Rise of Black Hat AI Tools That Shifts The Nature Of Cyber Warfare - Malicious versions of LLMs, like dark variants of ChatGPT, are escalating cyber warfare - These models generate convincing phishing emails, spread disinformation, and craft targeted social engineering messages - Illicit capabilities pose a significant threat to online security and challenge distinguishing genuine and malicious content - Rise in using malicious versions of ChatGPT and other dark LLMs discovered by cybersecurity researchers - Dark LLMs empower beginner attackers and challenge advanced security frameworks - Known dark LLMs include XXXGPT, Wolf GPT, WormGPT, and DarkBARD - Dark LLMs are involved in illicit activities such as targeted research synthesis, enhancing phishing schemes, and voice-based AI fraud - AI-driven attacks automate vulnerability discovery and malware spread, requiring a re-evaluation of cybersecurity defenses - Traditional defenses and phishing recognition are no longer sufficient - Rethinking of phishing detection and awareness training is necessary in response to the shift in AI's capacity to simulate convincing emails. Hashtags: #CyberAI #CyberSecurity #CyberSecurityNews

Cyber Security News

Rise of Malicious Black Hat AI Tools That Shifts The Nature Of Cyber Warfare

The rise of malicious versions of LLMs, like dark variants of ChatGPT is escalating cyber warfare by enabling more sophisticated and automated atta...

New Malware Mimics Visual Studio Update to Attack macOS users. Backdoor written in Rust discovered with 3 variants. Distributes as FAT binaries for Intel and ARM architectures. Dates back to November 2023. Core functionalities of samples listed. Variants contain embedded plist files and Apple Scripts for data exfiltration. Oldest variant lacks Apple script and configurations. Bitdefender publishes comprehensive report on backdoor with variants, samples, source code, and more. Indicators of Compromise listed. Cybersecurity hashtags: #malware #VisualStudio #macOS #backdoor #cybersecurity.

Cyber Security News

New Malware Mimic as Visual Studio Update to Attack macOS users

A new backdoor written in Rust has been discovered to be targeting macOS users which has several interesting features.

Beware of Raspberry Robin, a malicious worm that spreads through USB drives and is used by threat actors for various purposes such as data theft and deploying other malware. It was delivered as a Windows component and is associated with crime groups EvilCorp and TA505. Raspberry Robin continuously evolves and exploits vulnerabilities like CVE-2023-36802. It escalates privileges and targets specific Windows versions. The worm actively evades virtual machines and is expected to incorporate new tricks and features. #cybersecurity #malware

Cyber Security News

Beware of Stealthy Raspberry Robin That Delivered as a Windows Component

Raspberry Robin is a malicious worm that spreads through USB drives, and it's been actively used by the threat actors.

US Consumers Lost $10bn+ to Fraud in 2023 #fraud #consumerloss #recordhigh Investment Scams Earned Fraudsters $4.6bn in 2023 #investmentfraud #scams #financialloss Imposter Fraud and E-commerce Fraud Also Prevalent #identitytheft #ecommerce #scams Email Overtakes Text Messages as Most Common Vector for Fraud #cybercrime #phishing #communication Phone Calls Remain a Popular Contact Method for Scammers #phonefraud #scammers #communication Bank Transfers and Payments Account for Largest Losses #bankfraud #paymentfraud #financialloss FTC Takes Action Against Scams to Protect Americans #consumerprotection #FTC #scamawareness FCC Bans AI-Generated Voice Calls to Combat Spam and Disinformation #AI #voicecalls #spamprotection

Infosecurity Magazine

US Consumers Lose a Record $10bn+ to Fraud Last Year

Fraud cost US adults over $10bn in 2023, a record high, says the FTC

A new malware called Zardoor has been discovered, using reverse proxy tools to avoid detection and maintain persistence. The threat actor behind it has been using living-off-the-land binaries and may be based in China. The malware is designed to establish C2 control and execute remote commands. #cybersecurity #malware

Cyber Security News

New Stealthy Zardoor Malware Uses Reverse Proxy Tools to Evade Detection

Zardoor malware is deployed with several advanced techniques that use reverse proxy tools for evading detection and maintaining persistence.

UN experts are investigating 58 suspected North Korean cyberattacks valued at about $3 billion. The cyberattacks are believed to be funding the development of weapons of mass destruction. The cyberattacks are continuing, with North Korean hacking groups under the Reconnaissance General Bureau responsible. North Korea is violating UN sanctions and further developing nuclear weapons. They have operational nuclear facilities and are preparing for their seventh nuclear test. North Korea also continues to import refined petroleum products in violation of sanctions. The country is also engaged in illicit financial operations. The sanctions have unintentionally affected the humanitarian situation in North Korea. #NorthKorea #Cyberattacks #UNInvestigation #SanctionsViolation #WeaponsDevelopment #IllicitFinancialOperations

SecurityWeek

UN Experts Investigating 58 Suspected North Korean Cyberattacks Valued at About $3 Billion

U.N. experts are investigating 58 suspected North Korean cyberattacks valued at approximately $3 billion, with the money reportedly being used fund...

#Cohesity #Veritas #DataProtection #DataSecurity #MergersAndAcquisitions

SecurityWeek

Cohesity to Buy Veritas’ Data Protection Businesses

Data security firm Cohesity will buy Veritas’ data protection business, creating a data security and management firm valued at roughly $7 billion.

Summary: - A penguin named "Squid" is featured in an amusing story. - There are several links to news articles, including one about a Philadelphia sheriff posting fake news stories and another about a new release of Hiren's BootCD PE x64. - A video demonstrates how the Raspberry Pi Pico can crack BitLocker encryption. - David Kahn, a leading historian of codes and code breaking, has passed away. - An article explains how warm air can hold more water vapor, resulting in heavier rain. - The failure to protect the root of trust is discussed, highlighting the vulnerability of key passover between TPM and CPU. - The presence of subliminal bias in AI systems is mentioned, using the example of feet positioning in a photo of Supreme Court justices. Hashtags: #Penguin #Squid #FakeNews #ChatGPT #HirensBootCD #BitLocker #RaspberryPiPico #Codes #CodeBreaking #Rain #TPM #CPU #AI #Bias #SupremeCourt

Schneier on Security

Friday Squid Blogging: A Penguin Named "Squid" - Schneier on Security

Amusing story about a penguin named “Squid.” As usual, you can also use this squid post to talk about the security stories in the news ...

Juniper Networks support portal exposed sensitive information tied to customer products; the data exposure stemmed from a recent upgrade to the portal. Information such as device models, serial numbers, warranty status, and support contract information were accessible. The exposed support contract information is potentially sensitive because it reveals which products lack critical security updates. Juniper Networks has since resolved the issue and is investigating the root cause. #JuniperNetworks #DataExposure #SecurityUpdates

Juniper Support Portal Exposed Customer Device Info – Krebs on Security

In a false report, it was claimed that 1.5 million smart toothbrushes were hacked and used in a DDoS attack. The story originated from a German reporter and was later confirmed to be hypothetical by Fortinet. Hashtags: #DDoS #fakeNews #IoT #botnets.

Schneier on Security

No, Toothbrushes Were Not Used in a Massive DDoS Attack - Schneier on Security

The widely reported story last week that 1.5 million smart toothbrushes were hacked and used in a DDoS attack is false. Near as I can tell, a Germa...

New macOS backdoor named RustDoor linked to Black Basta and Alphv/BlackCat ransomware #macOS #RustDoor #ransomware #cybersecurity #malware #BlackBasta #Alphv #cybercrime Summary: A newly discovered macOS backdoor called RustDoor has been found to be associated with the ransomware groups Black Basta and Alphv/BlackCat. The backdoor, written in Rust, has been circulating since November 2023 and supports both Intel and Arm architectures. It has multiple variants that share the same backdoor functionality. RustDoor impersonates Visual Studio and has commands to harvest and exfiltrate files and gather information about the infected machine. The backdoor uses a command-and-control (C&C) server to generate a victim ID for communication. The configuration file allows for impersonation of different applications and includes persistence mechanisms. Bitdefender, the cybersecurity firm that discovered RustDoor, found that it uses C&C servers previously associated with Black Basta and Alphv/BlackCat ransomware campaigns. Hashtags: #macOS #RustDoor #ransomware #cybersecurity #malware #BlackBasta #Alphv #cybercrime

SecurityWeek

New macOS Backdoor Linked to Prominent Ransomware Groups

Written in Rust, the new RustDoor macOS backdoor appears linked to Black Basta and Alphv/BlackCat ransomware.

Here's a summary of the text provided: - $350 million Google+ data leak settlement reached. - AI-powered fraud uses deepfake technology. - Black Hunt ransomware based on leaked LockBit code. - Pennsylvania Courts website disrupted by cyberattack. - Cybersecurity funding in Q4 2023 reaches $89 billion. - Google agrees to $350 million settlement in data leak lawsuit. - Internet-exposed Confluence server numbers inflated by honeypots. - OpenSSF and CISA create framework for package repository security. - OT/IoT threat landscape assessment published. - Various patches released by SonicWall, Google, and VMware. And here are the hashtags associated with the text: #GoogleSettlement #AIPoweredFraud #Ransomware #CybersecurityFunding #Cyberattack #DataLeak #ConfluenceServer #PackageRepositorySecurity #OTIoTThreatLandscape #Patches

SecurityWeek

In Other News: $350 Million Google Settlement, AI-Powered Fraud, Cybersecurity Funding

$350 million Google+ data leak settlement, AI and deepfakes used for fraud, 2023 cybersecurity funding report.

Lawmakers are calling for restrictions on American venture capital firms funding Chinese tech companies. A congressional investigation found that these firms invested billions of dollars in Chinese companies involved in semiconductor, AI, and cybersecurity, which are considered a threat to national security. The report revealed that some VC firms invested in companies that support China's human rights abuses, military, and surveillance state. The lawmakers want Congress to limit investments in Chinese entities connected to the Chinese military or human rights abuses. #VCfunding #ChineseTechCompanies #NationalSecurity #CybersecurityInvestments

SecurityWeek

Lawmakers Want Clampdown on American VCs Funding Chinese Tech Companies

Congressional report says US venture capital firms invested in Chinese tech companies in sectors that are a threat to US national security.

Summary: - Facebook has been in existence for 20 years, but trust in social media remains low. - Only 6% of people trust social media companies with their personal data. - Trust in social media companies is lowest in Japan and the UK. - Brits are the most distrusting nation when it comes to social media companies. - US citizens are the most trusting of social media companies. - Changes in social media data practices are needed to regain trust. - Transparency, accountability, and user empowerment are important for rebuilding trust. - Users should regularly review and adjust privacy settings on social media platforms. - Critical industries like banking and healthcare are seen as the most trustworthy. - Recommendations for increasing digital trust include risk-based authentication and consent management. - Trust-building initiatives are essential for a safer digital environment. Hashtags: #Facebook #SocialMediaTrust #DigitalTrust #Privacy #Transparency #Accountability #UserEmpowerment #DataPrivacy #TrustBuilding #DigitalTrustIndex

Infosecurity Magazine

20 Years of Facebook, but Trust in Social Media Remains Rock Bottom

Facebook and other social media companies struggle with trust, with only 6% globally comfortable sharing personal data, according to a 2024 Thales ...

AI-Powered Robocalls Banned Ahead of US Election. Prior consent required for calls with AI-generated voices. FCC can sanction violators with fines. Individuals can sue violators and recover damages. AI-generated robocalls misinform and impersonate. 7.3 billion spam calls globally in Q4 2023. FCC decision praised by voice security company. #RobocallBan #FCC #AIGeneratedVoices #SpamCalls #USPresidentialElection

Infosecurity Magazine

AI-Powered Robocalls Banned Ahead of US Election

US companies using AI-generated voices during a call without prior consent could receive fines of up to $23,000 per call

Summary: 1. Network as a Service (NaaS) for Managed Security Service Providers (MSSPs) offers a subscription-based model for providing networking and security services. 2. NaaS enables businesses to access essential networking and security features without handling underlying infrastructure complexities. 3. MSSPs can leverage NaaS to enhance scalability, flexibility, and cost-efficiency in their network security and management services. 4. Key benefits of NaaS for MSSPs include cost efficiency, enhanced security, expertise and support, scalability and flexibility, and simplified management. 5. Challenges for NaaS for MSSP providers include dependence on service providers, integration complexities, and compliance and privacy concerns. 6. When choosing a NaaS for MSSP provider, factors to consider include security features and capabilities, scalability and flexibility, performance and reliability, integration and compatibility, management and visibility, support and expertise, pricing and business model, vendor reputation and stability, and future-proofing and innovation. 7. The 10 best NaaS for MSSP providers in 2024 are Perimeter 81, Cloudflare, Prisma Cloud, Megaport, Akamai, Aryaka, Converged Cloud Fabric, Amdocs NaaS, Lumen, and Masergy. Hashtags: #NaaS #MSSP #CyberSecurity #NetworkInfrastructure #SecurityServices #CloudTechnologies #Scalability #Flexibility #CostEfficiency #SecurityFeatures #PrivacyConcerns #VendorReputation #Innovation

Cyber Security News

10 Best Secure Network As A Service (NaaS) For MSSP Providers - 2026

Secure Network as a Service for MSSP : 1. Amdocs 2. Aryaka 3. Perimeter 81 4. Cloudflare 5. Prisma Cloud 6. Megaport 7. Akamai and more

Beware of Fake LastPass app that steals personal information. #cybersecurity #fraud #fakeapp #datasecurity

Cyber Security News

Beware of Fake LastPass Password Manager App That Steals Personal Information

Customers of LastPass have been alerted of a fraudulent app that poses as the legitimate LastPass app on the Apple App Store in an attempt to ste...

#CyberSecurityNews #Fortinet #SSLVPN #Flaw #Vulnerability #CyberAttack #ZeroDay #DataBreaches #CyberAI

Cyber Security News

Fortinet Warns of Critical SSL VPN Flaw Exploited Actively in the Wild

Fortinet has suggested disabling SSL VPN VPN VPNs as a workaround to address the security vulnerability affecting SSL VPN web portals.

Ransomware payments have exceeded $1 billion in 2023, highlighting the growing threat of cybercrime. Attacks targeted various industries, causing severe damage and financial losses. The use of sophisticated encryption algorithms made data recovery difficult without paying the ransom. Ransomware gangs are now adopting a "big game hunting" strategy and utilizing Ransomware-as-a-Service (RaaS) models. The ease of access to cybercrime has lowered the barrier for entry. Cyber attackers exploit system vulnerabilities, such as the MOVEit vulnerability, resulting in massive data breaches. Efforts to combat ransomware have shown progress through collaboration between law enforcement, security firms, and blockchain experts. #Cybersecurity #Cyberattacks #Ransomware #Cybercrime

Cyber Security News

Ransomware Payments Hitting Record High, Exceed $1 Billion

A new report by Chainalysis found that ransomware payments reached a staggering $1 billion in 2023, highlighting the growing threat posed by cyberc...

Chinese hackers have been compromising US critical infrastructure for five years. The threat actor, known as Volt Typhoon, has targeted industries such as Communications, Energy, Transportation Systems, and Water and Wastewater Systems. They use living off-the-land techniques and valid accounts to maintain access. The US authoring agencies have observed their activities and provided detailed information. #ChineseHackers #CyberAttack #CyberSecurity #VoltTyphoon

Cyber Security News

Chinese Hackers Remain Undetected in US Infrastructure Systems for Five Years

According to the reports shared with Cyber Security News, the Volt Typhoon uses living off-the-land techniques while targeting critical infrastruct...