Wed.Feb 07, 2024

article thumbnail

Teaching LLMs to Be Deceptive

Schneier on Security

Interesting research: “ Sleeper Agents: Training Deceptive LLMs that Persist Through Safety Training “: Abstract: Humans are capable of strategically deceptive behavior: behaving helpfully in most situations, but then behaving very differently in order to pursue alternative objectives when given the opportunity. If an AI system learned such a deceptive strategy, could we detect it and remove it using current state-of-the-art safety training techniques?

320
320
article thumbnail

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. The leaked user database shows one of the forum’s founders was an attorney who advised Russia’s top hackers on the legal risks of their work, and what to do if they got caught. A review of this user’s hacker identities shows that during his time on the forums he served as an officer in the special forces of the GRU , the foreign military intelligence agency of the Russian Federation.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Google Cybersecurity Action Team Threat Horizons Report #9 Is Out!

Anton on Security

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our seventh Threat Horizons Report ( full version ) that we just released ( the official blog for #1 report , my unofficial blogs for #2 , #3 , #4 , #5 , #6 , #7 and #8 ). My favorite quotes from the report follow below: “ Credential abuse resulting in cryptomining remains a persistent issue , with threat actors continuing to exploit weak or nonexistent passwords to gain un

article thumbnail

4 Threat Hunting Techniques to Prevent Bad Actors in 2024

Tech Republic Security

Threat hunting is essential for preventing bad actors. Learn effective techniques to identify and mitigate potential threats to your organization's security.

156
156
article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

article thumbnail

‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing

Security Boulevard

PR FAIL: Were 3 million toothbrushes hacked into a botnet? Or does a Fortinet spokeschild have egg on his face? The post ‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing appeared first on Security Boulevard.

Hacking 142
article thumbnail

No, 3 million electric toothbrushes were not used in a DDoS attack

Bleeping Computer

A widely reported story that 3 million electric toothbrushes were hacked with malware to conduct distributed denial of service (DDoS) attacks is likely a hypothetical scenario instead of an actual attack. [.

DDOS 142

More Trending

article thumbnail

The unlikely 3 million electric toothbrush DDoS attack

Bleeping Computer

A widely reported story that 3 million electric toothbrushes were hacked with malware to conduct distributed denial of service (DDoS) attacks is likely a hypothetical scenario instead of an actual attack. [.

DDOS 141
article thumbnail

Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products

The Hacker News

Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected devices. The first set from Cisco consists of three flaws – CVE-2024-20252 and CVE-2024-20254 (CVSS score: 9.6) and CVE-2024-20255 (CVSS score: 8.

134
134
article thumbnail

Chinese hackers hid in US infrastructure network for 5 years

Bleeping Computer

The Chinese Volt Typhoon cyber-espionage group infiltrated a critical infrastructure network in the United States and remained undetected for at least five years before being discovered, according to a joint advisory from CISA, the NSA, the FBI, and partner Five Eyes agencies. [.

139
139
article thumbnail

Harnessing Artificial Intelligence for Ransomware Mitigation

Security Boulevard

Without AI, organizations will continue to suffer and struggle with recovery when faced with ransomware and other cyberattacks. The post Harnessing Artificial Intelligence for Ransomware Mitigation appeared first on Security Boulevard.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Chinese hackers fail to rebuild botnet after FBI takedown

Bleeping Computer

Chinese Volt Typhoon state hackers failed to revive a botnet recently taken down by the FBI, which was previously used in attacks targeting critical infrastructure across the United States. [.

130
130
article thumbnail

Silent Thief on Telegram: DotStealer Malware Exfiltrates Your Data

Penetration Testing

A new menace has been detected by security researcher @Yogesh Londhe: the DotStealer malware. This sophisticated piece of cyber weaponry, analyzed by K7 Computing, has showcased its prowess in espionage by pilfering user information... The post Silent Thief on Telegram: DotStealer Malware Exfiltrates Your Data appeared first on Penetration Testing.

article thumbnail

Facebook ads push new Ov3r_Stealer password-stealing malware

Bleeping Computer

A new password-stealing malware named Ov3r_Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and cryptocurrency. [.

Passwords 125
article thumbnail

One-Day Exploits, Stealthy Tactics: Why Raspberry Robin Worm is a Cybersecurity Nightmare

Penetration Testing

Raspberry Robin has emerged as a significant point of interest among cybersecurity experts. First identified by Red Canary in 2021, this worm has demonstrated a sophisticated level of adaptability and innovation, capturing the attention... The post One-Day Exploits, Stealthy Tactics: Why Raspberry Robin Worm is a Cybersecurity Nightmare appeared first on Penetration Testing.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Denmark orders schools to stop sending student data to Google

Bleeping Computer

The Danish data protection authority (Datatilsynet) has issued an injunction regarding student data being funneled to Google through the use of Chromebooks and Google Workspace services in the country's schools. [.

Education 121
article thumbnail

Fortinet addressed two critical FortiSIEM vulnerabilities

Security Affairs

Fortinet warns of two critical OS command injection vulnerabilities in FortiSIEM that could allow remote attackers to execute arbitrary code Cybersecurity vendor Fortinet warned of two critical vulnerabilities in FortiSIEM, tracked as CVE-2024-23108 and CVE-2024-23109 (CVSS score 10), which could lead to remote code execution. “Multiple improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in FortiSIEM supervisor may allow a remote unauthenticated attacke

Hacking 122
article thumbnail

IBM Shows How Generative AI Tools Can Hijack Live Calls

Security Boulevard

IBM researchers have discovered a way to use generative AI tools to hijack live audio calls and manipulate what is being said without the speakers knowing. The “audio-jacking” technique – which uses large-language models (LLMs), voice cloning, text-to-speech, and speech-to-text capabilities – could be used by bad actors to manipulate conversations for financial gain, Chenta.

article thumbnail

Kimsuky's New Golang Stealer 'Troll' and 'GoBear' Backdoor Target South Korea

The Hacker News

The North Korea-linked nation-state actor known as Kimsuky is suspected of using a previously undocumented Golang-based information stealer called Troll Stealer. The malware steals "SSH, FileZilla, C drive files/directories, browsers, system information, [and] screen captures" from infected systems, South Korean cybersecurity company S2W said in a new technical report.

Malware 119
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

article thumbnail

Google Pushes Software Security Via Rust, AI-Based Fuzzing

Security Boulevard

Google is making moves to help developers ensure that their code is secure. The IT giant this week said it is donating $1 million to the Rust Foundation to improve interoperability between the Rust programming language and legacy C++ codebase in hopes of getting more developers make the shift to Rust. The donation supports the. The post Google Pushes Software Security Via Rust, AI-Based Fuzzing appeared first on Security Boulevard.

Software 120
article thumbnail

Ransomware Payments Hit a Record $1.1 Billion in 2023

WIRED Threat Level

After a slowdown in payments to ransomware gangs in 2022, last year saw total ransom payouts jump to their highest level yet, according to a new report from crypto-tracing firm Chainalysis.

article thumbnail

Are You Prepared for FedRAMP Rev. 5?

Security Boulevard

This year we joined other organizations in going through the FedRAMP Revision 5 transition project. If you’re unfamiliar, the Federal Risk and Authorization Management Program (FedRAMP) transitioned from using NIST 800-53 Revision 4 to NIST 800-53 Revision 5. This project involves reviewing the updated NIST controls, examining guidance from the FedRAMP PMO, and coordinating with our external […] The post Are You Prepared for FedRAMP Rev. 5?

Risk 120
article thumbnail

Critical shim bug impacts every Linux boot loader signed in the past decade

Security Affairs

The maintainers of Shim addressed six vulnerabilities, including a critical flaw that could potentially lead to remote code execution. The maintainers of ‘shim’ addressed six vulnerabilities with the release of version 15.8. The most severe of these vulnerabilities, tracked as CVE-2023-40547 (CVSS score: 9.8), can lead to remote code execution under specific circumstances.

Firmware 116
article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

Fortinet snafu: Critical FortiSIEM CVEs are duplicates, issued in error

Bleeping Computer

It turns out that critical Fortinet FortiSIEM vulnerabilities tracked as CVE-2024-23108 and CVE-2024-23109 are not new and have been published this year in error. [.

118
118
article thumbnail

Click and Compromise: Cisco Bugs Let Hackers Infiltrate Systems Remotely

Penetration Testing

Recently, Cisco, a leading provider of networking solutions revealed several critical vulnerabilities affecting its Expressway Series collaboration gateways. These vulnerabilities, rated as critical in severity, expose vulnerable devices to Cross-Site Request Forgery (CSRF) attacks,... The post Click and Compromise: Cisco Bugs Let Hackers Infiltrate Systems Remotely appeared first on Penetration Testing.

article thumbnail

Ransomware payments reached record $1.1 billion in 2023

Bleeping Computer

Ransomware payments in 2023 soared above $1.1 billion for the first time, shattering previous records and reversing the decline seen in 2022, marking the year as an exceptionally profitable period for ransomware gangs. [.

article thumbnail

Credential Stuffing: Who Owns the Risk?

Security Boulevard

With the escalating threat of credential stuffing and account takeover attacks, defenders need to understand the early warning signs and create holistic plans to safeguard against these evolving security challenges. The post Credential Stuffing: Who Owns the Risk? appeared first on Security Boulevard.

Risk 109
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Smashing Security podcast #358: Hong Kong hijinks, pig butchers, and poor ransomware gangs

Graham Cluley

Is this the real life? Is this just fantasy? A company in Hong Kong suffers a sophisticated deepfake duping, be one your guard from pig butchers as Valentine's Day approaches, and spare a moment to feel sorry for poor ransomware gangs. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Lianne Potter from the "Compromising Positions" podcast.

article thumbnail

ClamAV Bugs Expose Users to Command Injection (CVE-2024-20328) and DoS Attacks (CVE-2024-20290)

Penetration Testing

Recently, Cisco revealed critical vulnerabilities lurking within ClamAV, a widely used open-source antivirus engine. With the potential to wreak havoc across endpoints, cloud services, and web security infrastructure, these vulnerabilities demand immediate attention and... The post ClamAV Bugs Expose Users to Command Injection (CVE-2024-20328) and DoS Attacks (CVE-2024-20290) appeared first on Penetration Testing.

article thumbnail

What Generative AI Means for Cybersecurity in 2024

Trend Micro

After a full year of life with ChatGPT cybersecurity experts have a clearer sense of how criminals are using generative AI to enhance attacks - learn what generative AI means for cybersecurity in 2024.

article thumbnail

Critical flaw in Shim bootloader impacts major Linux distros

Bleeping Computer

A critical vulnerability in the Shim Linux bootloader enables attackers to execute code and take control of a target system before the kernel is loaded, bypassing existing security mechanisms. [.

104
104
article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.