Loose-lipped neural networks and lazy scammers


One topic being actively researched in connection with the breakout of LLMs is capability uplift – when employees with limited experience or resources in some area become able to perform at a much higher level thanks to LLM technology. This is especially important in information security, where cyberattacks are becoming increasingly cost-effective and larger-scale, causing headaches for security teams.

Among other tools, attackers use LLMs to generate content for fake websites. Such sites can mimic reputable organizations – from social networks to banks – to extract credentials from victims (classic phishing), or they can pretend to be stores of famous brands offering super discounts on products (which mysteriously never get delivered).

Read more…
Source: Kaspersky


Sign up for our Newsletter


Related:

  • MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks

    December 5, 2024

    Trend Micro researchers have been continuously monitoring the MOONSHINE exploit kit’s activity since 2019. During our research, they discovered a MOONSHINE exploit kit server with improper operational security: Its server exposed MOONSHINE’s toolkits and operation logs, which revealed the information of possible victims and the attack tactics of a threat actor we have named Earth ...

  • Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware

    December 4, 2024

    Beginning in early October, Rapid7 has observed a resurgence of activity related to the ongoing social engineering campaign being conducted by Black Basta ransomware operators. Rapid7 initially reported the discovery of the novel social engineering campaign back in May, 2024, followed by an update in August 2024, when the operators updated their tactics and malware payloads ...

  • Ireland: Woman, 20s, arrested over potential data breach at utility service provider

    December 4, 2024

    A woman has been arrested over a potential data breach at a national utility service provider last year. The woman, aged in her 20s, was arrested yesterday and is detained at a garda station in Dublin. The potential breach was identified by members of the Garda National Cyber Crime Bureau in 2023. It was referred to ...

  • UK: Ransomware hackers target NHS hospitals with new cyberattacks

    December 4, 2024

    Ransomware hackers have continued an assault on National Health Service trusts across the United Kingdom by compromising multiple hospitals, exposing sensitive patient data and disrupting emergency services. Inc Ransom, a prolific Russia-linked ransomware group that claimed responsibility for an attack on NHS Scotland earlier this year, now claims to have breached the Alder Hey Children’s Hospital ...

  • Foreign espionage agencies exploit crowdsourcing for covert intelligence gathering in China

    December 4, 2024

    China’s Ministry of State Security revealed on Wednesday that foreign intelligence agencies are using crowdsourcing to gather sensitive data in China, posing a covert but serious threat to national security. This covert method, dubbed “crowdsourced espionage,” poses an escalating threat. Foreign intelligence agencies break down intelligence-gathering missions into smaller, discrete tasks and distribute them via legitimate ...

  • AI chatbot provider exposes 346,000 customer files, including ID documents, resumes, and medical records

    December 3, 2024

    Researchers have discovered a huge Google Cloud Storage bucket, found freely accessible on the internet and containing a treasure trove of personal information. AI startup WotNot provides companies with the ability to create their own customized chatbot. The company reportedly has 3,000 customers including some household family names. But the way its solution is set up ...