Large language models (LLMs) are being used in cloud applications to simplify and automate tasks. However, there are significant security risks with cloud-native application development, including an increase in breaches. LLMs have limitations such as generating illogical output and being biased. There are also concerns about filter bypass, data privacy, and malicious uses of LLMs. On the positive side, LLMs can automate threat detection, analyze communication patterns, and improve incident response communications in cloud security. AI has a profound impact on cybersecurity, and organizations must prioritize security and privacy when using LLMs. #LLMs #CloudSecurity #DataPrivacy #ThreatDetection #AI #Cybersecurity
Critical TorchServe Flaws Could Expose AI Infrastructure of Major Companies. ShellTorch attack allows threat actors to take control of AI servers. TorchServe, an open-source package in PyTorch, is affected by three vulnerabilities. Tens of thousands of instances, including those belonging to Fortune 500 companies, are vulnerable. Attackers can compromise AI infrastructure, steal sensitive data, and alter AI models. AWS has released patches, and Meta has addressed default misconfiguration. #AI #SecurityFlaws #TorchServe #Cybersecurity
Automotive Pwn2Own, hosted by the Zero Day Initiative (ZDI), will take place at the Automotive World Conference in Tokyo, January 24-26, 2024. The competition aims to understand the attack surface of modern vehicles and connect the security research community with the automotive industry. The costs are mainly funded by Trend Micro, with Tesla as a co-sponsor. The event provides a platform for researchers to find and report bugs in automotive systems before they are exploited. Hashtags: #AutomotivePwn2Own #SecurityResearch #ConnectedCars
https://www.securityweek.com/zdi-discusses-first-automotive-pwn2own/
Summary: Synqly, a Silicon Valley startup aiming to improve the integration of security and infrastructure products, has secured $4 million in seed funding from SYN Ventures, Okta Ventures, and Secure Octane. The company plans to develop an integration platform that allows multiple security and infrastructure products to work seamlessly together through a single API. This platform will help organizations save time and resources by simplifying complicated integrations. Synqly's founders and investors believe that there is a growing demand for this type of service as security teams manage an increasing number of security products.
Hashtags: #Synqly #SecurityInfrastructure #ProductIntegrations #Startup #SeedFunding
https://www.securityweek.com/synqly-joins-race-to-fix-security-infrastructure-product-integrations/
EU experts warn that the Cyber Resilience Act could be exploited for surveillance purposes. The Act requires software publishers to disclose vulnerabilities to government agencies within 24 hours, potentially giving access to unpatched software for surveillance. The experts propose revisions to limit intelligence or surveillance uses of disclosed vulnerabilities. #EU #CyberResilienceAct #surveillance #security #vulnerabilities
https://www.infosecurity-magazine.com/news/eu-cyber-resilience-act/
Researchers have discovered malicious npm packages targeting sensitive data. These packages use deceptive install scripts to steal system and user information. Caution is advised when installing packages to avoid becoming a victim. #npm #maliciouspackages #datasecurity
https://www.infosecurity-magazine.com/news/deceoptive-npm-packages-found/
1. The NSA has established the AI Security Center to oversee the development and integration of AI capabilities in national security systems. #NSA #AIsecurity
2. The center will collaborate with US industry, national labs, academia, intelligence community, and the Department of Defense to ensure secure adoption of AI. #collaboration #secureadoption
3. US officials recognize the pivotal role of AI in national security and defense, updating directives and promoting responsible military use of AI. #nationalsecurity #responsibluseofAI
4. The NSA Director emphasizes the need to protect AI systems from vulnerabilities and foreign intelligence threats. #protectAI #vulnerabilityprotection
5. Incorporating AI capabilities into military and intelligence operations requires careful planning, coordination, and adherence to ethical and legal standards. #AIcapabilities #ethicalstandards
https://www.infosecurity-magazine.com/news/nsa-ai-security-center/
A 22-year-old French citizen pleads guilty to conspiracy to commit wire fraud and aggravated identity theft in the US District Court in Seattle. The cybercriminal operation involved phishing emails and resulted in a loss of over $6 million for victim companies. The cybercriminals hacked corporate systems and targeted companies internationally. The stolen data was posted for sale on dark web forums. Ransom threats were used to extort money from victims. The cybercriminals created fake login pages and sent phishing emails to access sensitive data. The operation compromised hundreds of millions of customer records. The cybercriminal faces a maximum prison sentence of 27 years. The investigation involved collaboration between US, Moroccan, and French authorities. #CyberSecurityNews #Cybercriminal #HackingCorporateData #PleadsGuilty
https://cybersecuritynews.com/french-cybercriminal-pleads-guilty/
Hacking Gas Pumps via Bluetooth. Insecure connections allow the pump to be controlled without payment. Monetizing the crime requires selling access to the pump. #Bluetooth #cars #hacking #infrastructure
https://www.schneier.com/blog/archives/2023/10/hacking-gas-pumps-via-bluetooth.html
Summary:
1. Many organizations have exposed Zoom links that can be used by anyone to initiate a video conference meeting.
2. The use of Zoom Personal Meeting IDs (PMIs) with embedded passcodes can put organizations at risk of phishing and social engineering attacks.
3. Attackers can create meetings and invite others using exposed Zoom links and impersonate companies, potentially gaining unauthorized access to confidential information.
4. A researcher identified thousands of organizations with these exposed Zoom links.
5. Tips for using Zoom links more safely include not using Personal Meeting IDs for public meetings, requiring a passcode to join, and only allowing registered or domain-verified users.
Hashtags: #Zoom #Cybersecurity #Phishing #SocialEngineering #ConfidentialInformation
https://krebsonsecurity.com/2023/10/dont-let-zombie-zoom-links-drag-you-down/
Summary: Companies have addressed the impact of the exploited Libwebp vulnerability (CVE-2023-4863) on their products. The vulnerability, which allows for arbitrary code execution through specially crafted images, has been patched by Apple, Google, and Mozilla. The Libwebp library is widely used and present in major web browsers, Linux distributions, and applications such as Telegram and 1Password. Various companies, including Palo Alto Networks and 1Password, have released advisories addressing the vulnerability. Microsoft has also published an advisory stating that the vulnerability impacts its Edge browser and other software.
Hashtags: #Libwebp #vulnerability #cybersecurity #exploitedCVE #arbitrarycodeexecution #patches #Apple #Google #Mozilla #webbrowsers #Linux #applications
https://www.securityweek.com/companies-address-impact-of-exploited-libwebp-vulnerability/
Cybersecurity M&A Roundup: 28 Deals Announced in September 2023. Hashtags: #Cybersecurity #M&A #Deals #September2023
https://www.securityweek.com/cybersecurity-ma-roundup-28-deals-announced-in-september-2023/
Android's October 2023 Security Updates patch two exploited vulnerabilities. The first vulnerability is a heap buffer overflow in the Libwebp library that allows remote code execution. The second vulnerability is a bug in the Arm Mali GPU driver that allows improper GPU memory processing. The vulnerabilities are likely linked to spyware vendors. #Android #SecurityUpdates #Vulnerabilities #Libwebp #ArmMaliGPU
Please note that I have created 5 hashtags. If you need a different number, please let me know.
https://www.securityweek.com/androids-october-2023-update-patches-two-exploited-vulnerabilities/
Summary:
1. A survey by the UK's privacy regulator, the Information Commissioner's Office (ICO), found that nearly one in five adults believe they have been monitored by their employers, with emails, calls, and webcam footage being spied on.
2. Of those surveyed, 40% claimed to have had their timekeeping and access monitored, 25% said the same about their calls, emails, and messages, and 15% believe they've had audio and video footage recorded.
3. Only 19% of respondents would feel comfortable accepting a new job if they knew their new employer would be monitoring them, and 70% found workplace monitoring intrusive.
4. The ICO warns that although workplace monitoring is allowed under data protection law, it must be necessary, proportionate, and respect the rights and freedoms of workers.
Hashtags:
#WorkplaceMonitoring #EmployeePrivacy #DataProtection #ICO #Employers
https://www.infosecurity-magazine.com/news/fifth-brits-suspect-monitoring-by/
CyberEPQ Course triples student intake for the coming year. Hashtags: #CyberEPQ #education #cybersecurity #students
https://www.infosecurity-magazine.com/news/cyberepq-course-triples-student/
NSA establishes AI Security Center to address national security challenges and promote secure development and adoption of AI. #ArtificialIntelligence #Cybersecurity #NationalSecurityPolicy #NSA
https://www.schneier.com/blog/archives/2023/10/nsa-ai-security-center.html
The number of internet-exposed industrial control systems (ICS) has dropped below 100,000, a significant decrease from 140,000 in 2019. Hashtags: #ICS #Cybersecurity #InternetExposedICS
The decrease in exposed ICS suggests that organizations are properly configuring and securing their systems. Hashtags: #CyberSecurity #SecureSystems #ICS
The top 10 impacted countries with exposed ICS are the United States, Canada, Italy, the UK, France, the Netherlands, Germany, Spain, Poland, and Sweden. Hashtags: #ExposedICS #Top10Countries #Cybersecurity
The most impacted sectors with exposed ICS are education, technology, government, business services, manufacturing, utilities, real estate, energy, tourism, and finance. Hashtags: #ImpactedSectors #ExposedICS #Cybersecurity
https://www.securityweek.com/number-of-internet-exposed-ics-drops-below-100000-report/
European Telecommunications Standards Institute (ETSI) discloses data breach; hackers steal a database containing the list of ETSI's online users. Hashtags: #DataBreaches #Cybersecurity
https://www.securityweek.com/european-telecommunications-standards-institute-discloses-data-breach/
Summary:
- A critical pre-authentication flaw in Progress Software's WS_FTP server has been exploited just days after patches were released.
- Cybersecurity vendor Rapid7 has detected instances of live exploitation of the vulnerability in various customer environments.
- The vulnerability, CVE-2023-40044, is easy to exploit and affects all WS_FTP Server versions prior to 8.7.4 and 8.8.2.
- The flaw affects the entire Ad Hoc Transfer component of WS_FTP and can be triggered over the internet.
- The issue was discovered by Assetnote, which found nearly 3,000 hosts running WS_FTP with an exposed web server.
- Progress Software's security response team is responding to a wave of ransomware attacks that exploited zero-day flaws in its MOVEit software.
Hashtags: #WSFTP #vulnerability #exploitation #cybersecurity #progresssoftware #ransomware
AI-Generated Phishing Emails Almost Impossible to Detect, Report Finds. AI detectors cannot distinguish between chatbot and human-written phishing emails in 71.4% of cases. AI detectors rely on large language models, but many phishing emails do not meet the minimum character requirements. Human-generated phishing campaigns are becoming harder to detect, with a rise in obfuscation techniques. The most popular technique is HTML smuggling. Phishing emails are bypassing security defenses at an increasing rate. Email security defenders need to change their anti-phishing approach. The most popular phishing campaign topics in 2023 include RingCentral impersonation and security software impersonation. #phishing #AI #cybersecurity
https://www.infosecurity-magazine.com/news/ai-phishing-emails-almost/