The impacts of large language models and AI on cybersecurity range from the good to the bad to the ugly. Here’s what to watch out for, and how to prepare.
Category: cybercrime/malcode – Page 58
“Welcome to another exciting episode of AI News! Our top story today is the release of ChatGPT’s DALL-E 3, an AI system that is revolutionizing image generation. We’ll also be discussing Google’s BARD and its recent upgrade, as well as the impressive $40M funding received by Legit Security to protect AI applications from cyber threats. Stay tuned for these stories and more in this episode of AI News. Don’t forget to subscribe and hit the bell icon so you never miss an update on the latest developments in Artificial Intelligence!”
The economic downturn is already a devastating blow to job seekers everywhere. Now scammers are taking advantage of the situation by ramping up their methods of swindling people.
Job scamming is a threat to job seekers all over the world. For example, the Better Business Bureau (BBB) reported an increase in job scam complaints in the United States and Canada in the past several years. Singapore job seekers lost $660 million SGD ($495 million USD) in 2022 alone. And in the UK, 10,000 people were approached on LinkedIn and Facebook by “foreign spies and malicious actors” to steal information.
Phishing attacks and malware are the primary methods of scamming job seekers, according to a February Trellix report. Scammers create fake websites, often employing typosquatting. A fake site uses a real name like Indeed that’s slightly misspelled (such as “Indeeed”) or extends the URL in hopes the job seeker will not notice the base domain name. These sites appear legitimate but are used to steal passwords and financial information.
Leveraging Technology For Innovative, Patient-Centered Clinical Care — Dr. Peter Fleischut, MD — Group Senior Vice President And Chief Information & Transformation Officer, NewYork-Presbyterian Hospital
Dr. Peter M. Fleischut, M.D., is Group Senior Vice President and Chief Information and Transformation Officer at NewYork-Presbyterian (https://www.nyp.org/)where he oversees the strategic vision and management of enterprise information technology, lab operations, pharmacy operations, innovation, data and analytics, artificial intelligence, telemedicine, and cybersecurity.
Dr. Fleischut has led the development of the Hospital’s award-winning digital health services and the implementation of clinical operations at NewYork-Presbyterian David H. Koch Center, a world-class ambulatory care center. In his previous role as Senior Vice President and Chief Transformation Officer, he focused on creating a single electronic medical record across NewYork-Presbyterian and its affiliated medical schools, Weill Cornell Medicine and Columbia University Vagelos College of Physicians and Surgeons.
Dr. Fleischut also led efforts to standardize care across NYP’s ten hospitals and hundreds of clinics and doctor practices, and oversaw all aspects of Graduate Medical Education (GME) for programs across the NYP enterprise.
Joining NewYork-Presbyterian/Weill Cornell in 2006, Dr. Fleischut previously served as Medical Director of Operating Rooms, Deputy Quality Patient Safety Officer, founding Director of the Center for Perioperative Outcomes, Vice Chairman, Chief Medical Information Officer, Chief Innovation Officer and Chief Medical Operating Officer.
The P2PInfect botnet worm is going through a period of highly elevated activity volumes starting in late August and then picking up again in September 2023.
P2PInfect was first documented by Unit 42 in July 2023 as a peer-to-peer malware that breaches Redis instances using a remote code execution flaw on internet-exposed Windows and Linux systems.
Cado Security researchers who have been following the botnet since late July 2023, report today seeing global activity, with most breaches impacting systems in China, the United States, Germany, Singapore, Hong Kong, the UK, and Japan.
A previously unknown threat actor dubbed ‘Sandman’ targets telecommunication service providers in the Middle East, Western Europe, and South Asia, using a modular info-stealing malware named ‘LuaDream.’
This malicious activity was discovered by SentinelLabs in collaboration with QGroup GmbH in August 2023, who named the threat actor and malware after the backdoor’s internal name of ‘DreamLand client.’
The operational style of Sandman is to keep a low profile to evade detection while performing lateral movement and maintaining long-term access to breached systems to maximize its cyberespionage operations.
The developers of Free Download Manager (FDM) have published a script to check if a Linux device was infected through a recently reported supply chain attack.
Free Download Manager is a popular cross-platform download manager that offers torrenting, proxying, and online video downloads through a user-friendly interface.
Last week, Kaspersky revealed that the project’s website was compromised at some point in 2020, redirecting a portion of Linux users who attempted to download the software to a malicious site.
The International Criminal Court (ICC) disclosed a cyberattack on Tuesday after discovering last week that its systems had been breached.
“At the end of last week, the International Criminal Court’s services detected anomalous activity affecting its information systems,” the ICC said.
“Immediate measures were adopted to respond to this cybersecurity incident and to mitigate its impact.”
This post is also available in: 
עברית (Hebrew)
A badly defended security camera is an easy target for hackers, as there are tools for easily hacking internet protocol (IP) cameras, and research revealed the prevalent problem of unprotected security cameras.
According to Cybernews researchers, there are currently at least 8,373 real-time streaming protocol (RTSP) cameras exposed worldwide. Exposed cameras mean that anyone could find even the latest saved screenshots of what the cameras see, with some cameras being found on Google. Furthermore, many cameras are left with default access passwords like “admin”.