Hackers are launching Malware and Phishing using Clone ChatGPT
The rapid growth of generative AI, particularly ChatGPT, is reshaping the threat landscape as hackers exploit it for malicious purposes. Hackers have developed their own versions of text-generating technologies like ChatGPT, enabling them to create sophisticated malware and phishing emails to steal login information. These malicious AI chatbots have been discovered on the dark web, with names like WormGPT, FraudGPT, XXXGPT, and WolfGPT.
These AI chatbots can craft convincing scam emails and generate undetectable malware, posing significant challenges for cybersecurity. This trend has caught the attention of law enforcement agencies like the FBI and Europol due to the potential for increased fraud, impersonation, and social engineering in cybercrime.
Source – Cyber Security News
Cyber Analysts – The MOVEit hack has resulted in over 600 breaches and shows no signs of reaching its end
A widespread breach involving a US software company has impacted over 600 organizations globally, affecting nearly 40 million individuals through the hack of Progress Software’s MOVEit Transfer file management program. The cybercriminal group “cl0p” behind the breach has shown increasing aggression in making the compromised data public. This breach highlights the interconnectedness of organizations’ digital defenses and the potential global impact of vulnerabilities in seemingly minor software. While the exact number of affected organizations remains uncertain, experts predict that the fallout from the breach will likely grow as data continues to be leaked by the hackers.
Source – Reuters
Health care services in multiple states face disruption due to a ransomware attack targeting Prospect Medical Holdings in US
A ransomware attack targeted California-based health care system Prospect Medical Holdings, forcing some locations to close and rely on paper records. The company, which operates hospitals and clinics across multiple states, announced the cyberattack and took systems offline to protect them. The extent of the impact on the facilities is not immediately clear, but disruptions include closed medical centers and diagnostic imaging services. The incident highlights the vulnerability of the health care sector to cyberattacks, which have increased as more services move online. The attack has once again underscored the importance of secure technology and third-party involvement in healthcare systems.
Source – The New York Times
Hacking vulnerabilities found in Virtual Reality Headsets
Researchers from the University of California, Riverside, have unveiled potential vulnerabilities in Augmented Reality (AR) and Virtual Reality (VR) systems, demonstrating how spyware could exploit headsets’ motion-tracking technology to record users’ movements and convert them into text using artificial intelligence, potentially capturing sensitive information like passwords or confidential discussions. The findings, presented at the Usenix Security Symposium, reveal risks in AR/VR keylogging and raise concerns about data privacy and security in emerging metaverse technologies, prompting responsible disclosure to companies for potential fixes.
Source – UC Riverside News
Outsourcing company Capita is set to incur costs of up to £25 million due to a cyber-attack.
Following a cyber-attack initiated by the Black Basta ransomware group in March, outsourcing firm Capita is bracing for a financial impact of up to £25 million, leading to a pre-tax loss of nearly £68 million for the first half of the year. The attack targeted its Microsoft Office 365 software, compromising the personal data of employees and clients. Capita confirmed that a small portion of its server estate, about 0.1%, was exfiltrated but has since been recovered, with impacted parties notified. The financial estimate now includes complexities of analyzing the exfiltrated data and investing in cybersecurity enhancements, although potential fines have not been estimated yet.
Source – The Guardian
Cybersecurity researchers identify 12 additional LOLBAS (Living Off The Land Binaries and Scripts) binaries leveraged by hackers for their malicious activities.
Hackers are increasingly utilizing LOLBAS (Living-Off-the-Land Binaries-And-Scripts) as a method to exploit legitimate tools for concealing their malicious activities, prompting cybersecurity researchers to actively uncover new techniques for detecting unknown malicious binaries. Pentera Labs recently discovered 12 new LOLBAS binaries in just four weeks, showcasing a 30% increase in known downloaders and executors. LOLBAS, an enduring type of cyber attack, capitalizes on legitimate system tools to execute malicious actions, posing challenges for detection due to its ability to evade security measures. Automated methods for analyzing these binaries have yielded insights that aid in proactive defense against evolving cyber threats.
Source – Cyber Security News