Wed.Feb 07, 2024

article thumbnail

Teaching LLMs to Be Deceptive

Schneier on Security

Interesting research: “ Sleeper Agents: Training Deceptive LLMs that Persist Through Safety Training “: Abstract: Humans are capable of strategically deceptive behavior: behaving helpfully in most situations, but then behaving very differently in order to pursue alternative objectives when given the opportunity. If an AI system learned such a deceptive strategy, could we detect it and remove it using current state-of-the-art safety training techniques?

264
264
article thumbnail

Google Cybersecurity Action Team Threat Horizons Report #9 Is Out!

Anton on Security

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our seventh Threat Horizons Report ( full version ) that we just released ( the official blog for #1 report , my unofficial blogs for #2 , #3 , #4 , #5 , #6 , #7 and #8 ). My favorite quotes from the report follow below: “ Credential abuse resulting in cryptomining remains a persistent issue , with threat actors continuing to exploit weak or nonexistent passwords to gain un

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. The leaked user database shows one of the forum’s founders was an attorney who advised Russia’s top hackers on the legal risks of their work, and what to do if they got caught. A review of this user’s hacker identities shows that during his time on the forums he served as an officer in the special forces of the GRU , the foreign military intelligence agency of the Russian Federation.

article thumbnail

4 Threat Hunting Techniques to Prevent Bad Actors in 2024

Tech Republic Security

Threat hunting is essential for preventing bad actors. Learn effective techniques to identify and mitigate potential threats to your organization's security.

163
163
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

No, 3 million electric toothbrushes were not used in a DDoS attack

Bleeping Computer

A widely reported story that 3 million electric toothbrushes were hacked with malware to conduct distributed denial of service (DDoS) attacks is likely a hypothetical scenario instead of an actual attack. [.

DDOS 143
article thumbnail

‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing

Security Boulevard

PR FAIL: Were 3 million toothbrushes hacked into a botnet? Or does a Fortinet spokeschild have egg on his face? The post ‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing appeared first on Security Boulevard.

Hacking 142

More Trending

article thumbnail

Harnessing Artificial Intelligence for Ransomware Mitigation

Security Boulevard

Without AI, organizations will continue to suffer and struggle with recovery when faced with ransomware and other cyberattacks. The post Harnessing Artificial Intelligence for Ransomware Mitigation appeared first on Security Boulevard.

article thumbnail

Chinese hackers fail to rebuild botnet after FBI takedown

Bleeping Computer

Chinese Volt Typhoon state hackers failed to revive a botnet recently taken down by the FBI, which was previously used in attacks targeting critical infrastructure across the United States. [.

135
135
article thumbnail

Facebook fatal accident scam still rages on

Malwarebytes

Recently I wrote about a malvertising campaign on Facebook that has been going on for almost a year. Apparently Facebook is struggling to stop this campaign, so now this type of campaign is showing up in other languages than English. I have seen two different types in German. First Facebook scam Translation: Deadly accident on highway causes several fatalities Notable about this one is that it was posted as a fundraiser and so does not allow comments, which blocks me from posting a warning that

Scams 134
article thumbnail

Chinese hackers hid in US infrastructure network for 5 years

Bleeping Computer

The Chinese Volt Typhoon cyber-espionage group infiltrated a critical infrastructure network in the United States and remained undetected for at least five years before being discovered, according to a joint advisory from CISA, the NSA, the FBI, and partner Five Eyes agencies. [.

139
139
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products

The Hacker News

Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected devices. The first set from Cisco consists of three flaws – CVE-2024-20252 and CVE-2024-20254 (CVSS score: 9.6) and CVE-2024-20255 (CVSS score: 8.

132
132
article thumbnail

Denmark orders schools to stop sending student data to Google

Bleeping Computer

The Danish data protection authority (Datatilsynet) has issued an injunction regarding student data being funneled to Google through the use of Chromebooks and Google Workspace services in the country's schools. [.

Education 128
article thumbnail

Silent Thief on Telegram: DotStealer Malware Exfiltrates Your Data

Penetration Testing

A new menace has been detected by security researcher @Yogesh Londhe: the DotStealer malware. This sophisticated piece of cyber weaponry, analyzed by K7 Computing, has showcased its prowess in espionage by pilfering user information... The post Silent Thief on Telegram: DotStealer Malware Exfiltrates Your Data appeared first on Penetration Testing.

article thumbnail

Ransomware payments reached record $1.1 billion in 2023

Bleeping Computer

Ransomware payments in 2023 soared above $1.1 billion for the first time, shattering previous records and reversing the decline seen in 2022, marking the year as an exceptionally profitable period for ransomware gangs. [.

article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

Fortinet addressed two critical FortiSIEM vulnerabilities

Security Affairs

Fortinet warns of two critical OS command injection vulnerabilities in FortiSIEM that could allow remote attackers to execute arbitrary code Cybersecurity vendor Fortinet warned of two critical vulnerabilities in FortiSIEM, tracked as CVE-2024-23108 and CVE-2024-23109 (CVSS score 10), which could lead to remote code execution. “Multiple improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in FortiSIEM supervisor may allow a remote unauthenticated attacke

Hacking 123
article thumbnail

Facebook ads push new Ov3r_Stealer password-stealing malware

Bleeping Computer

A new password-stealing malware named Ov3r_Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and cryptocurrency. [.

Passwords 125
article thumbnail

IBM Shows How Generative AI Tools Can Hijack Live Calls

Security Boulevard

IBM researchers have discovered a way to use generative AI tools to hijack live audio calls and manipulate what is being said without the speakers knowing. The “audio-jacking” technique – which uses large-language models (LLMs), voice cloning, text-to-speech, and speech-to-text capabilities – could be used by bad actors to manipulate conversations for financial gain, Chenta.

article thumbnail

One-Day Exploits, Stealthy Tactics: Why Raspberry Robin Worm is a Cybersecurity Nightmare

Penetration Testing

Raspberry Robin has emerged as a significant point of interest among cybersecurity experts. First identified by Red Canary in 2021, this worm has demonstrated a sophisticated level of adaptability and innovation, capturing the attention... The post One-Day Exploits, Stealthy Tactics: Why Raspberry Robin Worm is a Cybersecurity Nightmare appeared first on Penetration Testing.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Google Pushes Software Security Via Rust, AI-Based Fuzzing

Security Boulevard

Google is making moves to help developers ensure that their code is secure. The IT giant this week said it is donating $1 million to the Rust Foundation to improve interoperability between the Rust programming language and legacy C++ codebase in hopes of getting more developers make the shift to Rust. The donation supports the. The post Google Pushes Software Security Via Rust, AI-Based Fuzzing appeared first on Security Boulevard.

Software 120
article thumbnail

Critical flaw in Shim bootloader impacts major Linux distros

Bleeping Computer

A critical vulnerability in the Shim Linux bootloader enables attackers to execute code and take control of a target system before the kernel is loaded, bypassing existing security mechanisms. [.

111
111
article thumbnail

Are You Prepared for FedRAMP Rev. 5?

Security Boulevard

This year we joined other organizations in going through the FedRAMP Revision 5 transition project. If you’re unfamiliar, the Federal Risk and Authorization Management Program (FedRAMP) transitioned from using NIST 800-53 Revision 4 to NIST 800-53 Revision 5. This project involves reviewing the updated NIST controls, examining guidance from the FedRAMP PMO, and coordinating with our external […] The post Are You Prepared for FedRAMP Rev. 5?

Risk 120
article thumbnail

Critical Cisco bug exposes Expressway gateways to CSRF attacks

Bleeping Computer

Cisco has patched several vulnerabilities affecting its Expressway Series collaboration gateways, two of them rated as critical severity and exposing vulnerable devices to cross-site request forgery (CSRF) attacks. [.

105
105
article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

article thumbnail

Critical shim bug impacts every Linux boot loader signed in the past decade

Security Affairs

The maintainers of Shim addressed six vulnerabilities, including a critical flaw that could potentially lead to remote code execution. The maintainers of ‘shim’ addressed six vulnerabilities with the release of version 15.8. The most severe of these vulnerabilities, tracked as CVE-2023-40547 (CVSS score: 9.8), can lead to remote code execution under specific circumstances.

Firmware 118
article thumbnail

Fortinet snafu: Critical FortiSIEM CVEs are duplicates, issued in error

Bleeping Computer

It turns out that critical Fortinet FortiSIEM vulnerabilities tracked as CVE-2024-23108 and CVE-2024-23109 are not new and have been published this year in error. [.

120
120
article thumbnail

Credential Stuffing: Who Owns the Risk?

Security Boulevard

With the escalating threat of credential stuffing and account takeover attacks, defenders need to understand the early warning signs and create holistic plans to safeguard against these evolving security challenges. The post Credential Stuffing: Who Owns the Risk? appeared first on Security Boulevard.

Risk 109
article thumbnail

Fortinet warns of new FortiSIEM RCE bugs in confusing disclosure

Bleeping Computer

Fortinet is warning of two new unpatched patch bypasses for a critical remote code execution vulnerability in FortiSIEM, Fortinet's SIEM solution. [.

113
113
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Kimsuky's New Golang Stealer 'Troll' and 'GoBear' Backdoor Target South Korea

The Hacker News

The North Korea-linked nation-state actor known as Kimsuky is suspected of using a previously undocumented Golang-based information stealer called Troll Stealer. The malware steals "SSH, FileZilla, C drive files/directories, browsers, system information, [and] screen captures" from infected systems, South Korean cybersecurity company S2W said in a new technical report.

Malware 115
article thumbnail

CISA adds Google Chromium V8 Type Confusion bug to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 Type Confusion bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chromium V8 Type Confusion bug, tracked as CVE-2023-4762 , to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability impacts Google Chrome prior to 116.0.5845.179, it allows a remote attacker to execute arbitrary code via a crafted HTML page.

Spyware 106
article thumbnail

Google tests blocking side-loaded Android apps with risky permissions

Bleeping Computer

Google has launched a new pilot program to fight financial fraud by blocking the sideloading of Android APK files that request access to risky permissions. [.

Mobile 105
article thumbnail

Experts warn of a critical bug in JetBrains TeamCity On-Premises

Security Affairs

A new vulnerability in JetBrains TeamCity On-Premises can be exploited by threat actors to take over vulnerable instances. JetBrains addressed a critical security vulnerability, tracked as CVE-2024-23917 (CVSS score 9.8) in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software. An attacker can trigger the vulnerability to take over vulnerable installs. “The vulnerability may enable an unauthenticated attacker with HTTP(S) access to a TeamCity server to

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.