Security News

Threat actors are showing an increased interest in generative artificial intelligence tools, with hundreds of thousands of OpenAI credentials for sale on the dark web and access to a malicious alternative for ChatGPT. Both less skilled and seasoned cybercriminals can use the tools to create more convincing phishing emails that are customized for the intended audience to grow the chances of a successful attack. Hackers tapping into GPT AI. In six months, the users of the dark web and Telegram mentioned ChatGPT, OpenAI's artificial intelligence chatbot, more than 27,000 times, shows data from Flare, a threat exposure management company, shared with BleepingComputer.

In light of these events, I'd like to discuss how OSINT can assist with dark web investigations. Transactions on the dark web often involve cryptocurrency in exchange for illegal goods and services.

TechRepublic Premium Checklist: How to Create a Team Charter A good team charter should define the purpose of a team, how work will get done and the expected outcomes. Often, a team charter is described as a "Roadmap" for the team and its sponsors.

Attackers are exploiting two Adobe ColdFusion vulnerabilities to breach servers and install web shells to enable persistent access and allow remote control of the system, according to Rapid7 researchers. CVE-2023-29298, a critical improper access control flaw that could allow attackers to bypass a security feature CVE-2023-29300, a deserialization of untrusted data that could be exploited for arbitrary code execution CVE-2023-29301, another security feature bypass vulnerability.

Copilot feels like a web wrapper, a pane running Bing.com within Microsoft Edge rather than a fully integrated part of Windows 11. As mentioned above, Copilot is essentially Bing.com running via Microsoft Edge on Windows 11.

Ransomware has been an acute concern for organizations for more than a decade, but one of the more recent trends we see is that groups are now setting up infrastructure, but outsourcing actual infection to "Affiliates" who effectively act as contractors to the Ransomware as a Service group and split the profits at the end of a successful attacks. A ransomware group encrypts a company's data, but first exfiltrates data, which is posted on ransomware blogs on a certain date if the victim doesn't pay.

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

Microsoft is investigating an ongoing issue preventing some customers from accessing their Exchange Online mailbox through Outlook on the web. While Microsoft says this outage only impacts the North American region, user reports show that the issue might also affect users in South America.

In this post, we're going to explore common threat actors and their activities on dark web forums versus illicit Telegram communities. Hackers on dark web forums are more commonly known to share more zero-day exploits to other threat actors as well as share with other hackers how to use these exploits to their advantage as well.

Compromised credentials were found within the logs of info-stealing malware traded on illicit dark web marketplaces over the past year, according to Group-IB. The number of available logs containing compromised ChatGPT accounts reached a peak of 26,802 in May 2023.Unauthorized access to ChatGPT accounts may expose confidential or sensitive information, which can be exploited for targeted attacks against companies and their employees.