommendations for organizations who feel like they want to go down this path? How do you prepare yourself?

Heather Selin

Yeah, I would say start by knowing where all of your content is and as much as you can, putting all of that content in a single storage location so you have all of your context and controls and governance in a single plane. And then once you do that, it's understanding what data you have, what the sensitivity is, classifying it, applying those labels. And again, AI can help us do that in a way that is actually feasible. Now if we were relying on humans to do that, that's a project that would take years for security compliance teams to oversee. So now we can do that much more quickly. And then once you have the data classified, making sure you apply controls based on those classifications. So you may want to restrict permissions. You may want to restrict file sharing, you may want to restrict agent access to that content. And then once you feel like you have a very strong and secure content layer, then you can talk about agents operating on that content and then thinking about guardrails you need to have in place for those agents to detect maybe behavioral drifts and where they might misaligned from their original intent, or where they might be accessing something that maybe we don't want them to access.

Dave Bittner

That's Heather Selin, CISO at Box.

Advertisement Voice

So good, so good, so good.

Everything you want for summer is at Nordstrom Rack stores now and up to 60% off. Stock up and save on the brands you love like Vint, Sam, Edelman, Frame and Free People. Join the NordicLub to unlock exclusive discounts. Shop new arrivals first and more. Plus buy online and pick up at your favorite Rack store for free. Great brands, great prices. That's why you rack

Maria Varmazis

when you need to build up your team to handle the growing chaos at work. Use Indeed Sponsored Jobs. It gives your job post the boost it needs to be seen and helps reach people with the right skills, certifications and more. Spend less time searching and more time actually interviewing candidates who check all your boxes. Listeners of this show will get a $75 sponsored job credit@ Indeed.com podcast. That's Indeed.com podcast. Terms and conditions apply. Need a hiring hero? This is a job for Indeed Sponsored job.

Dave Bittner

And finally, after a week of turbulence with the Security Research Committee, Microsoft is clarifying that it does not intend to take legal action against researchers who discover and publish vulnerabilities. The reassurance follows backlash over a company blog post that criticized recent uncoordinated Windows zero day disclosures and warned that Microsoft's Digital crimes unit would continue pursuing those who enable criminal activity. Many researchers interpreted the message as a veiled warning aimed at the pseudonymous researcher Nightmare Eclipse. In a follow up statement posted on social media, Microsoft effectively walked back the concern, acknowledging that some interactions with researchers had fallen short and emphasizing its commitment to good faith engagement. Observers also noted the company quietly swapped the more controversial phrase responsible disclosure for the less loaded coordinated vulnerability disclosure, a bit of terminology housekeeping that did not go unnoticed. Meanwhile, Nightmare Eclipse appears unfazed. The researcher says others have begun sharing vulnerabilities directly and has promised another disclosure in June suggesting this particular chapter in the long running vendor researcher relationship maybe ending with a handshake or at least a slightly less tense email exchange. And that's the Cyber Wire for links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's lead producers, Liz Stokes, were mixed by Trey Hester with original music and sound design by Elliot Peltzman. Our contributing host is Maria Vermazes. Our executive producer is Jennifer Ivan. Peter Kilpe is our publisher, and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow.