Security News

Abstract: We demonstrate how images and sounds can be used for indirect prompt and instruction injection in multi-modal LLMs. An attacker generates an adversarial perturbation corresponding to the prompt and blends it into an image or audio recording. When the user asks the model about the perturbed image or audio, the perturbation steers the model to output the attacker-chosen text and/or make the subsequent dialog follow the attacker's instruction.

JP Morgan has been fined $4 million by the US Securities and Exchange Commission for deleting millions of email records dating from 2018 relating to its Chase Bank subsidiary. The Financial services outfit apparently deleted somewhere in the region of 47 million electronic communications records from about 8,700 electronic mailboxes covering the period January 1 through to April 23, 2018.

A new phishing campaign codenamed MULTI#STORM has set its sights on India and the U.S. by leveraging JavaScript files to deliver remote access trojans on compromised systems. The multi-stage attack chain commences when an email recipient clicks the embedded link pointing to a password-protected ZIP file hosted on Microsoft OneDrive with the password "12345."

Amid an industry migration away from passwords, Okta has launched Okta Device Access, part of its suite of Workforce Identity Cloud products and an effort to unify passkey access across all devices under a single identity and access management platform. Designed to extend identity access management to the point of device login, the Okta Device Access service is also meant to reduce the likelihood that users, faced with the aggravation of having to wrangle repeatedly with logins for each device, will jettison security protocols.

An unknown threat actor has been observed leveraging a malicious Windows kernel driver in attacks likely targeting the Middle East since at least May 2020. A key security measure to mitigate against malicious drivers is Driver Signature Enforcement, which ensures that only drivers signed by Microsoft can be loaded on the system.

Technology provider ScanSource has announced it has fallen victim to a ransomware attack impacting some of its systems, business operations, and customer portals. ScanSource is a U.S.-based cloud service and SaaS connectivity and network communications provider that also offers special PoS and payments, security, and AIDC solutions.

The prolific Iranian nation-state group known as Charming Kitten targeted multiple victims in the U.S., Europe, the Middle East and India with a novel malware dubbed BellaCiao, adding to its ever-expanding list of custom tools. Discovered by Bitdefender Labs, BellaCiao is a "Personalized dropper" that's capable of delivering other malware payloads onto a victim machine based on commands received from an actor-controlled server.

Due to the increasing importance of multi-cloud and the intricate nature of cloud infrastructure, obtaining a comprehensive understanding of the various cloud workloads operating within your system, and ensuring their security, can be challenging. In this Help Net Security video, Kaus Phaltankar, CEO at Caveonix discusses how in today's complex multi-cloud landscape, the role of CISOs is more crucial than ever.

Multi-cloud data storage, once merely a byproduct of the great cloud migration, has now become a strategy for data management. As ransomware attacks continue to rise at a 13% growth rate year over year, surely more cloud storage simply equals more data vulnerability gaps to fill, right? New developments in data technology address these concerns.

Essendant, a wholesale distributor of stationary and office supplies, is experiencing a multi-day systems "Outage" preventing customers and suppliers from placing and fulfilling online orders. Headquartered in Deerfield, Illinois, Essendant also operates in Dubai, UAE. A systems outage at Essendant is preventing the placement or fulfillment of online orders, thereby impacting both the company's customers and suppliers.