Mandiant has analyzed a new Russia-linked ICS malware named CosmicEnergy that is designed to cause electric power disruption.
Russian cybercrime group TA505 has been observed using new hVNC (Hidden Virtual Network Computing) malware in recent attacks, threat intelligence company Elastic reports.
Called Lobshot, the malware allows attackers to bypass fraud detection engines and provides them with stealthy, direct access to the infected machines.
The threat actor distributes the malware through malvertising, abusing Google Ads and a network of fake websites to trick users into downloading legitimate-looking installers containing backdoors.
Join top executives in San Francisco on July 11–12, to hear how leaders are integrating and optimizing AI investments for success. Learn More
Why do people become ethical hackers? Given the negative connotations that the word “hacker” has unfortunately acquired over the past few decades, it’s tough to understand why anyone would ascribe themselves to that oxymoron.
Yet, ethical hackers are playing an increasingly vital role in cybersecurity, and the ranks of the ethical hacking community are growing significantly. If you’re thinking about working with or hiring ethical hackers — or even becoming one yourself — it’s important to understand what makes this unique breed of cyber-pro tick.
W elcome to the TechCrunch Exchange, a weekly startups-and-markets newsletter. It’s inspired by the daily TechCrunch+ column where it gets its name. Want it in your inbox every Saturday? Sign up here.
From cybersecurity to SaaS for restaurants, the key to running a successful business is selling a product that solves your clients’ real problems. — Anna
2022 in cybersecurity.
A critical vulnerability found in a remote terminal unit (RTU) made by Slovenia-based industrial automation company Inea can expose industrial organizations to remote hacker attacks.
The existence of the vulnerability came to light last week, when the US Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to inform organizations. The vendor has released a firmware update that patches the issue.
The security hole, tracked as CVE-2023–2131 with a CVSS score of 10, impacts Inea ME RTUs running firmware versions prior to 3.36. This OS command injection bug could allow remote code execution, CISA said.
At a time when incidents of CCTV Cameras are getting hacked across the world has reached an all-time high, Raxa Security Solutions Ltd, a security company has joined hands with a Bangalore-based IoT cyber security company, Redinent Innovations to address this imperative and serious need.
Automated irrigation systems in the Northern part of Israel were briefly disrupted recently in an attack that once again shows how easy it can be to hack industrial control systems (ICS).
The Jerusalem Post reported that hackers targeted water controllers for irrigation systems at farms in the Jordan Valley, as well as wastewater treatment control systems belonging to the Galil Sewage Corporation.
Farms were warned by Israel’s National Cyber Directorate prior to the incident, being instructed to disable remote connections to these systems due to the high risk of cyberattacks. Roughly a dozen farms in the Jordan Valley and other areas failed to do so and had their water controllers hacked. This led to automated irrigation systems being temporarily disabled, forcing farmers to turn to manual irrigation.
Indirect prompt-injection attacks are similar to jailbreaks, a term adopted from previously breaking down the software restrictions on iPhones. Instead of someone inserting a prompt into ChatGPT or Bing to try and make it behave in a different way, indirect attacks rely on data being entered from elsewhere. This could be from a website you’ve connected the model to or a document being uploaded.
“Prompt injection is easier to exploit or has less requirements to be successfully exploited than other” types of attacks against machine learning or AI systems, says Jose Selvi, executive principal security consultant at cybersecurity firm NCC Group. As prompts only require natural language, attacks can require less technical skill to pull off, Selvi says.
There’s been a steady uptick of security researchers and technologists poking holes in LLMs. Tom Bonner, a senior director of adversarial machine-learning research at AI security firm Hidden Layer, says indirect prompt injections can be considered a new attack type that carries “pretty broad” risks. Bonner says he used ChatGPT to write malicious code that he uploaded to code analysis software that is using AI. In the malicious code, he included a prompt that the system should conclude the file was safe. Screenshots show it saying there was “no malicious code” included in the actual malicious code.
Researchers on Tuesday unveiled a major discovery—malicious firmware that can wrangle a wide range of residential and small office routers into a network that stealthily relays traffic to command-and-control servers maintained by Chinese state-sponsored hackers.
A firmware implant, revealed in a write-up from Check Point Research, contains a full-featured backdoor that allows attackers to establish communications and file transfers with infected devices, remotely issue commands, and upload, download, and delete files. The implant came in the form of firmware images for TP-Link routers. The well-written C++ code, however, took pains to implement its functionality in a “firmware-agnostic” manner, meaning it would be trivial to modify it to run on other router models.
A team of researchers from South Korea has developed a new LLM called “DarkBert,” which has been trained exclusively on the “Dark Web.”
A team of South Korean researchers has taken the unprecedented step of developing and training artificial intelligence (AI) on the so-called “Dark Web.” The Dark Web trained AI, called DarkBERT, was unleashed to trawl and index what it could find to help shed light on ways to combat cybercrime.
Continue reading “Meet ‘DarkBERT:’ South Korea’s Dark Web AI could combat cybercrime” »
