What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2025-01-29 14:00:00 | Adversarial Misuse of Generative AI (lien direct) | Rapid advancements in artificial intelligence (AI) are unlocking new possibilities for the way we work and accelerating innovation in science, technology, and beyond. In cybersecurity, AI is poised to transform digital defense, empowering defenders and enhancing our collective security. Large language models (LLMs) open new possibilities for defenders, from sifting through complex telemetry to secure coding, vulnerability discovery, and streamlining operations. However, some of these same AI capabilities are also available to attackers, leading to understandable anxieties about the potential for AI to be misused for malicious purposes. Much of the current discourse around cyber threat actors\' misuse of AI is confined to theoretical research. While these studies demonstrate the potential for malicious exploitation of AI, they don\'t necessarily reflect the reality of how AI is currently being used by threat actors in the wild. To bridge this gap, we are sharing a comprehensive analysis of how threat actors interacted with Google\'s AI-powered assistant, Gemini. Our analysis was grounded by the expertise of Google\'s Threat Intelligence Group (GTIG), which combines decades of experience tracking threat actors on the front lines and protecting Google, our users, and our customers from government-backed attackers, targeted 0-day exploits, coordinated information operations (IO), and serious cyber crime networks. We believe the private sector, governments, educational institutions, and other stakeholders must work together to maximize AI\'s benefits while also reducing the risks of abuse. At Google, we are committed to developing responsible AI guided by our principles, and we share | Ransomware Malware Tool Vulnerability Threat Studies Legislation Mobile Industrial Cloud Technical Commercial | APT 41 APT 43 APT 42 | ★★★ |
 |
2024-08-15 22:02:58 | (Déjà vu) Le groupe soutenu iranien interroge les campagnes de phishing contre Israël, aux États-Unis, les États-Unis Iranian backed group steps up phishing campaigns against Israel, U.S. (lien direct) |
#### Targeted Geolocations - United States - Israel - United Kingdom #### Targeted Industries - Government Agencies & Services - Diplomacy/International Relations - Non-Government Organization - Political and other groups ## Snapshot Researchers at Google\'s Threat Analysis Group (TAG) have identified APT42, an Iranian government-backed threat actor, as the group behind targeted phishing campaigns against Israel and the United States. The activity described by Google in this report as APT42 is tracked by Microsoft as [Mint Sandstorm](https://security.microsoft.com/intel-profiles/05c5c1b864581c264d955df783455ecadf9b98471e408f32947544178e7bd0e3). ## Description APT42, associated with Iran\'s Islamic Revolutionary Guard Corps (IRGC), has consistently targeted high-profile users in Israel and the U.S., including government officials, political campaigns, diplomats, think tanks, NGOs, and academic institutions. The group\'s tailored credential phishing tactics involve social engineering lures and the use of phishing kits to harvest credentials from various sign-on pages. APT42\'s phishing campaigns heavily target users in Israel and the U.S., with a focus on military, defense, diplomats, academics, and civil society. They have been observed to add additional mechanisms of access once they gain account access. Despite Google\'s efforts to disrupt APT42\'s activities, the group continues to pose a sophisticated and persistent threat, particularly focused on Israel and the U.S. Google assesses that as tensions between Iran and Israel escalate, an increase in APT42\'s campaigns in the region is expected. ## Microsoft Analysis Microsoft Threat Intelligence assesses that this malicious activity is attributed to [Mint Sandstorm](https://security.microsoft.com/intel-profiles/05c5c1b864581c264d955df783455ecadf9b98471e408f32947544178e7bd0e3) based on our analysis of the IOCs and how the TTPs described in this report closely match previously observed Mint Sandstorm activity. Mint Sandstorm is a group run by the Islamic Revolutionary Guard Corps (IRGC) intelligence unit group known to primarily target dissidents protesting the Iranian government, as well as activist leaders, the defense industrial base, journalists, think tanks, universities, and government organizations. Microsoft has been tracking the emergence of significant influence activity by Iranian actors, detailed in the latest election report from the Microsoft Threat Analysis Center (MTAC), "[Iran steps into US election 2024 with cyber-enabled influence operations](https://security.microsoft.com/intel-explorer/articles/523c29ce)." Mint Sandstorm has been observed entering the preparatory stage for likely cyber-enabled influence. Recent targeting by the group is a reminder that senior policymakers should be cognizant of monitoring and following cybersecurity best practices even for legacy or archived infrastructure, as they can be ripe targets for threat actors seeking to collect intelligence, run cyber-enabled influence operations, or both. ## Recommendations Microsoft recommends the following mitigations to reduce the impact of this threat. Check the recommendations card for the deployment status of monitored mitigations. - Invest in advanced anti-phishing solutions that monitor incoming emails and visited websites. [Microsoft Defender for Office 365](https://learn.microsoft.com/microsoft-365/security/defender/microsoft-365-security-center-mdo) merges incident and alert management across email, devices, and identities, centralizing investigations for email-based threats. Organizations can also leverage web browsers that automatically [identify and block](https://learn.microsoft.com/deployedge/microsoft-edge-security-smartscreen) malicious websites, including those used in this phishing campaign. - [Require multifactor authentication (MFA).](https://learn.microsoft.com/microsoft-365/admin/security-and-compliance/set-up-multi-facto | Spam Malware Tool Threat Industrial | APT 42 | ★★★ |
 |
2024-07-17 13:42:31 | Le sénateur Warner fait pression pour une action immédiate sur les normes de cybersécurité obligatoires pour le secteur des soins de santé Senator Warner pushes for immediate action on mandatory cybersecurity standards for healthcare sector (lien direct) |
U.S.Le sénateur Mark R. Warner appelle l'administration à développer et à mettre en œuvre rapidement des normes de cyber minimum obligatoires ...
U.S. Senator Mark R. Warner calls upon the administration to swiftly develop and implement mandatory minimum cyber standards... |
Industrial Medical | APT 42 | ★★★ |
1
We have: 3 articles.
We have: 3 articles.
To see everything:
Our RSS (filtrered)
