Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 84

5G Is A Network Security Threat Wake-Up Call For Operators And Regulators

Jan Häglund is the President and CEO of Enea, a specialist in software for telecommunications and cybersecurity.

As mobile networks are increasingly embedded in daily life, they have become a more attractive target for criminals and malicious state actors alike. A new spate of regulations globally suggests a unified response is required.

To consumers, 5G means ultra-fast connectivity and a smoother, better user experience. Few would be aware of how the interconnection and interworking between networks that enables this user experience is itself vulnerable to attack, with more devastating consequences than in the past, as we all increase our reliance on mobile communications.

Hacking with ChatGPT: Five A.I. Based Attacks for Offensive Security

ChatGPT may represent one of the biggest disruptions in modern history with it’s powerful A.I based chatbot. But within weeks of ChatGPT’s release, security researchers discovered several cases of people using ChatGPT for everything from malware development to exploit coding. In this video, take a look at the five ways attackers are utilizing ChatGPT for wrong doing.

0:14 Intro to ChatGPT / Natural Language Processing (NLP) & GPT
1:28 Using ChatGPT for Vulnerability Discovery.
1:56 Vulnerability Prompts to Utilize.
3:10 Writing Exploits.
3:35 Exploit Prompts to Utilize.
4:33 Malware Development.
5:00 Malware Examples (Stealers, Command & Control)
5:42 Polymorphic Malware Development Using ChatGPT
6:21 A.I. Based Phishing using NLP (Natural Language Processing)
7:20 ChatGPT Advantages over Traditional Phishing Messages.
7:41 Custom Messages Using GPT-3
8:04 Using Macros and LOLBINs.
9:33 GPT-3 vs GPT-4 (Coming Soon)
9:56 Cybersecurity Considerations and Predictions.

Chinese hackers outnumber FBI cyber staff 50 to 1, bureau director says

U.S. cyber intelligence staff is vastly outnumbered by Chinese hackers, Federal Bureau of Investigation Director Christopher Wray told Congress as he pleaded for more money for the agency.

“To give you a sense of what we’re up against, if each one of the FBI’s cyber agents and intel analysts focused exclusively on the China threat, Chinese hackers would still outnumber FBI Cyber personnel by at least 50 to 1,” Wray said in prepared remarks for a budget hearing before a House Appropriations subcommittee on Thursday.

The disclosure highlights the massive scale of cyber threats the U.S. is facing, particularly from China. Wray said the country has “a bigger hacking program than every other major nation combined and have stolen more of our personal and corporate data than all other nations—big or small—combined.”

Augmenting and accelerating humans

Join top executives in San Francisco on July 11–12, to hear how leaders are integrating and optimizing AI investments for success. Learn More

~“May you live in interesting times”~

Having the blessing and the curse of working in the field of cybersecurity, I often get asked about my thoughts on how that intersects with another popular topic — artificial intelligence (AI). Given the latest headline-grabbing developments in generative AI tools, such as OpenAI’s ChatGPT, Microsoft’s Sydney, and image generation tools like Dall-E and Midjourney, it is no surprise that AI has catapulted into the public’s awareness.

What AI Technology Is Doing for Longevity Now

In March 2023, MIT Technology Review revealed that Sam Altman, the CEO of OpenAI (ChatGPT), was the mystery investor behind the $180 million investment into stealth startup Retro Biosciences, a biotech company with the ambition of “adding 10 years to the human lifespan.” This investment marks the latest tech entrepreneur expressing their interest in longevity science and a new connection with innovative AI technology.

According to February 2023 reports, AI is continuing to gain traction in healthcare applications. Currently, the market is estimated at $14.6 billion (USD) with a compound annual growth rate (CAGR) of 47.6%, with solutions spread across various healthcare fields, such as patient data and risk analysis, precision medicine, cybersecurity, lifestyle management, and drug discovery.

The increasing convergence of AI technology and longevity science is sparking advancements in the sector, with established businesses, start-ups, and researchers utilizing the technology. Most recently, scientists explored how ChatGPT, an AI-based language model, was able to predict Alzheimer’s in 80% of cases when analyzing speech. However, it is not the only implementation.

Google releases security LLM at RSAC to rival Microsoft’s GPT-4-based copilot

Join top executives in San Francisco on July 11–12, to hear how leaders are integrating and optimizing AI investments for success. Learn More

Today in the Moscone Center, San Francisco, at RSA Conference 2023 (RSAC), Google Cloud announced Google Cloud Security AI Workbench, a security platform powered by Sec-PaLM, a large language model (LLM) designed specifically for cybersecurity use cases.

Sec-PaLM modifies the organization’s existing PaLM model and processes Google’s proprietary threat intelligence data alongside Mandiant’s frontline intelligence to help identify and contain malicious activity, and coordinate response actions.

Ransomware Hackers Using AuKill Tool to Disable EDR Software Using BYOVD Attack

Play ransomware is notable for not only utilizing intermittent encryption to speed up the process, but also for the fact that it’s not operated on a ransomware-as-a-service (RaaS) model. Evidence gathered so far points to Balloonfly carrying out the ransomware attacks as well as developing the malware themselves.

Grixba and VSS Copying Tool are the latest in a long list of proprietary tools such as Exmatter, Exbyte, and PowerShell-based scripts that are used by ransomware actors to establish more control over their operations, while also adding extra layers of complexity to persist in compromised environments and evade detection.

Another technique increasingly adopted by financially-motivated groups is the use of the Go programming language to develop cross-platform malware and resist analysis and reverse engineering efforts.

New All-in-One “EvilExtractor” Stealer for Windows Systems Surfaces on the Dark Web

A new “all-in-one” stealer malware named EvilExtractor (also spelled Evil Extractor) is being marketed for sale for other threat actors to steal data and files from Windows systems.

“It includes several modules that all work via an FTP service,” Fortinet FortiGuard Labs researcher Cara Lin said. “It also contains environment checking and Anti-VM functions. Its primary purpose seems to be to steal browser data and information from compromised endpoints and then upload it to the attacker’s FTP server.”

The network security company said it observed a surge in attacks spreading the malware in the wild in March 2023, with a majority of the victims located in Europe and the U.S. While marketed as an educational tool, EvilExtractor has been adopted by threat actors for use as an information stealer.

This Harvard Law Professor is an Expert on Digital Technology

Type: departments.

careers.

Harvard.

Cybersecurity.

internet.

law.

[article elid=2659855688 data-frozen-sections=[] class= clearfix page-article sm-mb-1 quality-HD post-2659855688 data-category= Careers]

Jonathan L. Zittrain wears many hats. An expert on the Internet, digital technology, law, and public policy, he regularly contributes to public discussions about what digital tech is doing to us and what we should do about it—most recently around the governance of AI and the incentives that shape major social media platforms.

He holds several roles, all at Harvard, reflecting his many converging interests. He is a professor of international law at Harvard Law School, a professor of public policy at its Kennedy School, and a professor of computer science at the university’s John A. Paulson School of Engineering and Applied Sciences. He’s also cofounder and faculty director of Harvard’s Berkman Klein Center for Internet & Society.

In his various capacities, he has been tackling many sticky cyberpolicy issues over the past 25 years.

Continue reading “This Harvard Law Professor is an Expert on Digital Technology” | >