Researchers have demonstrated a worm that spreads through prompt injection. Details : In one instance, the researchers, acting as attackers, wrote an email including the adversarial text prompt, which “poisons” the database of an email assistant using retrieval-augmented generation (RAG), a way for LLMs to pull in extra data from …
Enlarge (credit: Getty Images) Code uploaded to AI developer platform Hugging Face covertly installed backdoors and other types of malware on end-user machines, researchers from security firm JFrog said Thursday in a report that’s a likely harbinger of what’s to come. In all, JFrog researchers said, they …
Gang sets up new site on dark web and releases rambling statement explaining how it was infiltrated by law enforcement agencies The LockBit ransomware gang is attempting a comeback days after its operations were severely disrupted by a coordinated international crackdown. The Russia-based group has set up a new …
Four arrested and LockBit victims will get help to recover data after joint operation in UK, US and Europe The entire “command and control” apparatus for the ransomware group LockBit is now in possession of law enforcement, the UK’s National Crime Agency has revealed, after it emerged that …
LockBit’s website under control of security agencies from both sides of Atlantic, according to post LockBit, a notorious cybercrime gang that holds its victims’ data to ransom, has been disrupted in a rare international law enforcement operation by Britain’s National Crime Agency, the FBI, Europol and a …
Federal police warn they will track down alleged criminals using Warzone trojan software Follow our Australia news live blog for latest updates Get our morning and afternoon news emails, free app or daily news podcast A man has been arrested as part of an international operation to shut down …
Findings suggest Jordan is relying on cyberweapon to quash dissent and its use is ‘staggeringly widespread’ About three dozen journalists, lawyers and human rights workers in Jordan have been targeted by authorities using powerful spyware made by Israel’s NSO Group amid a broad crackdown on press freedoms and …
Enlarge / A Wi-Fi router. (credit: Getty Images | deepblue4you ) The US Justice Department said Wednesday that the FBI surreptitiously sent commands to hundreds of infected small office and home office routers to remove malware China state-sponsored hackers were using to wage attacks on critical infrastructure. The routers—mainly Cisco and …
Enlarge (credit: Getty Images) Ars Technica was recently used to serve second-stage malware in a campaign that used a never-before-seen attack chain to cleverly cover its tracks, researchers from security firm Mandiant reported Tuesday. A benign image of a pizza was uploaded to a third-party website and was then …
This is an old piece of malware—the Chameleon Android banking Trojan—that now disables biometric authentication in order to steal the PIN : The second notable new feature is the ability to interrupt biometric operations on the device, like fingerprint and face unlock, by using the Accessibility service to …
Enlarge (credit: Tero Vesalainen ) Researchers on Wednesday presented intriguing new findings surrounding an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky. Chief among the discoveries: the unknown attackers were able to achieve an unprecedented …
Enlarge / A woman scans a QR code in a café to see the menu online. The US Federal Trade Commission has become the latest organization to warn against the growing use of QR codes in scams that attempt to take control of smartphones, make fraudulent charges, or obtain personal …
Enlarge Stealthy and multifunctional Linux malware that has been infecting telecommunications companies went largely unnoticed for two years until being documented for the first time by researchers on Thursday. Researchers from security firm Group-IB have named the remote access trojan “Krasue,” after a nocturnal spirit depicted in Southeast Asian …
Enlarge (credit: Getty Images) Hundreds of Windows and Linux computer models from virtually all hardware makers are vulnerable to a new attack that executes malicious firmware early in the boot-up sequence, a feat that allows infections that are nearly impossible to detect or remove using current defense mechanisms. The …
A new worm that spreads via USB sticks is infecting computers in Ukraine and beyond. The group—known by many names, including Gamaredon, Primitive Bear, ACTINIUM, Armageddon, and Shuckworm—has been active since at least 2014 and has been attributed to Russia’s Federal Security Service by the Security …
Enlarge (credit: Getty Images) Highly invasive malware targeting software developers is once again circulating in Trojanized code libraries, with the latest ones downloaded thousands of times in the last eight months, researchers said Wednesday. Since January, eight separate developer tools have contained hidden payloads with various nefarious capabilities, security …
Gene Spafford wrote an essay reflecting on the Morris Worm of 1988—35 years ago. His lessons from then are still applicable today. [...]
Enlarge (credit: Miragec/Getty Images) Google has been caught hosting a malicious ad so convincing that there’s a decent chance it has managed to trick some of the more security-savvy users who encountered it. Screenshot of the malicious ad hosted on Google. (credit: Malwarebytes) Looking at the ad …
Online voting is insecure, period. This doesn’t stop organizations and governments from using it. (And for low-stakes elections, it’s probably fine.) Switzerland—not low stakes—uses online voting for national elections. Andrew Appel explains why it’s a bad idea: Last year, I published a 5-part series …
Malicious ads are creeping into chatbots. [...]
Enlarge Researchers have discovered a never-before-seen backdoor for Linux that’s being used by a threat actor linked to the Chinese government. The new backdoor originates from a Windows backdoor named Trochilus, which was first seen in 2015 by researchers from Arbor Networks, now known as Netscout. They said …
Enlarge / Gamblers and hotel guests at MGM casinos on the Las Vegas Strip, including the Bellagio, were affected by the security breach. (credit: Ethan Miller/Getty Images) A cyber criminal gang proficient in impersonation and malware has been identified as the likely culprit for an attack that paralized networks …
Enlarge / A digital Trojan horse. (credit: Getty Images | posteriori) A download site surreptitiously served Linux users malware that stole passwords and other sensitive information for more than three years until it finally went quiet, researchers said on Tuesday. The site, freedownloadmanager[.]org, offered a benign version of a Linux …
Citizen Lab discovers alleged attack using ‘zero-click exploit’ on individual employed by DC organization An individual employed by a Washington DC-based organization with international offices was targeted with powerful hacking software made by NSO Group, researchers have claimed, raising new concerns about the proliferation of spyware that can infect …
Enlarge / Ukrainian soldiers. (credit: Getty Images) Russia’s military intelligence unit has been targeting Ukrainian Android devices with “Infamous Chisel,” the tracking name for new malware that’s designed to backdoor devices and steal critical information, Western intelligence agencies said on Thursday. “Infamous Chisel is a collection of components …