Tag Archive for: Thousands

DEF CON to set thousands of hackers loose on AI

/in


No sooner did ChatGPT get unleashed than hackers started “jailbreaking” the artificial intelligence chatbot — trying to override its safeguards so it could blurt out something unhinged or obscene.

But now its maker, OpenAI, and other major AI providers such as Google and Microsoft, are coordinating with the Biden administration to let thousands of hackers take a shot at testing the limits of their technology.



Hacking AI

Rumman Chowdhury, co-founder of Humane Intelligence, a nonprofit developing accountable AI systems, works at her computer May 8, 2023, in Katy, Texas. Chowdhury is the lead coordinator of the mass hacking event planned for this summer’s DEF CON hacker convention in Las Vegas.




Some of the things they’ll be looking to find: How can chatbots be manipulated to cause harm? Will they share the private information we confide in them to other users? And why do they assume a doctor is a man and a nurse is a woman?

“This is why we need thousands of people,” said Rumman Chowdhury, a coordinator of the mass hacking event planned for this summer’s DEF CON hacker convention in Las Vegas that’s expected to draw several thousand people. “We need a lot of people with a wide range of lived experiences, subject matter expertise and backgrounds hacking at these models and trying to find problems that can then go be fixed.”

People are also reading…

Source…

‘Nevada Group’ hackers target thousands of computer networks

/in


A mysterious and unidentified group of hackers have sought to paralyse the computer networks of almost 5,000 victims across the US and Europe, in one of the most widespread ransomware attacks on record.

The hacking unit, initially nicknamed the Nevada Group by security researchers, began a series of attacks that started around three weeks ago by exploiting an easily fixed vulnerability in a piece of code that is ubiquitous in cloud servers.

The Financial Times contacted several victims identified from the publicly available information. Most declined to comment, saying they had been asked by law enforcement to do so. They include universities in the US and Hungary, shipping and construction firms in Italy and manufacturers in Germany.

Authorities have yet to identify the perpetrators, guessing only from their recruiting announcements on the web that it is a mix of Russian and Chinese hackers.

The hackers have demanded a surprisingly small ransom to release their hold over computer networks — as little as two bitcoins (around $50,000) in some cases, according to copies of their ransomware notes that were briefly visible. By contrast, a rival gang demanded $80mn from the UK’s Royal Mail in another recent and high-profile attack.

This ease with which this new group has fanned across vast swaths of the west’s internet infrastructure underlines the nature of much of the ransomware threatening businesses around the world. Most of the attacks are relatively simple, yield small sums and often go unnoticed.

In a scene that features rival, and often feuding, ransomware gangs, this unknown newcomer is “a solid new threat in our landscape in the near future”, said Shmuel Gihon, at Israeli cyber security firm CyberInt.

He warned that the simplicity and breadth of the attack could spawn copycats. “The scale of this campaign is one of the biggest we have seen, (and since it is ongoing), the real problem is that veteran groups see the potential damage they can do.”

The ransomware campaign is now referred to as the ESXiArgs, after the loophole it exploits — though there is some confusion as to whether it and the Nevada Group are the same or copying off each other.

In February…

Source…

Hackers Hit Thousands of Computers

/in


Thousands of computer servers around the world have been targeted by a ransomware hacking attack targeting VMware ESXi servers, Italy’s National Security Agency  (ACN) said, warning organisations to take action to protect their vulnerable systems.

This attack targets unpatched VMare servers and organisations in several countries including Canada, France, US, Finland as well as Italy. ACN director general Roberto Baldoni said that the hacking attack sought to exploit a software vulnerability, adding it was on a massive scale.

VMare has said that it first issued patches in 2021 when it became aware of the threat and is urging customers to use the patches. “Security hygiene is a key component of preventing ransom attacks, and customers who are running versions of ESXi impacted by CVE-2021-21974, and have not yet applied the two-year-old patch, should take action as directed in the advisory,” a representative from VMware said.

Any organisations that were targeted could become locked out of their systems because of the ransomware. Since the first alert this week the ACN been joined by the US national cybersecurity agency, CISA, which has moved swiftly to release a recovery script for organizations that have fallen victim.

CISA:    Reuters:     Bloomberg:      Yahoo.   ITNews:     Livemint:  

You Might Also Read:

Missing Patches Place Security At Risk:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Linux Malware Rates Reach Record Highs
Human Error Is A Hacker’s Dream »

Source…

Among the thousands of ESXiArgs ransomware victims? FBI and CISA to the rescue • The Register

/in


The US Cybersecurity and Infrastructure Security Agency (CISA) has released a recovery script to help companies whose servers were scrambled in the recent ESXiArgs ransomware outbreak.

The malware attack hit thousands of servers over the globe but there’s no need to enrich criminals any more. In addition to the script, CISA and the FBI today published ESXiArgs ransomware virtual machine recovery guidance on how to recover systems as soon as possible.

The software nasty is estimated to be on more than 3,800 servers globally, according to the Feds. However, “the victim count is likely higher due to Internet search engines being a point-in-time scan and devices being taken offline for remediation before a second scan,” Arctic Wolf Labs’ security researchers noted.

Uncle Sam urged all organizations managing VMware ESXi servers to update to the latest version of the software, harden ESXi hypervisors by disabling the Service Location Protocol (SLP) service, and make sure that ESXi isn’t exposed to the public internet.

VMware has its own guidance here for administrators.

Also: the government agencies really don’t encourage paying the ransom, except when they do.

Bad news, good news

Last Friday, France and Italy’s cybersecurity agencies sounded the alarm on the ransomware campaign that exploits CVE-2021-21974 – a 9.1/10 rated bug disclosed and patched two years ago.  

The bad news: the ransomware infects ESXi, VMware’s bare metal hypervisor, which is a potential goldmine for attackers. Once they’ve compromised ESXi, they could move onto guest machines that run critical apps and data.

The good news is that it’s not a very sophisticated piece of malware. Sometimes the encryption and data exfiltration doesn’t work, and shortly after government agencies sounded the alarm, security researchers released their own decryption tool. Now CISA’s added its recovery tool to the pool of fixes.

Organizations can access the recovery script on GitHub.

The US agency compiled the tool using publicly available resources, including the decryptor and tutorial by Enes Sonmez and Ahmet Aykac. “This tool works by reconstructing virtual machine metadata from virtual disks that were not…

Source…