Tag Archive for: shows

ChatGPT Malware Shows It’s Time To Get ‘More Serious’ About Security

/in


Security News


Kyle Alspach


Security researchers this week posted findings showing that the tool can in fact be used to create highly evasive malware.

ARTICLE TITLE HERE

With security researchers showing that OpenAI’s ChatGPT can in fact be used to write malware code with relative ease, managed services providers should be paying close attention.

This week, researchers from security vendors including CyberArk and Deep Instinct posted technical explainers about using the ChatGPT writing automation tool to generate code for malware, including ransomware.

[Related: Google Cloud VP Trashes ChatGPT: Not Cool]

While concerns about the potential for ChatGPT to be used this way have circulated widely of late, CyberArk researchers Eran Shimony and Omer Tsarfati posted findings showing that the tool can in fact be used to create highly evasive malware, known as polymorphic malware.

Based on the findings, it’s clear that ChatGPT can “easily be used to create polymorphic malware,” the researchers wrote.

Deep Instinct threat intelligence researcher Bar Block, meanwhile, wrote that existing controls in ChatGPT do ensure that the tool won’t create malicious code for users that lack know-how about the execution of malware.

However, “it does have the potential to accelerate attacks for those who do [have such knowledge]”, Block wrote. “I believe ChatGPT will continue to develop measures to prevent [malware creation], but as shown, there will be ways to ask the questions to get the results you are looking for.”

The research so far is showing that concerns about the potential for malicious cyber actors to “weaponize” ChatGPT are not unfounded, according to Michael Oh, founder and president of Boston-based managed services provider Tech Superpowers.

“It just accelerates that cat-and-mouse game” between cyber attackers and defenders, Oh said.

As a result, any MSPs or MSSPs (managed security services…

Source…

India is dangerously unprepared for Chinese cyber-war. AIIMS ransomware attack shows why

/in


Eight hundred acres of living theatre had been lovingly produced to allow the emperor to traverse his kingdom and the world without leaving home: The Garden of Eternal Brightness contained the temples of Tibet and Mongolia, the garden of Hangzhou, and a street scene with actors playing shopkeepers, entertainers and even beggars. The Western gardens, designed by Jesuit missionaries, included faux-baroque palaces and monuments modelled on the greatest European architecture.

Then, in 1860, French and British armies marched into Beijing, pillaging the Garden of Eternal Brightness and stealing royal treasures, including a Pekinese dog they nicknamed “Looty.” Around 10 years ago, in 2013, when Chinese President Xi Jinping came to power, he took top colleagues on a museum tour recording those events—and claimed the Communist Party alone could guard China’s independence.

Late in the summer of 2018, Ding Xiaoyang stood in the headquarters of the Ministry of State Security—located on the western end of the ruins of the Garden of Eternal Brightness—to receive a medal honouring the intelligence officer’s contributions. Through a front company called Hainan Technology, United States prosecutors have alleged, Ding identified and recruited “talented computer hackers to penetrate foreign entities and steal trade secrets, proprietary research and data.”

The Ministry of State Security—China’s principal intelligence service—targeted cutting-edge research on biotechnology, robotics and applied physics at universities and even industrial conglomerates. The campaign was part of a secret war authorised by Xi to secure the “great national revival” he promised.

Also read: Narco test for Aftab Poonawalla won’t help. It’s bad-faith science masking lazy police work

The world of Wicked Rose

For more than two weeks now, the All India Institute of Medical Sciences (AIIMS) has been struggling to restore data lost in a ransomware attack. The data was said to have been obliterated by malware developed inside Chinese intelligence-controlled hacking networks. Experts are uncertain about the identity and motives of the attackers—which could range from ransom…

Source…

Apple Leak Shows Corellium’s Questionable Dealings

/in


A picture of a hand holding up a grey iPhone with the camera side facing the viewer, against a blurred background.
Apple tries to uphold its copyright claim, but loses hands down to Corellium.
Image credit: Unsplash 

A 507-page leaked document from an Apple lawsuit against Corellium alleges the cybersecurity firm of copyright infringement and intentionally compromising user data with an iOS tool. The document claims the firm sold the software to spyware and malware distributors, including the NSO Group—creators of the infamous Pegasus spyware—DarkMatter, Paragon, and Pwnzen Infotech.   

Failing to prove the copyright infringement claims against Corellium, which were based on the Digital Millenium Copyright Act, Apple settled out of court in 2020. However, the settlement terms remain confidential. 

Corellium is a cybersecurity firm specializing in creating iOS and Android virtualized systems. These systems help researchers conduct security testing on devices, like iPhones, without actually buying them. 

But, in 2019, when it created and sold duplicate iOS systems, Apple sued the firm for copyright infringement. Confident in the security of its operating system, Apple had offered a $1 million bug bounty to anyone who could find gaps in it. 

According to the leaked document, Correlium’s virtualization technology went beyond security testing, and violated users’ privacy. An excerpt from the document alleges:

“Although Corellium paints itself as providing a research tool for those trying to discover security vulnerabilities and other flaws in Apple’s software, Corellium’s true goal is profiting off its blatant infringement…Far from assisting in fixing vulnerabilities, Corellium encourages its users to sell any discovered information on the open market to the highest bidder.”
Apple states Correlium virtualization technology goes beyond its scope and harms users instead of merely trying to discover bugs.

Direct Emails to Banned Surveillance Firms

Basing its lawsuit on copyright infringement claims, Apple asserted Corellium had no license to duplicate the iOS infrastructure and to virtualize it for its customers. It requested the court to stop Corellium from selling and marketing Apple’s software. However, copyright infringement isn’t the only claim…

Source…

Suffolk County, N.Y., Hack Shows Ransomware Threat to Municipalities

/in


Lisa Black,

chief deputy county executive for Suffolk County, N.Y., received a call in early September that government leaders and company executives dread: A suspected attack of tech systems was under way. 

Immediately after the midday call on Sept. 8, county workers began to isolate financial databases and disconnect the network from the internet to prevent the spread of what would later be discovered as ransomware. That evening, Ms. Black gathered department heads and commissioners to announce a new challenge.

“I need you to pivot to, basically, 1990,” she told the assembled staff. 

Offices that had become comfortable with working digitally during the Covid-19 pandemic had to revert to pen and paper. Email wouldn’t be available. Court proceedings, waste collection and other vital infrastructure services needed to be delivered to the county’s 1.5 million people—the state’s largest county by population outside of New York City’s five boroughs—but without internet access. 

The hack in Suffolk County is no isolated incident. 

More than 3,400 state, local, tribal and territorial governments in the U.S. suffered ransomware attacks between 2017 and 2021, according to data from the Multi-State Information Sharing and Analysis Center, a threat intelligence group for municipalities. This year, high-profile attacks against local authorities included a strike on the Los Angeles Unified School District shortly before the start of the academic year; an attack on Bernalillo County, N.M., in January that forced office closures; and a similar incident in Fremont County, Colo., in August.

Municipal hacks are expensive, often forcing technology upgrades that had…

Source…