Security News
A novel credential-stealing malware called Zaraza bot is being offered for sale on Telegram while also using the popular messaging service as a command-and-control. "Zaraza bot targets a large number of web browsers and is being actively distributed on a Russian Telegram hacker channel popular with threat actors," cybersecurity company Uptycs said in a report published last week.
A free tool aims is helping organizations defend against KillNet distributed-denial-of-service bots and comes as the US government issued a warning that the Russian cybercrime gang is stepping up its network flooding attacks against hospitals and health clinics. At current count, the KillNet open proxy IP blocklist lists tens of thousands of proxy IP addresses used by the Russian hacktivists in their network-traffic flooding events.
A sneaky botnet dubbed HeadCrab that uses bespoke malware to mine for Monero has infected at least 1,200 Redis servers in the last 18 months. "The victims seem to have little in common, but the attacker seems to mainly target Redis servers and has a deep understanding and expertise in Redis modules and APIs as demonstrated by the malware," Asaf Eitani and Nitzan Yaakov reported.
Bots continue to evolve and thrive at the expense of companies. Kasada's research shows revenue loss from bot-driven account fraud and web scraping continues to skyrocket, despite companies spending more on bot mitigation solutions every year.
A new Linux malware downloader created using SHC has been spotted in the wild, infecting systems with Monero cryptocurrency miners and DDoS IRC bots. According to ASEC researchers, who discovered the attack, the SHC loader was uploaded to VirusTotal by Korean users, with attacks generally focused on Linux systems in the same country.
San Francisco legislators this week changed course on their killer robot policy, banning the police from using remote-control bots fitted with explosives. "This fight isn't over, but we are grateful that the board explicitly banned police robots with deadly force," San Francisco Supervisor Dean Preston said in a statement following Tuesday's decision to send the policy back to the drawing board.
A computer program known as a "Bot" acts as an agent for a user or another program or mimics human action. Bots are typically used to automate particular tasks so they can be used without specific human instructions.
OpenAI's newly unveiled ChatGPT bot is making waves when it comes to all the amazing things it can do-from writing music to coding to generating vulnerability exploits, and what not. Yesterday, BleepingComputer ran a piece listing 10 coolest things you can do with ChatGPT. And, that doesn't even begin to cover all use cases like having the AI compose music for you [1, 2]. Within six days of its launch, ChatGPT surpassed a million users to the extent its servers couldn't keep up.
From precisely spotting security vulnerabilities in your code, to writing an essay or an entire block of functional code on a whim, to opening portals to another dimension, OpenAI's newly launched ChatGPT is a game changer with its possibilities seeming limited only by your limitedness. Last week, OpenAI research labs unveiled ChatGPT, a chat bot that works from within your web browser-akin to the ones you've seen on websites offering customer support chat.
A LockBit 3.0 ransomware affiliate is using phishing emails that install the Amadey Bot to take control of a device and encrypt devices. The Amadey Bot malware is an old strain capable of performing system reconnaissance, data exfiltration, and payload loading.