Archive for the ‘cybercrime/malcode’ category: Page 118
Aug 7, 2021
AI Wrote Better Phishing Emails Than Humans in a Recent Test
Posted by Genevieve Klien in categories: cybercrime/malcode, government, information science, robotics/AI
Natural language processing continues to find its way into unexpected corners. This time, it’s phishing emails. In a small study, researchers found that they could use the deep learning language model GPT-3, along with other AI-as-a-service platforms, to significantly lower the barrier to entry for crafting spearphishing campaigns at a massive scale.
Researchers have long debated whether it would be worth the effort for scammers to train machine learning algorithms that could then generate compelling phishing messages. Mass phishing messages are simple and formulaic, after all, and are already highly effective. Highly targeted and tailored “spearphishing” messages are more labor intensive to compose, though. That’s where NLP may come in surprisingly handy.
At the Black Hat and Defcon security conferences in Las Vegas this week, a team from Singapore’s Government Technology Agency presented a recent experiment in which they sent targeted phishing emails they crafted themselves and others generated by an AI-as-a-service platform to 200 of their colleagues. Both messages contained links that were not actually malicious but simply reported back clickthrough rates to the researchers. They were surprised to find that more people clicked the links in the AI-generated messages than the human-written ones—by a significant margin.
Aug 7, 2021
Israeli cyber company detects severe Amazon security breach
Posted by Genevieve Klien in category: cybercrime/malcode
Check Point, an Israeli cybersecurity provider, found that by clicking an e-book infected by malware, users could lose control of both their Kindle tablet and their Amazon accounts.
Aug 6, 2021
Ransomware Attack Forces Indiana Hospital to Turn Ambulances Away
Posted by Genevieve Klien in categories: biotech/medical, cybercrime/malcode
Aug 5, 2021
Facebook users struggling to reactivate hacked accounts are buying $300 Oculus VR headsets just so they can talk to a customer service rep
Posted by Genevieve Klien in category: cybercrime/malcode
Hacked Facebook users buy a VR headset from Facebook-owned Oculus, contact customer service to unlock their account, and then returning the device.
The creation of a joint initiative under an agency of the Department of Homeland Security follows cyberattacks on critical U.S. infrastructure.
Aug 2, 2021
Credit card-stealing malware found in official Python repository
Posted by Genevieve Klien in category: cybercrime/malcode
Security researchers blame the repository’s lack of moderation.
Packages tainted with malicious code once again find their way into PyPI.
Aug 2, 2021
New APT Hacking Group Targets Microsoft IIS Servers with ASP.NET Exploits
Posted by Genevieve Klien in category: cybercrime/malcode
A new APT hacker group, known as “Praying Mantis” is targeting high-profile public and private organizations in the United States.
Aug 1, 2021
Women allege that NSO spyware was used to steal and leak their private photos
Posted by Genevieve Klien in categories: cybercrime/malcode, mobile phones, surveillance
“I am used to being harassed online. But this was different,” she added. “It was as if someone had entered my home, my bedroom, my bathroom. I felt so unsafe and traumatized.”
Oueiss is one of several high-profile female journalists and activists who have allegedly been targeted and harassed by authoritarian regimes in the Middle East through hack-and-leak attacks using the Pegasus spyware, created by Israeli surveillance technology company NSO Group. The spyware transforms a phone into a surveillance device, activating microphones and cameras and exporting files without a user knowing.
Jul 29, 2021
McAfee: Babuk ransomware decryptor causes encryption ‘beyond repair’
Posted by Genevieve Klien in categories: cybercrime/malcode, encryption
Babuk announced earlier this year that it would be targeting Linux/UNIX and ESXi or VMware systems with ransomware.