What keeps cyber analysts awake at night is persistent memory in AI agents storing enterprise IP on US servers with no residency or automatic deletion. It bypasses 30-day rules. DTA's AGT.2 requires retention and purge governance but many businesses remain unaware of the privacy and forensic risks.
AWS has increased prices for reserved AI GPU capacity by around 20%, highlighting the growing shortage of high bandwidth memory and advanced chips. As demand outpaces supply, AI development costs are rising, making large scale model training and deployment more expensive.
Anthropic’s reported 1.4 GW Australian AI tender signals a major investment opportunity, but also a harder sovereignty question: will Australia and the Global South build capability inside this frontier infrastructure, or remain dependent on foreign chips, models, permissions and inference margins?
A major cyberattack that led to a significant Microsoft Azure outage, a high-stakes prisoner swap involving Russian cybercriminals and U.S. journalists, and Google's urgent patching of an Android zero-day vulnerability.
In this week's Cyber Scan Weekly Wrap, we dive into three interesting stories shaking the cybersecurity landscape: a major cyberattack that led to a significant Microsoft Azure outage, a high-stakes prisoner swap involving Russian cybercriminals and U.S. journalists, and Google's urgent patching of an Android zero-day vulnerability. These events underscore the ever-evolving challenges in cybersecurity and the relentless efforts needed to counteract sophisticated threats.
First, Microsoft faced a formidable distributed denial-of-service (DDoS) attack that resulted in an eight-hour outage of its Azure and Microsoft 365 services, affecting businesses worldwide. This incident not only disrupted critical operations but also highlighted vulnerabilities in Microsoft's defense mechanisms. Meanwhile, in a historic move, the U.S. exchanged two Russian cybercriminals for Wall Street Journal reporter Evan Gershkovich and other Americans detained in Russia, showcasing the complex interplay between diplomacy and cybersecurity enforcement. Lastly, Google addressed a severe zero-day vulnerability in the Android operating system, emphasising the importance of timely security updates to mitigate the risks posed by advanced cyber threats.
Microsoft Blames Cyberattack for Major Azure Outage
Microsoft has confirmed that a significant outage affecting its Azure cloud services and Microsoft 365 offerings was the result of a distributed denial-of-service (DDoS) attack. The outage, which lasted nearly eight hours on July 30, disrupted services including Application Insights, App Services, IoT Central, and various Microsoft 365 products such as Office and Outlook.
Users began complaining they couldn’t access several Microsoft services, including Azure. This incident occurred less than two weeks after a CrowdStrike update caused widespread issues for Microsoft Windows machines. The outage, impacting banks, retailers, and other major institutions, began around 11:45 AM UTC and was resolved by 7:43 PM. Microsoft reported that a “subset of customers may have experienced issues connecting to a subset of Microsoft services globally,” affecting Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy, the Azure portal, and “a subset of Microsoft 365 and Microsoft Purview services.”
The company disclosed that while the DDoS attack triggered their defence mechanisms, an error in the implementation of these defences exacerbated the situation, leading to a prolonged service interruption.
"The DDoS attack targeted Azure Front Door and Azure Content Delivery Network (CDN) components, overwhelming them with traffic and causing intermittent errors, timeouts, and latency spikes," a Microsoft spokesperson stated.
Initial investigations revealed that the error in their defensive measures amplified the impact of the attack rather than mitigating it. Microsoft has since revised its mitigation approach and rolled it out across affected regions to restore normal operations. This incident, following a series of recent outages impacting Microsoft's cloud services, highlights the growing challenges in cybersecurity. As cyber threats evolve, so must the strategies to defend against them, ensuring that the backbone of modern digital infrastructure remains robust and reliable.
U.S. Hands Over Russian Cybercriminals in WSJ Reporter Prisoner Swap
Roman Seleznev, in a picture taken from his phone (Source: DoJ)
In a landmark move on August 2, 2024, the United States exchanged two high-profile Russian cybercriminals for Wall Street Journal reporter Evan Gershkovich and other Americans held in Russia. This prisoner swap, involving 24 individuals, is the largest between the two nations since the Cold War era. Among the freed Americans were journalists and political activists, including Paul Whelan, a corporate security professional from Michigan, both of whom had faced espionage charges deemed unfounded by the U.S. government. This exchange highlights the U.S. government's commitment to securing the release of its citizens, despite the significant diplomatic and cybersecurity implications.
The swap also included notable cybercriminals Roman Seleznev and Vladislav Klyushin, whose early release has sparked concerns among cybersecurity experts and government officials. Seleznev, known for his extensive credit card fraud activities, and Klyushin, implicated in a "hack-to-trade" scheme, were pivotal figures in the cybercrime world. Todd Carroll, a retired FBI special agent, expressed concerns over the potential resurgence of sophisticated cyber threats.
Meanwhile, Philip Reiner from the Institute for Security and Technology pointed out that Russia's economy benefits from such cyber activities, allowing the Kremlin plausible deniability. The Biden administration framed the deal as a significant diplomatic achievement but faces criticism for potentially compromising cybersecurity enforcement. This swap underscores the intricate balance between diplomacy and cybersecurity, necessitating ongoing vigilance and international collaboration to address the evolving cyber threats.
Google Patches Android Zero-Day Exploited in the Wild
Google has released a security patch addressing a critical vulnerability in the Android operating system, identified as CVE-2024-36971. This high-severity flaw, which affects the Linux kernel, has been actively exploited in targeted attacks. The vulnerability allows for remote code execution on affected devices, provided the attacker has system-level privileges. The patch, part of Google's August security update, addresses a total of 47 vulnerabilities across various components, including those from Arm, Imagination Technologies, MediaTek, and Qualcomm.
The zero-day vulnerability was discovered by Clément Lecigne of Google’s Threat Analysis Group, who has a history of identifying flaws exploited by commercial spyware vendors. While Google has not disclosed specific details about the attacks or the threat actors involved, the company noted that the exploitation appears to be limited and targeted. The flaw can lead to a use-after-free condition in the kernel, a type of memory corruption that can be leveraged for remote code execution.
This incident underscores the growing threat of zero-day exploits, which have become more prevalent as cybercriminals and nation-state actors develop increasingly sophisticated attack methods. Google reported a significant rise in zero-day exploits in 2023, with 97 such vulnerabilities observed compared to 62 in 2022. The majority of these exploits were linked to espionage activities, while the rest were associated with financially motivated attacks.
The memory war exposes AI’s harder truth: power now sits in fabs, wafers, export licences and trusted supply. Apple, Micron, Nvidia, China, South Korea and Japan are no longer fighting over chips alone, but over dependence, pricing and the pace of intelligence itself across global markets, in 2026.
AI’s memory bottleneck is now reshaping the chip war. Apple’s search for Chinese supply, Micron’s pricing power, South Korea’s expansion and Nvidia’s HBM demand expose a harder truth: the AI boom is becoming a test of cost, sovereignty and global dependence across every device and data centres now.
At the G7 summit in France, Anthropic and Google DeepMind CEOs proposed a U.S.-led international AI coalition to govern frontier models and coordinate critical component trade — explicitly excluding China.
Anthropic’s Mythos disruption shows how quickly frontier cyber AI can be pulled between national security controls, commercial demand and weak regulation, leaving allies such as Australia exposed to a market shaped less by clear rules than by sudden intervention.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!