What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-03-27 13:39:07 | Chatgpt est-il une solution miracle pour les cybercriminels? [Is ChatGPT A Silver Bullet For Cybercriminals?] (lien direct) | Pas de details / No more details | ChatGPT ChatGPT | ★★★ | |
 |
2023-03-27 13:18:14 | OpenAI: Fuite de données de paiement ChatGpt causée par un bogue open-source [OpenAI: ChatGPT Payment Data Leak Caused By Open-Source Bug] (lien direct) | Un problème dans le logiciel open source du modèle de langue largement utilisé, le paiement de Chatgpt de l'Openai, a conduit à une fuite de données importante.Selon la confirmation d'Openai, le bogue a entraîné un paiement de chatppt exposant par inadvertance ses utilisateurs payants & # 8217;Détails de paiement avec des utilisateurs aléatoires & # 8217;histoires de conversation.Le 20 mars, lorsque les utilisateurs ont tenté de s'abonner au [& # 8230;] payé [& # 8230;]
A glitch in the open-source software of the widely-used language model, OpenAI’s ChatGPT payment, has led to a significant data leak. As per OpenAI’s confirmation, the bug resulted in ChatGPT payment inadvertently exposing its paid users’ payment details along with random users’ conversation histories. On March 20th, when users attempted to subscribe to the paid […] |
ChatGPT ChatGPT | ★★★ | |
 |
2023-03-27 11:50:35 | ChatGPT a divulgué des données sensibles sur ses utilisateurs (lien direct) |  ChatGPT a révélé des données sensibles, comme le nom, l'adresse et les quatre derniers chiffres du numéro de carte de crédit, d'une partie de ses utilisateurs. OpenAI a confirmé l'existence d'une défaillance tout en minimisant les conséquences de l'anomalie… |
ChatGPT ChatGPT | ★★★ | |
 |
2023-03-27 07:25:54 | Sophos montre comment faire du chatppt un copilote de cybersécurité [Sophos Demonstrates How to Make ChatGPT a Cybersecurity Co-Pilot] (lien direct) | Sophos montre comment faire du chatppt un co-pilot de cybersécurité
Le modèle d'IA peut filtrer plus facilement l'activité malveillante dans la télémétrie XDR, améliorer les filtres de spam et simplifier l'analyse de la vie des binaires terrestres
-
rapports spéciaux
Sophos Demonstrates How to Make ChatGPT a Cybersecurity Co-Pilot The AI Model Can More Easily Filter Malicious Activity in XDR Telemetry, Improve Spam Filters, and Simplify the Analysis of Living Off the Land Binaries - Special Reports |
Spam | ChatGPT ChatGPT | ★★ |
 |
2023-03-26 20:51:39 | Première fuite de données personnelles pour ChatGPT (lien direct) | La panne majeure vécue par ChatGPT le 20 mars cachait également une fuite de données personnelles d'utilisateurs pour OpenAI.... | ChatGPT ChatGPT | ★★ | |
 |
2023-03-26 19:15:06 | CVE-2023-28858 (lien direct) | Redis-Py avant 4.5.3, tel qu'utilisé dans Chatgpt et d'autres produits, laisse une connexion ouverte après l'annulation d'une commande redis asynchrone à un moment inopportun (dans le cas d'une opération de pipeline) et peut envoyer des données de réponse au client d'unDemande non liée de manière off by one.Les versions fixes pour cet enregistrement CVE sont 4.3.6, 4.4.3 et 4.5.3;Cependant, CVE-2023-28859 est une vulnérabilité distincte.
redis-py before 4.5.3, as used in ChatGPT and other products, leaves a connection open after canceling an async Redis command at an inopportune time (in the case of a pipeline operation), and can send response data to the client of an unrelated request in an off-by-one manner. The fixed versions for this CVE Record are 4.3.6, 4.4.3, and 4.5.3; however, CVE-2023-28859 is a separate vulnerability. |
ChatGPT ChatGPT | ||
 |
2023-03-25 11:21:00 | Openai révèle Redis Bug derrière l'incident d'exposition aux données des utilisateurs de ChatGpt [OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident] (lien direct) | Vendredi, Openai a révélé qu'un bogue de la bibliothèque open source Redis était responsable de l'exposition des autres titres d'informations personnelles et de chat personnels dans le service Chatgpt de Upstart \\ plus tôt cette semaine.
Le Glitch, qui a été révélé le 20 mars 2023, a permis à certains utilisateurs d'afficher de brèves descriptions des autres utilisateurs \\ 'Conversations à partir de la barre latérale de l'historique de chat, incitant l'entreprise à
OpenAI on Friday disclosed that a bug in the Redis open source library was responsible for the exposure of other users\' personal information and chat titles in the upstart\'s ChatGPT service earlier this week. The glitch, which came to light on March 20, 2023, enabled certain users to view brief descriptions of other users\' conversations from the chat history sidebar, prompting the company to |
ChatGPT ChatGPT | ★★★ | |
 |
2023-03-24 18:54:00 | Les extensions de chatppt malveillantes ajoutent aux malheurs Google Chrome [Malicious ChatGPT Extensions Add to Google Chrome Woes] (lien direct) | La deuxième extension malveillante Chatgpt pour Chrome a été découverte, donnant aux acteurs malveillants accès aux comptes Facebook des utilisateurs via des cookies volés.
The second malicious ChatGPT extension for Chrome has been discovered, giving malicious actors access to users\' Facebook accounts through stolen cookies. |
ChatGPT ChatGPT | ★★★ | |
 |
2023-03-24 14:39:50 | OpenAI: Fuise de données de paiement ChatGpt causée par un bogue open-source [OpenAI: ChatGPT payment data leak caused by open-source bug] (lien direct) | Openai indique qu'un bug de la bibliothèque open-source du client redis était à l'origine de la panne de chat et de la fuite de données de lundi \\, où les utilisateurs ont vu d'autres utilisateurs \\ 'Informations et requêtes de chat.[...]
OpenAI says a Redis client open-source library bug was behind Monday\'s ChatGPT outage and data leak, where users saw other users\' personal information and chat queries. [...] |
ChatGPT ChatGPT | ★★★ | |
 |
2023-03-24 08:17:09 | OpenAI amorce le décloisonnement de ChatGPT (lien direct) | OpenAI ouvre la voie à l'intégration de plug-in dans ChatGPT. Avec des perspectives fonctionnelles autant qu'économiques. | General Information | ChatGPT ChatGPT | ★★ |
|
2023-03-23 21:59:00 | Fake Chatgpt Chrome Browser Extension Pattuing Tijacking Facebook Comptes [Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts] (lien direct) | Google est intervenu pour supprimer une extension de navigateur de chrome de faux de la boutique en ligne officielle qui s'est masquée en tant que service Chatgpt d'Openai \\ pour récolter les cookies de la session Facebook et détourner les comptes.
L'extension "ChatGpt for Google", une version trojanisée d'un module complémentaire légitime de navigateur open source, a attiré plus de 9 000 installations depuis le 14 mars 2023, avant son retrait.C'était à l'origine
Google has stepped in to remove a bogus Chrome browser extension from the official Web Store that masqueraded as OpenAI\'s ChatGPT service to harvest Facebook session cookies and hijack the accounts. The "ChatGPT For Google" extension, a trojanized version of a legitimate open source browser add-on, attracted over 9,000 installations since March 14, 2023, prior to its removal. It was originally |
Threat | ChatGPT ChatGPT | ★★ |
|
2023-03-23 17:18:05 | (Déjà vu) Parcourir les courriels Courriel 13 sur 268 Précédent Suivant change-formatchange-format Objet : Commentaire Kaspersky - Leak des historiques de conversation sur ChatGPT (lien direct) | En début de semaine, Chat GPT, l'agent conversationnel piloté par IA, a connu un important dysfonctionnement, rendant public à d'autres internautes l'historique de conversations de certains utilisateurs. Un bug rapidement maîtrisé par OpenAI, mais qui pose de nombreuses questions en matière de cybersécurité et de protection des données personnelles... Vladislav Tushkanov, Lead Data Scientist chez Kaspersky, commente : - Malwares | Guideline | ChatGPT ChatGPT | ★★ |
 |
2023-03-23 17:00:20 | Leak des historiques de conversation sur ChatGPT (lien direct) | >En début de semaine, Chat GPT, l’agent conversationnel piloté par IA, a connu un important dysfonctionnement, rendant public à d’autres internautes l'historique de conversations de certains utilisateurs. Un bug rapidement maîtrisé par OpenAI, mais qui pose de nombreuses questions en matière de cybersécurité et de protection des données personnelles… Vladislav Tushkanov, Lead Data Scientist chez […] The post Leak des historiques de conversation sur ChatGPT first appeared on UnderNews. | Data Breach Guideline | ChatGPT ChatGPT | ★★★ |
|
2023-03-23 10:30:23 | ChatGPT : OpenAI confirme avoir rencontré un " important problème " (lien direct) |  ChatGPT a rencontré un gros bug. L'historique de conversations de certains utilisateurs a été transmis à d'autres internautes. OpenAI est rapidement monté au créneau pour corriger le tir, mais l'incident ravive nos préoccupations en matière de données personnelles… |
Studies | ChatGPT | ★★★ |
 |
2023-03-23 10:00:00 | Malivents Chatgpt Chrome Extension détourne les comptes Facebook [Malicious ChatGPT Chrome Extension Hijacks Facebook Accounts] (lien direct) | Le logiciel a été téléchargé involontairement des milliers de fois
Software was unwittingly downloaded thousands of times |
General Information | ChatGPT ChatGPT | ★★ |
 |
2023-03-22 11:14:06 | Défaut de confidentialité de chatgpt [ChatGPT Privacy Flaw] (lien direct) | Openai a désactivé l'historique de la vie privée de Chatgpt, presque certainement parce qu'ils avaient un défaut de sécurité où les utilisateurs se voyaient les uns les autres & #8217;histoires.
OpenAI has disabled ChatGPT’s privacy history, almost certainly because they had a security flaw where users were seeing each others’ histories. |
ChatGPT ChatGPT | ★★★ | |
|
2023-03-21 16:59:21 | Comment la Holberton School utilise ChatGPT (lien direct) | D'une communication "non sensible" à la rédaction de lignes de code, la Holberton School officialise l'utilisation d'une IA générative comme ChatGPT. | ChatGPT ChatGPT | ★★ | |
 |
2023-03-21 13:00:00 | CyberheistNews Vol 13 #12 [Heads Up] This Week\'s New SVB Meltdown Social Engineering Attacks (lien direct) |
CyberheistNews Vol 13 #12 | March 21st, 2023
[Heads Up] This Week's New SVB Meltdown Social Engineering Attacks
On Saturday March 11, I warned about the coming wave of phishing attacks that would undoubtedly follow the SVB collapse. We were not disappointed.
There is a raft of new registered domains that are SVB-related, for example login.svb[.]com and many others that will probably all be used for business email compromise (BEC) attacks.
Adi Ikan, CEO of Veriti, observed that "Phishing campaigns are leveraging SVB's recent collapse to impersonate the bank and its online services. We have observed an increase in the registration of fake phishing domains in the U.S. (88%), Spain (7%), France (3%) and Israel (2%), and we anticipate this number to grow."
INKY describes a phishing campaign that's impersonating (SVB) with phony DocuSign notifications: "Email recipients are told that the 'KYC Refresh Team' sent two malicious documents that require a signature. 'KYC' is a banking term that stands for 'Know Your Customer' or 'Know Your Client.' It's a mandatory process banks use to verify an account holder's identity.
Cyberwire Pro has a good summary. Their newsletter is a 'Stu's Warmly Recommended".https://thecyberwire.com/stories/4880d3b8100c464f83fcf8d8ec8d3f23/svbs-collapse-and-the-potential-for-fraud
Train users about the risks. We have simulated phishing attack templates in your Current Events section with SVB-themes ready-made for you to send to your users.
[Live Demo] Ridiculously Easy Security Awareness Training and Phishing
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Join us Wednesday, April 5, @ 2:00 PM (ET), for a live demo of how KnowBe4 introduces a new-school approach to security awareness training and simulated phishing.
Get a look at THREE NEW FEATURES and see how easy it is to train and phish your users.
NEW! KnowBe4 Mobile Learner App - Users can now train anytime, anywhere!
NEW! Security Cul |
Guideline | ChatGPT | ★★ |
|
2023-03-20 23:00:00 | ChatGPT Gut Check: Cybersecurity Threats Overhyped or Not? (lien direct) | Les autorités et les chercheurs britanniques de la cybersécurité réduisent les craintes que Chatgpt submerge les défenses actuelles, tandis que le PDG d'Openai s'inquiète de son utilisation dans les cyberattaques.
UK cybersecurity authorities and researchers tamp down fears that ChatGPT will overwhelm current defenses, while the CEO of OpenAI worries about its use in cyberattacks. |
ChatGPT ChatGPT | ★★★ | |
|
2023-03-20 16:14:00 | New Cyber Platform Lab 1 Decodes Dark Web Data to Uncover Hidden Supply Chain Breaches (lien direct) | This article has not been generated by ChatGPT. 2022 was the year when inflation hit world economies, except in one corner of the global marketplace – stolen data. Ransomware payments fell by over 40% in 2022 compared to 2021. More organisations chose not to pay ransom demands, according to findings by blockchain firm Chainalysis. Nonetheless, stolen data has value beyond a price tag, and in | Ransomware | ChatGPT | ★★★ |
|
2023-03-20 14:30:53 | Crypto : pourquoi ChatGPT est une arme contre les hackers (lien direct) |  Le monde des cryptomonnaies n'échappe pas à la révolution ChatGPT. D'après certains tests, le modèle linguistique d'OpenAI est capable d'améliorer la sécurité de la blockchain... et de mettre des bâtons dans les roues des hackers. |
ChatGPT ChatGPT | ★★ | |
 |
2023-03-18 08:00:00 | Wake up ChatGPT… (lien direct) | Je pense qu’on est nombreux à ne pas encore nous être remis du film Matrix. On kiffe ça, les wallpapers aux caractères verts sur fond noir et autres économiseurs d’écran et j’en passe. Faut que ça défile à fond pour qu’on s’imagine être Neo, l’élu ! Faut assumer ! C’est … Suite | ChatGPT | ★★★ | |
|
2023-03-17 20:30:00 | ChatGPT apportera-t-il de nouvelles avancées en matière de cybersécurité et de nouvelles menaces ? (lien direct) | ChatGPT apportera-t-il de nouvelles avancées en matière de cybersécurité et de nouvelles menaces ? La cybersécurité est l'une des préoccupations actuelles de toute personne ou entreprise faisant des affaires en ligne. - Points de Vue / cybersecurite_home_gauche | ChatGPT ChatGPT | ★ | |
|
2023-03-17 20:02:00 | Prancer Announces Integration With ChatGPT for Enhanced Security Assessments (lien direct) | Pas de details / No more details | ChatGPT ChatGPT | ★★ | |
|
2023-03-17 13:12:23 | ChatGPT4 : Une première analyse de la sécurité menée par Check Point Research (CPR) conclut à l\'existence de scénarios susceptibles d\'entraîner une accélération de la cybercriminalité (lien direct) | Check Point Research (CPR) publie une première analyse de ChatGPT4. Elle met en évidence cinq scénarios permettant aux acteurs de la menace de rationaliser les efforts et les dispositions malveillantes plus rapidement et plus précisément. - Marchés | Studies | ChatGPT | ★★★ |
|
2023-03-17 10:55:09 | Check Point Research (CPR): Initial Security Analysis of ChatGPT4 finds Potential Scenarios for Accelerated Cybercrime (lien direct) | Check Point Research (CPR): Initial Security Analysis of ChatGPT4 finds Potential Scenarios for Accelerated Cybercrime - Opinion | ChatGPT | ★ | |
|
2023-03-16 15:25:21 | Sophos démontre comment faire de ChatGPT un copilote de la cybersécurité (lien direct) | Sophos démontre comment faire de ChatGPT un copilote de la cybersécurité Le modèle d'IA peut plus facilement filtrer les activités malveillantes dans la télémétrie XDR, améliorer l'efficacité des filtres antispam et simplifier l'analyse des binaires LotL - Points de Vue | ChatGPT ChatGPT | ★★★★ | |
|
2023-03-16 10:50:43 | Comment les hackers utilisent ChatGPT pour vider votre compte bancaire (lien direct) | Quelques mois seulement après son lancement, ChatGPT est devenu un phénomène mondial. Il n'en fallait pas plus aux hackers pour trouver des moyens ingénieux d'exploiter le nouvel agent conversationnel basé sur l'intelligence artificielle pour soutirer de l'argent à leurs victimes. |
ChatGPT ChatGPT | ★★ | |
|
2023-03-16 10:30:00 | NCSC Calms Fears Over ChatGPT Threat (lien direct) | Tool won't democratize cybercrime, agency argues | Tool Threat | ChatGPT ChatGPT | ★★ |
|
2023-03-16 10:27:38 | Secureworks : La compromission des e-mails professionnels double en 2022, dépassant les ransomwares comme tactique de choix en matière de cybercriminalité (lien direct) | Secureworks : La compromission des e-mails professionnels double en 2022, dépassant les ransomwares comme tactique de choix en matière de cybercriminalité. Le rapport de Secureworks sur la réponse aux incidents met en évidence les principales causes d'incidents de sécurité dans le monde réel - montrant que c'est "moins de ChatGPT, et plus de Tchad dans le monde IT" - Investigations | General Information | ChatGPT | ★★ |
 |
2023-03-16 00:49:59 | Check Point Research conducts Initial Security Analysis of ChatGPT4, Highlighting Potential Scenarios For Accelerated Cybercrime (lien direct) | >Highlights: Check Point Research (CPR) releases an initial analysis of ChatGPT4, surfacing five scenarios that can allow threat actors to streamline malicious efforts and preparations faster and with more precision. In some instances, even non-technical actors can create harmful tools. The five scenarios provided span impersonations of banks, reverse shells, C++ malware and more. Despite… | Malware Threat | ChatGPT | ★★ |
|
2023-03-15 16:46:20 | Hoxhunt ChatGPT / Cybersecurity Research Reveals: Humans 1, AI 0 (lien direct) | Hoxhunt ChatGPT / Cybersecurity Research Reveals: Humans 1, AI 0 Research Highlights Need for Accelerating Security Behavior Change Outcomes with Evolving Threat Landscape - Special Reports | Threat | ChatGPT ChatGPT | ★★ |
|
2023-03-15 16:30:00 | Humans Still More Effective Than ChatGPT at Phishing (lien direct) | The research paper by HoxHunt analyzed 53,127 emails sent to users in over 100 countries | ChatGPT ChatGPT | ★★★ | |
|
2023-03-15 10:51:31 | De Google à Salesforce, chacun cherche son ChatGPT (lien direct) | Soutenu par Google, Anthropic ouvre un peu plus l'accès à son IA Claude, un concurrent supplémentaire pour ChatGPT. | ChatGPT ChatGPT | ★★ | |
 |
2023-03-14 19:05:17 | ChatGPT: AI\'s Evolving Capabilities and Consequences for Cybersecurity (lien direct) | >ChatGPT has taken the tech world by storm. This super interesting technology responds to queries and exchanges information back-and-forth in a manner that is almost human. The impressive responses, with the content and flow of a human-to-human conversation, feel like we’ve had such a technological breakthrough, very much like the early internet in the early […] | ChatGPT | ★★★ | |
 |
2023-03-14 17:32:00 | Anomali Cyber Watch: Xenomorph Automates The Whole Fraud Chain on Android, IceFire Ransomware Started Targeting Linux, Mythic Leopard Delivers Spyware Using Romance Scam (lien direct) |
Anomali Cyber Watch: Xenomorph Automates The Whole Fraud Chain on Android, IceFire Ransomware Started Targeting Linux, Mythic Leopard Delivers Spyware Using Romance Scam, and More.
The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Android, APT, DLL side-loading, Iran, Linux, Malvertising, Mobile, Pakistan, Ransomware, and Windows. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Xenomorph V3: a New Variant with ATS Targeting More Than 400 Institutions
(published: March 10, 2023)
Newer versions of the Xenomorph Android banking trojan are able to target 400 applications: cryptocurrency wallets and mobile banking from around the World with the top targeted countries being Spain, Turkey, Poland, USA, and Australia (in that order). Since February 2022, several small, testing Xenomorph campaigns have been detected. Its current version Xenomorph v3 (Xenomorph.C) is available on the Malware-as-a-Service model. This trojan version was delivered using the Zombinder binding service to bind it to a legitimate currency converter. Xenomorph v3 automatically collects and exfiltrates credentials using the ATS (Automated Transfer Systems) framework. The command-and-control traffic is blended in by abusing Discord Content Delivery Network.
Analyst Comment: Fraud chain automation makes Xenomorph v3 a dangerous malware that might significantly increase its prevalence on the threat landscape. Users should keep their mobile devices updated and avail of mobile antivirus and VPN protection services. Install only applications that you actually need, use the official store and check the app description and reviews. Organizations that publish applications for their customers are invited to use Anomali's Premium Digital Risk Protection service to discover rogue, malicious apps impersonating your brand that security teams typically do not search or monitor.
MITRE ATT&CK: [MITRE ATT&CK] T1417.001 - Input Capture: Keylogging | [MITRE ATT&CK] T1417.002 - Input Capture: Gui Input Capture
Tags: malware:Xenomorph, Mobile, actor:Hadoken Security Group, actor:HadokenSecurity, malware-type:Banking trojan, detection:Xenomorph.C, Malware-as-a-Service, Accessibility services, Overlay attack, Discord CDN, Cryptocurrency wallet, target-industry:Cryptocurrency, target-industry:Banking, target-country:Spain, target-country:ES, target-country:Turkey, target-country:TR, target-country:Poland, target-country:PL, target-country:USA, target-country:US, target-country:Australia, target-country:AU, malware:Zombinder, detection:Zombinder.A, Android
Cobalt Illusion Masquerades as Atlantic Council Employee
(published: March 9, 2023)
A new campaign by Iran-sponsored Charming Kitten (APT42, Cobalt Illusion, Magic Hound, Phosphorous) was detected targeting Mahsa Amini protests and researchers who document the suppression of women and minority groups i |
Ransomware Malware Tool Vulnerability Threat Guideline Conference | APT 35 ChatGPT ChatGPT APT 36 APT 42 | ★★ |
|
2023-03-14 14:03:45 | Ping Identity\'s response to GCHQ warning ChatGPT is a security threat (lien direct) | About ChatGPT and its security implications, a comment from Aubrey Turner, Executive Advisor at Ping Identity - Opinion | Threat | ChatGPT ChatGPT | ★★ |
|
2023-03-14 13:00:00 | CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears (lien direct) |
CyberheistNews Vol 13 #11 | March 14th, 2023
[Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears
Robert Lemos at DARKReading just reported on a worrying trend. The title said it all, and the news is that more than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity may result in massive leaks of proprietary information. Yikes.
I'm giving you a short extract of the story and the link to the whole article is below.
"Employees are submitting sensitive business data and privacy-protected information to large language models (LLMs) such as ChatGPT, raising concerns that artificial intelligence (AI) services could be incorporating the data into their models, and that information could be retrieved at a later date if proper data security isn't in place for the service.
"In a recent report, data security service Cyberhaven detected and blocked requests to input data into ChatGPT from 4.2% of the 1.6 million workers at its client companies because of the risk of leaking confidential info, client data, source code, or regulated information to the LLM.
"In one case, an executive cut and pasted the firm's 2023 strategy document into ChatGPT and asked it to create a PowerPoint deck. In another case, a doctor input his patient's name and their medical condition and asked ChatGPT to craft a letter to the patient's insurance company.
"And as more employees use ChatGPT and other AI-based services as productivity tools, the risk will grow, says Howard Ting, CEO of Cyberhaven.
"'There was this big migration of data from on-prem to cloud, and the next big shift is going to be the migration of data into these generative apps," he says. "And how that plays out [remains to be seen] - I think, we're in pregame; we're not even in the first inning.'"
Your employees need to be stepped through new-school security awareness training so that they understand the risks of doing things like this.
Blog post with links:https://blog.knowbe4.com/employees-are-feeding-sensitive-biz-data-to-chatgpt-raising-security-fears
[New PhishER Feature] Immediately Add User-Reported Email Threats to Your M365 Blockl |
Ransomware Data Breach Spam Malware Threat Guideline Medical | ChatGPT ChatGPT | ★★ |
|
2023-03-13 17:54:00 | Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising (lien direct) | A fake ChatGPT-branded Chrome browser extension has been found to come with capabilities to hijack Facebook accounts and create rogue admin accounts, highlighting one of the different methods cyber criminals are using to distribute malware. "By hijacking high-profile Facebook business accounts, the threat actor creates an elite army of Facebook bots and a malicious paid media apparatus," Guardio | Threat | ChatGPT ChatGPT | ★★ |
 |
2023-03-13 12:32:06 | Fake ChatGPT browser extension is hijacking Facebook Business accounts (lien direct) | >A fake ChatGPT extension named “Quick access to ChatGPT” has been found to hijack Facebook business accounts. The extension injects malicious code into the Facebook pages of targeted businesses, allowing attackers to gain unauthorized access to the accounts and take over their management functions. This has led to multiple businesses reporting similar incidents of unauthorized … | Threat | ChatGPT ChatGPT | ★★★ |
|
2023-03-11 19:02:00 | BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads (lien direct) | The malware downloader known as BATLOADER has been observed abusing Google Ads to deliver secondary payloads like Vidar Stealer and Ursnif. According to cybersecurity company eSentire, malicious ads are used to spoof a wide range of legitimate apps and services such as Adobe, OpenAPI's ChatGPT, Spotify, Tableau, and Zoom. BATLOADER, as the name suggests, is a loader that's responsible for | Malware | ChatGPT | ★★ |
|
2023-03-10 22:15:00 | ChatGPT Browser Extension Hijacks Facebook Business Accounts (lien direct) | Between March 3 and March 9, at least 2,000 people a day downloaded the malicious "Quick access to ChatGPT" Chrome extension from the Google Play app store. | ChatGPT ChatGPT | ★★★ | |
|
2023-03-10 08:56:35 | ChatGPT : Microsoft ouvre doucement les vannes de l\'API (lien direct) | ChatGPT fait son entrée dans l'offre Azure OpenAI Service... en version préliminaire. | ChatGPT ChatGPT | ★★ | |
|
2023-03-09 21:19:11 | New Rise In ChatGPT Scams Reported By Fraudsters (lien direct) | Since the release of ChatGPT, the cybersecurity company Darktrace has issued a warning, claiming that a rise in criminals utilizing artificial intelligence to craft more intricate schemes to defraud employees and hack into organizations has been observed. The Cambridge-based corporation said that AI further enabled “hacktivist” cyberattacks employing ransomware to extract money from businesses. The […] | Ransomware Hack | ChatGPT ChatGPT | ★★ |
|
2023-03-09 17:20:02 | ChatGPT: A tool for offensive cyber operations?! Not so fast! (lien direct) | ChatGPT: A tool for offensive cyber operations?! Not so fast! By John Borrero Rodriguez, Trellix - Opinion | Tool | ChatGPT | ★★ |
|
2023-03-09 17:16:55 | Nouvelle recherche Trellix : ChatGPT peine à convaincre sur l\'écriture de logiciels malveillants (lien direct) | ChatGPT a fait l'objet de nombreuses mises en garde au sein de la communauté cyber en raison de sa prétendue capacité d'écriture pouvant être mise au service de l'élaboration de logiciels malveillants, plus connus sous le nom de malwares. - Points de Vue | ChatGPT ChatGPT | ★★★ | |
|
2023-03-09 10:39:39 | ChatGPT et les CRM : comment HubSpot fait la jonction (lien direct) | Dans la lignée de Microsoft et de Salesforce, HubSpot expérimente des passerelles entre (Chat)GPT et son CRM. Quelle forme prennent-elles ? | ChatGPT ChatGPT | ★★ | |
|
2023-03-08 16:50:40 | AI-Powered \'BlackMamba\' Keylogging Attack Evades Modern EDR Security (lien direct) | Researchers warn that polymorphic malware created with ChatGPT and other LLMs will force a reinvention of security automation. | Malware | ChatGPT ChatGPT | ★★ |
|
2023-03-07 18:37:00 | Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears (lien direct) | More than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity may result in massive leaks of proprietary information. | ChatGPT | ★★★★ | |
|
2023-03-07 12:29:33 | L\'intelligence artificielle ChatGPT est-elle une nouvelle menace pour la cybersécurité ? (lien direct) | Les pirates informatiques y verront-ils le moyen de rendre leurs escroquries plus crédibles ? Où obtiendront-ils plus d'informations des victimes de campagnes de phishing ? Ci-dessous quelques commentaires sur l'intérêt des hackers et escrocs pour ChatGPT, par Stanislav Protassov, Executive Board member et cofondateur d'Acronis, entreprise spécialisée en cyberprotection. ChatGPT : quelles sont les utilisations possibles par les hackers et les ecrocs Les cybercriminels qui utiliseront ChatGPT (...) - Points de Vue | ChatGPT ChatGPT | ★★ |
To see everything:
Our RSS (filtrered)
