Develop foundational skills in ethical hacking and penetration testing while getting ready to pass the certification exam. With cyber threats continually evolving, understanding the trends and using the tools deployed by attackers to determine vulnerabilities in your system can help secure your applications, networks, and devices. To outmatch attacks, developing an attacker's mindset is a necessary skill, which you can hone with the help of the Certified Ethical Hacker 312-50 Exam Guide.

- Learn how to look at technology from the standpoint of an attacker
- Understand the methods that attackers use to infiltrate networks
- Prepare to take and pass the exam in one attempt with the help of hands-on examples and mock tests

Welcome to another_secpro!

Newsflash for those who missed it: Scattered Spider, the group that has been tied to a series of high-profile intrusions, raising fresh concerns about identity-based attacks and how fast threat actors are adapting, has been linked to a number of arrests in the UK. A number of young people have allegedly been involved with the cyber-gang, leading to arrests of 18, 19, and 21 year olds throughout England. As with the LAPSUS$ gang from yesteryear, it seems like another case of "innovative" young people turning to quick and dirty tactics and techniques to cause maximal damage.

To get my fuller reflections on the case as it unfolds, check out this week's premium issue in the link below.

But, before we get bogged down in that, there's a whole newsletter still to go! Check out this week's articles, news, academic insights, and a few other little treats. If you want more, you know what you need to do - sign up to the premium and get access to everything we have on offer. Click the link above to visit our Substack and sign up there!

Cheers!
Austin Miller
Editor-in-Chief

We're hoping to roll out some new features in the next few weeks, but we need your input. Check out the survey below and win afree month of _secpro premium!

Before attackers can steal data, lock up systems, or pivot through a network, they need to get their malicious code to a target. That step is delivery. It’s the moment the payload—often malware or a malicious script—is moved from the attacker’s infrastructure into the environment of the target.

Cybersecurity has always been a race between hackers and defenders. With AI in the mix, that race just got a whole lot faster.

Today's hackers are using artificial intelligence to speed up their attacks, identify new vulnerabilities, and automate decision-making. That means defenders have to be just as smart—if not smarter. In CEH v13, AI is no longer a side note. It's now a core part of the modern ethical hacker's toolkit.

In the new edition of theCertified Ethical Hacker (CEH) v13: Exam 312-50 Guide, we've added entire sections in each chapter on AI-assisted hacking. You'll learn how hackers are training AI models to spot weak configurations, build deepfakes for social engineering, and evade detection tools. You'll also see how defenders can use AI to turn the tables—automating log analysis, simulating attacks, and identifying threats faster than ever before.

Here's just a glimpse of what's inside:

- How ShellGPT helps automate information gathering and vulnerability detection

- Real-world examples of AI being used in phishing, malware development, and evasion

- What tools like Microsoft Security Copilot and other AI models are doing to reshape defensive security

This isn't just some guess about what might happen in the future; it's happening right now. The book helps you understand how to use these tools responsibly and ethically, all while staying within the CEH framework. Plus, it gets you ready for the CEH Exam.

“NVIDIAScape” – Critical Privilege Escalation in NVIDIA Container Toolkit: A container escape flaw (CVE‑2025‑23266, dubbed NVIDIAScape) affects NVIDIA Container Toolkit ≤ 1.17.7 and GPU Operator ≤ 25.3.0. Attackers exploiting this could elevate privileges inside AI cloud environments, potentially enabling data tampering, info-leakage, or DoS.This is a high-severity vulnerability (CVSS 9.0) for Kubernetes/AI inference workloads—patching should be prioritized across GPU-enabled clusters.

CERT‑UA Details “LAMEHUG” Malware Using LLM‑Driven Phishing (APT28): Ukraine’s CERT‑UA uncovered LAMEHUG, a phishing-delivery malware using LLM-generated commands based on description-based prompts. The toolkit is linked to Russian-nexus APT28. Phishing kits empowered by LLMs allow dynamic payload generation, complicating detection and expanding spearphish campaign sophistication.

Matanbuchus 3.0 Advancing Through Microsoft Teams Vector: Morphisec researchers dissected Matanbuchus 3.0 loader using Teams-based command-and-control delivery. The updated loader shows improved evasion tactics and stealth functionality as a step towards further payloads like Cobalt Strike. A MaaS loader delivered via collaboration tools signals growing risk to hybrid workplaces—detecting lateral movement is critical.

BlackSuit Ransomware: Hybrid Exfiltration & Encryption TTPs: Cybereason’s July 11 BlackSuit report reveals a ransomware operation employing dual tactics: data exfiltration followed by encryption. The post includes infection chain, C2 communications, and IoCs. This hybrid tactic means defenders must prepare for both extortion and data breach contingencies—and deploy faster detection on exfiltration.

WordPress‑to‑NetSupport RAT Campaign via ClickFix Plugin: Another Cybereason alert (July 7) shows threat actors delivering NetSupport RAT through compromised WordPress sites using the “ClickFix” plugin. Their chain includes SQL injection and automated dropper. Highlights growing exploitation of third-party CMS plugins to automate RAT installs, emphasizing patching/whitelisting need.

Qantas Breach Deep Dive + Patch Tuesday Zero‑Day Trends: CISO Platform’s July 9 internal report examines the Qantas breach (~5.7M users via third-party compromise), connecting it to Scattered Spider activity. It also analyzes Microsoft’s Patch Tuesday, including 1 zero-day and 14 critical CVEs. Includes IoCs and recommended defense tactics. Offers high-level view of supply chain risk (third-party breaches) and insight into patch handling strategies post-zero-day patch Tuesday.

“Certified Ethical Hacker Online Course – a Case Study” by Tam N. Nguyen: This study examines the instructional design of the CEH v10 online self-study course. It evaluates how well the course aligns with national instructional standards and peer-reviewed research on online education. The author highlights key design principles—such as community engagement, frequent quizzing, and feedback mechanisms—that are critical to learner success in preparing for the CEH exam. While it doesn’t present raw pass-rate numbers, it focuses on educational best practices that improve learning outcomes and thereby CEH exam performance.

“An empirical analysis of ethical hacking” by S. Rafiq: This empirical study analyzes the role of Certified Ethical Hacker certification in professionalizing ethical hacking. It traces the historical establishment of CEH, its legitimacy-building efforts, and the interplay between technical skill and ethical accreditation. The authors argue that CEH aims to systematize “thinking like a hacker” and to formalize the reputation of ethical hackers in organizations. Though concrete pass-rate data isn’t central, the paper provides context on how CEH functions as both a credential and a professional benchmark.

Here are the five conferences we're looking forward to the most this year (in no particular order...) and how you can get involved to boost your posture!

DSEI (9th-12th September): DSEI stands out as a global platform that bridges defence, security, and cybersecurity. With its broad focus on cutting-edge technologies, this event is critical for those involved in national defence, law enforcement, and private security. Cybersecurity is a prominent theme, with sessions addressing both offensive and defensive cyber strategies.

Defcon (7th-10th August): Defcon is a legendary event in the hacker and cybersecurity communities. Known for its hands-on approach, Defcon offers interactive workshops, capture-the-flag contests, and discussions on emerging threats. The conference is ideal for those looking to immerse themselves in technical aspects of cybersecurity.

Black Hat (2nd-7th August): Black Hat USA is synonymous with advanced security training and research. This premier event features technical briefings, hands-on workshops, and sessions led by global security experts. Attendees can explore the latest trends in penetration testing, malware analysis, and defensive techniques, making it a must-attend for cybersecurity professionals.