Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 66

A Safer Future for AI with Stronger Algorithms

This post is also available in: עברית (Hebrew)

AI technology is spreading quickly throughout many different industries, and its integration depends on users’ trust and safety concerns. This matter becomes complicated when the algorithms powering AI-based tools are vulnerable to cyberattacks that could have detrimental results.

Dr. David P. Woodruff from Carnegie Mellon University and Dr. Samson Zhou from Texas A&M University are working to strengthen the algorithms used by big data AI models against attacks.

Hackers Targeting 1,500 Banks and Their Customers in Push To Drain Accounts Across 60 Countries: Report

Black hat hackers have reportedly unleashed malicious software targeting over 1,500 banks and their customers worldwide.

Security researchers at IBM say a revamped version of the Grandoreiro banking trojan has just rolled out, enabling attackers to perform banking fraud in 60 countries.

The malware allows attackers to send email notices that appear to be urgent government requests for payments.

6 Finetuning for Classification

V/ Sebastian Raschka.

For weekend reading:

Chapter 6 (Finetuning LLMs for Classification) of Build an LLM from Scratch book is now finally available on the Manning website:

  • Introducing different LLM finetuning approaches
  • Preparing a dataset for text classification
  • Modifying a pretrained LLM for finetuning
  • Finetuning an LLM to identify spam messages
  • Evaluating the accuracy of a finetuned LLM classifier
  • Using a finetuned LLM to classify new data

In previous chapters, we coded the LLM architecture, pretrained it, and learned how to import pretrained weights from an external source, such as OpenAI, into our model. In this chapter, we are reaping the fruits of our labor by finetuning the LLM on a specific target task, such as classifying text, as illustrated in figure 6.1. The concrete example we will examine is classifying text messages as spam or not spam.

CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Linux kernel to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.

Tracked as CVE-2024–1086 (CVSS score: 7.8), the high-severity issue relates to a use-after-free bug in the netfilter component that permits a local attacker to elevate privileges from a regular user to root and possibly execute arbitrary code.

“Linux kernel contains a use-after-free vulnerability in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation,” CISA said.

$1,800,000,000,000 Bank Says Customer and Employee Data Has Been Exposed and Accessed in Mysterious Breach

One of the largest banks in the world says a data breach has exposed customer and employee information.

In a statement, Santander says it’s aware of “unauthorized access” to a third-party database containing information on an undisclosed number of customers and employees.

The bank, which has $1.8 trillion in total assets and operates in ten markets across Europe and the Americas, says customers of Santander Chile, Spain and Uruguay are affected.

Space Force selects companies to develop concepts for simulated space war training range

Join our newsletter to get the latest military space news every Tuesday by veteran defense journalist Sandra Erwin.

In a statement May 22, the Space Force said this specialized environment will be crucial for training service personnel, known as guardians, to defend critical satellites and other spacecraft from electronic attacks. Satellites rely on electromagnetic signals for communication, navigation, and data transmission, making them vulnerable to jamming and cyberattacks.

Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack

The MITRE Corporation has revealed that the cyber attack targeting the not-for-profit company towards late December 2023 by exploiting zero-day flaws in Ivanti Connect Secure (ICS) involved the actor creating rogue virtual machines (VMs) within its VMware environment.

“The adversary created their own rogue VMs within the VMware environment, leveraging compromised vCenter Server access,” MITRE researchers Lex Crumpton and Charles Clancy said.

“They wrote and deployed a JSP web shell (BEEFLUSH) under the vCenter Server’s Tomcat server to execute a Python-based tunneling tool, facilitating SSH connections between adversary-created VMs and the ESXi hypervisor infrastructure.”

Beware: These Fake Antivirus Sites Spreading Android and Windows Malware

It’s currently not clear how these bogus websites are distributed, but similar campaigns in the past have employed techniques such as malvertising and search engine optimization (SEO) poisoning.

Stealer malware have increasingly become a common threat, with cybercriminals advertising numerous custom variants with varying levels of complexity. This includes new stealers like Acrid, SamsStealer, ScarletStealer, and Waltuhium Grabber, as well as updates to existing ones such as SYS01stealer (aka Album Stealer or S1deload Stealer).

/* */