Wed.Feb 07, 2024

article thumbnail

Teaching LLMs to Be Deceptive

Schneier on Security

Interesting research: “ Sleeper Agents: Training Deceptive LLMs that Persist Through Safety Training “: Abstract: Humans are capable of strategically deceptive behavior: behaving helpfully in most situations, but then behaving very differently in order to pursue alternative objectives when given the opportunity. If an AI system learned such a deceptive strategy, could we detect it and remove it using current state-of-the-art safety training techniques?

267
267
article thumbnail

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. The leaked user database shows one of the forum’s founders was an attorney who advised Russia’s top hackers on the legal risks of their work, and what to do if they got caught. A review of this user’s hacker identities shows that during his time on the forums he served as an officer in the special forces of the GRU , the foreign military intelligence agency of the Russian Federation.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Google Cybersecurity Action Team Threat Horizons Report #9 Is Out!

Anton on Security

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our seventh Threat Horizons Report ( full version ) that we just released ( the official blog for #1 report , my unofficial blogs for #2 , #3 , #4 , #5 , #6 , #7 and #8 ). My favorite quotes from the report follow below: “ Credential abuse resulting in cryptomining remains a persistent issue , with threat actors continuing to exploit weak or nonexistent passwords to gain un

article thumbnail

4 Threat Hunting Techniques to Prevent Bad Actors in 2024

Tech Republic Security

Threat hunting is essential for preventing bad actors. Learn effective techniques to identify and mitigate potential threats to your organization's security.

157
157
article thumbnail

Guide to Business Writing

Everything you need to know about better business writing in one place. This is a complete guide to business writing — from a clear business writing definition to tips on how to hone your business writing skills.

article thumbnail

‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing

Security Boulevard

PR FAIL: Were 3 million toothbrushes hacked into a botnet? Or does a Fortinet spokeschild have egg on his face? The post ‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing appeared first on Security Boulevard.

Hacking 142
article thumbnail

Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products

The Hacker News

Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected devices. The first set from Cisco consists of three flaws – CVE-2024-20252 and CVE-2024-20254 (CVSS score: 9.6) and CVE-2024-20255 (CVSS score: 8.

142
142

More Trending

article thumbnail

Facebook fatal accident scam still rages on

Malwarebytes

Recently I wrote about a malvertising campaign on Facebook that has been going on for almost a year. Apparently Facebook is struggling to stop this campaign, so now this type of campaign is showing up in other languages than English. I have seen two different types in German. First Facebook scam Translation: Deadly accident on highway causes several fatalities Notable about this one is that it was posted as a fundraiser and so does not allow comments, which blocks me from posting a warning that

Scams 139
article thumbnail

The unlikely 3 million electric toothbrush DDoS attack

Bleeping Computer

A widely reported story that 3 million electric toothbrushes were hacked with malware to conduct distributed denial of service (DDoS) attacks is likely a hypothetical scenario instead of an actual attack. [.

DDOS 139
article thumbnail

Harnessing Artificial Intelligence for Ransomware Mitigation

Security Boulevard

Without AI, organizations will continue to suffer and struggle with recovery when faced with ransomware and other cyberattacks. The post Harnessing Artificial Intelligence for Ransomware Mitigation appeared first on Security Boulevard.

article thumbnail

Chinese hackers fail to rebuild botnet after FBI takedown

Bleeping Computer

Chinese Volt Typhoon state hackers failed to revive a botnet recently taken down by the FBI, which was previously used in attacks targeting critical infrastructure across the United States. [.

134
134
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Silent Thief on Telegram: DotStealer Malware Exfiltrates Your Data

Penetration Testing

A new menace has been detected by security researcher @Yogesh Londhe: the DotStealer malware. This sophisticated piece of cyber weaponry, analyzed by K7 Computing, has showcased its prowess in espionage by pilfering user information... The post Silent Thief on Telegram: DotStealer Malware Exfiltrates Your Data appeared first on Penetration Testing.

article thumbnail

Chinese hackers hid in US infrastructure network for 5 years

Bleeping Computer

The Chinese Volt Typhoon cyber-espionage group infiltrated a critical infrastructure network in the United States and remained undetected for at least five years before being discovered, according to a joint advisory from CISA, the NSA, the FBI, and partner Five Eyes agencies. [.

134
134
article thumbnail

One-Day Exploits, Stealthy Tactics: Why Raspberry Robin Worm is a Cybersecurity Nightmare

Penetration Testing

Raspberry Robin has emerged as a significant point of interest among cybersecurity experts. First identified by Red Canary in 2021, this worm has demonstrated a sophisticated level of adaptability and innovation, capturing the attention... The post One-Day Exploits, Stealthy Tactics: Why Raspberry Robin Worm is a Cybersecurity Nightmare appeared first on Penetration Testing.

article thumbnail

Denmark orders schools to stop sending student data to Google

Bleeping Computer

The Danish data protection authority (Datatilsynet) has issued an injunction regarding student data being funneled to Google through the use of Chromebooks and Google Workspace services in the country's schools. [.

Education 132
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Kimsuky's New Golang Stealer 'Troll' and 'GoBear' Backdoor Target South Korea

The Hacker News

The North Korea-linked nation-state actor known as Kimsuky is suspected of using a previously undocumented Golang-based information stealer called Troll Stealer. The malware steals "SSH, FileZilla, C drive files/directories, browsers, system information, [and] screen captures" from infected systems, South Korean cybersecurity company S2W said in a new technical report.

Malware 128
article thumbnail

Fortinet addressed two critical FortiSIEM vulnerabilities

Security Affairs

Fortinet warns of two critical OS command injection vulnerabilities in FortiSIEM that could allow remote attackers to execute arbitrary code Cybersecurity vendor Fortinet warned of two critical vulnerabilities in FortiSIEM, tracked as CVE-2024-23108 and CVE-2024-23109 (CVSS score 10), which could lead to remote code execution. “Multiple improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in FortiSIEM supervisor may allow a remote unauthenticated attacke

Hacking 122
article thumbnail

IBM Shows How Generative AI Tools Can Hijack Live Calls

Security Boulevard

IBM researchers have discovered a way to use generative AI tools to hijack live audio calls and manipulate what is being said without the speakers knowing. The “audio-jacking” technique – which uses large-language models (LLMs), voice cloning, text-to-speech, and speech-to-text capabilities – could be used by bad actors to manipulate conversations for financial gain, Chenta.

article thumbnail

Ransomware payments reached record $1.1 billion in 2023

Bleeping Computer

Ransomware payments in 2023 soared above $1.1 billion for the first time, shattering previous records and reversing the decline seen in 2022, marking the year as an exceptionally profitable period for ransomware gangs. [.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Google Pushes Software Security Via Rust, AI-Based Fuzzing

Security Boulevard

Google is making moves to help developers ensure that their code is secure. The IT giant this week said it is donating $1 million to the Rust Foundation to improve interoperability between the Rust programming language and legacy C++ codebase in hopes of getting more developers make the shift to Rust. The donation supports the. The post Google Pushes Software Security Via Rust, AI-Based Fuzzing appeared first on Security Boulevard.

Software 121
article thumbnail

Critical shim bug impacts every Linux boot loader signed in the past decade

Security Affairs

The maintainers of Shim addressed six vulnerabilities, including a critical flaw that could potentially lead to remote code execution. The maintainers of ‘shim’ addressed six vulnerabilities with the release of version 15.8. The most severe of these vulnerabilities, tracked as CVE-2023-40547 (CVSS score: 9.8), can lead to remote code execution under specific circumstances.

Firmware 116
article thumbnail

Are You Prepared for FedRAMP Rev. 5?

Security Boulevard

This year we joined other organizations in going through the FedRAMP Revision 5 transition project. If you’re unfamiliar, the Federal Risk and Authorization Management Program (FedRAMP) transitioned from using NIST 800-53 Revision 4 to NIST 800-53 Revision 5. This project involves reviewing the updated NIST controls, examining guidance from the FedRAMP PMO, and coordinating with our external […] The post Are You Prepared for FedRAMP Rev. 5?

Risk 121
article thumbnail

Facebook ads push new Ov3r_Stealer password-stealing malware

Bleeping Computer

A new password-stealing malware named Ov3r_Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and cryptocurrency. [.

Passwords 119
article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Ransomware Payments Hit a Record $1.1 Billion in 2023

WIRED Threat Level

After a slowdown in payments to ransomware gangs in 2022, last year saw total ransom payouts jump to their highest level yet, according to a new report from crypto-tracing firm Chainalysis.

article thumbnail

Critical flaw in Shim bootloader impacts major Linux distros

Bleeping Computer

A critical vulnerability in the Shim Linux bootloader enables attackers to execute code and take control of a target system before the kernel is loaded, bypassing existing security mechanisms. [.

113
113
article thumbnail

Click and Compromise: Cisco Bugs Let Hackers Infiltrate Systems Remotely

Penetration Testing

Recently, Cisco, a leading provider of networking solutions revealed several critical vulnerabilities affecting its Expressway Series collaboration gateways. These vulnerabilities, rated as critical in severity, expose vulnerable devices to Cross-Site Request Forgery (CSRF) attacks,... The post Click and Compromise: Cisco Bugs Let Hackers Infiltrate Systems Remotely appeared first on Penetration Testing.

article thumbnail

Critical Cisco bug exposes Expressway gateways to CSRF attacks

Bleeping Computer

Cisco has patched several vulnerabilities affecting its Expressway Series collaboration gateways, two of them rated as critical severity and exposing vulnerable devices to cross-site request forgery (CSRF) attacks. [.

111
111
article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

Credential Stuffing: Who Owns the Risk?

Security Boulevard

With the escalating threat of credential stuffing and account takeover attacks, defenders need to understand the early warning signs and create holistic plans to safeguard against these evolving security challenges. The post Credential Stuffing: Who Owns the Risk? appeared first on Security Boulevard.

Risk 110
article thumbnail

Fortinet snafu: Critical FortiSIEM CVEs are duplicates, issued in error

Bleeping Computer

It turns out that critical Fortinet FortiSIEM vulnerabilities tracked as CVE-2024-23108 and CVE-2024-23109 are not new and have been published this year in error. [.

115
115
article thumbnail

ClamAV Bugs Expose Users to Command Injection (CVE-2024-20328) and DoS Attacks (CVE-2024-20290)

Penetration Testing

Recently, Cisco revealed critical vulnerabilities lurking within ClamAV, a widely used open-source antivirus engine. With the potential to wreak havoc across endpoints, cloud services, and web security infrastructure, these vulnerabilities demand immediate attention and... The post ClamAV Bugs Expose Users to Command Injection (CVE-2024-20328) and DoS Attacks (CVE-2024-20290) appeared first on Penetration Testing.

article thumbnail

Fortinet warns of new FortiSIEM RCE bugs in confusing disclosure

Bleeping Computer

Fortinet is warning of two new unpatched patch bypasses for a critical remote code execution vulnerability in FortiSIEM, Fortinet's SIEM solution. [.

120
120
article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?