Security News
In the wake of WormGPT, a ChatGPT clone trained on malware-focused data, a new generative artificial intelligence hacking tool called FraudGPT has emerged, and at least another one is under development that is allegedly based on Google's AI experiment, Bard. Both AI-powered bots are the work of the same individual, who appears to be deep in the game of providing chatbots trained specifically for malicious purposes ranging from phishing and social engineering, to exploiting vulnerabilities and creating malware.
As is typical in ransomware attacks, the University of Waterloo forced staff, faculty, and employee grad students to reset their passwords by June 8th. All non-employee grad students, incoming first-year undergraduates, and all remaining students had to reset their passwords by June 22nd. Resetting the passwords for 42,000 people and their many connected devices is challenging, to say the least, for any IT team. Let's explore why organizations are forced into mass password resets and how to make the process manageable.
A nation-state actor with links to China is suspected of being behind a series of attacks against industrial organizations in Eastern Europe that took place last year to siphon data stored on air-gapped systems. The attacks entailed the use of more than 15 distinct implants and their variants, broken down into three broad categories based on their ability to establish persistent remote access, gather sensitive information, and transmit the collected data to actor-controlled infrastructure.
CyFox researchers have discovered a DLL planting/hijacking vulnerability in popular media center application Stremio, which could be exploited by attackers to execute code on the victim’s system,...
Researchers have just published a paper showing how to automate the discovery of prompt injection attacks. The paper shows how those can be automatically generated.
The Cybersecurity and Infrastructure Agency has published an analysis report on the backdoors dropped by attackers exploiting CVE-2023-2868, a remote command injection vulnerability in Barracuda Email Security Gateway appliances. In late May, Barracuda warned that attackers have been exploiting the vulnerability in Barracuda Networks' ESG physical appliances.
Most organizations lack strong cyber resilience strategies or data security capabilities to address threats and maintain business continuity, according to BigID. Despite both the rise in threats and the high percentage of respondents whose organizations suffered recent attacks, there hasn't been a corresponding uptick in strategic measures to shore up cyber resilience. Organizations need cyber resilience and data security capabilities in place, too-to recover data and restore business operations and to do so fast.
Website of Israel's largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have hacked the Group's cyber systems. The Haifa Bay-based BAZAN Group, formerly Oil Refineries Ltd., generates over $13.5 billion in annual revenue and employs more than 1,800 people.
Website of Israel's largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have hacked the Group's cyber systems. The Haifa Bay-based BAZAN Group, formerly Oil Refineries Ltd., generates over $13.5 billion in annual revenue and employs more than 1,800 people.
The U.S. Cybersecurity and Infrastructure Security Agency on Friday disclosed details of a "Novel persistent backdoor" called SUBMARINE deployed by threat actors in connection with the hack on Barracuda Email Security Gateway appliances. The findings come from an analysis of malware samples obtained from an unnamed organization that had been compromised by threat actors exploiting a critical flaw in ESG devices, CVE-2023-2868, which allows for remote command injection.