BuzzSec

There’s a new report on how criminals are using generative AI tools: Key Takeaways: Adoption rates of AI technologies among criminals lag behind the rates of their industry counterparts because of the evolving nature of cybercrime. Compared to last year, criminals seem to have abandoned any attempt at training real criminal large language models (LLMs). Instead, they are jailbreaking existing ones. We are finally seeing the emergence of actual criminal deepfake services, with some bypassing user verification used in financial services. from Schneier on Security https://www.schneier.com/blog/archives/2024/05/how-criminals-are-using-generative-ai.html

Polish government institutions have been targeted as part of a large-scale malware campaign orchestrated by a Russia-linked nation-state actor called APT28. "The campaign sent emails with content intended to arouse the recipient's interest and persuade him to click on the link," the computer emergency response team, CERT Polska, said in a Wednesday bulletin. Clicking on the link from The Hacker News https://thehackernews.com/2024/05/kremlin-backed-apt28-targets-polish.html

This is part one of a multipart blog series on researching a new generation of hardware implants and how using solutions from the world of IoT can unleash new capabilities. […] The post Offensive IoT for Red Team Implants – Part 1 appeared first on Black Hills Information Security . from Black Hills Information Security https://www.blackhillsinfosec.com/offensive-iot-for-red-team-implants-part-1/

Ransomware has evolved from opportunistic attacks to highly orchestrated campaigns driven by cyber criminals who are seeking high financial gains. Ransomware-as-a-Service has increased due to its lowered barrier to entry, allowing even those with limited technical expertise to launch devastating attacks with relative ease. Big game hunting has made a comeback, targeting high-value organizations – such as large enterprises – to maximize ransom payouts. The introduction of triple extortion represents a chilling escalation in tactics and demands. Attackers will encrypt files and demand payment for their decryption not just once, twice, but sometimes three times. Malicious actors execute additional attacks to coerce victims into giving more money or forcing them to comply with the attacker. Security teams understandably have a lot that keeps them up at night, but that’s where a trusted partner can help! We’re excited to announce the expansion of our leading managed detection and respon

Two recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet. That's according to findings from Juniper Threat Labs, which said the vulnerabilities CVE-2023-46805 and CVE-2024-21887 have been leveraged to deliver the botnet payload. While CVE-2023-46805 is an authentication bypass flaw, from The Hacker News https://thehackernews.com/2024/05/mirai-botnet-exploits-ivanti-connect.html

Two security vulnerabilities have been discovered in F5 Next Central Manager that could be exploited by a threat actor to seize control of the devices and create hidden rogue administrator accounts for persistence. The remotely exploitable flaws "can give attackers full administrative control of the device, and subsequently allow attackers to create accounts on any F5 assets managed by the Next from The Hacker News https://thehackernews.com/2024/05/critical-f5-central-manager.html