November 22, 2023

Hackers Successfully Breach ChatGPT Model Using Indirect Prompt Injection Technique

ChatGPT, quickly amassing over 100 million users following its release, has been part of a trend involving advanced models like GPT-4 and various smaller versions. These Large Language Models (LLMs) find extensive applications, yet their flexibility with natural prompts presents vulnerabilities. This susceptibility notably includes Prompt Injection attacks, where attackers can circumvent controls. The line …

Hackers Successfully Breach ChatGPT Model Using Indirect Prompt Injection Technique Read More »

Hacker may have the capability to shut down entire power plants through vulnerabilities in Codesys

Microsoft’s security researchers recently highlighted a series of severe vulnerabilities in the Codesys V3 SDK, commonly used in industrial programming for Programmable Logic Controllers (PLCs). Although exploiting these weaknesses is challenging, the potential damage they could cause is significant. These vulnerabilities could potentially allow attackers to shut down entire power plants, manipulate PLCs in unusual …

Hacker may have the capability to shut down entire power plants through vulnerabilities in Codesys Read More »

New Cybersecurity Threat: Exploiting Microsoft’s Cross-Tenant Synchronization Feature

Attackers are increasingly exploiting Microsoft identities to access both Microsoft and federated SaaS applications. Rather than exploiting vulnerabilities, they use native Microsoft features to achieve their goals. Nobelium, the group linked to the SolarWinds attacks, has been observed using such native functionality, like creating Federated Trusts, for persistent access to Microsoft tenants. This article highlights …

New Cybersecurity Threat: Exploiting Microsoft’s Cross-Tenant Synchronization Feature Read More »

IBM SDK Java Technology Vulnerability Enables Remote Execution of Unauthorized Code

IBM SDK’s Java Technology Edition has identified a critical vulnerability that permits unauthorized code execution due to unsafe deserialization. This flaw, assigned CVE ID CVE-2022-40609, exists in the Object Request Broker (ORB), a middleware component facilitating remote procedure calls (RPC) between networked computers, while maintaining location transparency. The vulnerability, classified as CVE-2022-40609: Unsafe Deserialization Flaw, …

IBM SDK Java Technology Vulnerability Enables Remote Execution of Unauthorized Code Read More »

Major Cyber Attack Targets Numerous Citrix NetScaler ADC and Gateway Servers

Hundreds of Citrix NetScaler ADC and Gateway servers have been breached by malicious actors to deploy web shells, according to the Shadowserver Foundation. The non-profit said the attacks take advantage of CVE-2023-3519, a critical code injection vulnerability that could lead to unauthenticated remote code execution. The flaw, patched by Citrix last month, carries a CVSS …

Major Cyber Attack Targets Numerous Citrix NetScaler ADC and Gateway Servers Read More »

Collide+Power, Downfall, and Inception in Modern CPUs

Cybersecurity experts have recently unveiled a series of side-channel vulnerabilities in modern CPUs that could potentially lead to data breaches. These vulnerabilities are identified as Collide+Power (CVE-2023-20583), Downfall (CVE-2022-40982), and Inception (CVE-2023-20569), following the revelation of Zenbleed (CVE-2023-20593), a separate flaw impacting AMD’s Zen 2 architecture-based processors. Daniel Moghimi, a senior research scientist at Google, …

Collide+Power, Downfall, and Inception in Modern CPUs Read More »

Use of EvilProxy Phishing Kit to Attack Executives

Increasingly, cybercriminals are exploiting a phishing toolkit named EvilProxy for account takeover attacks, especially targeting high-level executives in large companies. Proofpoint reports that from March to June 2023, a campaign using EvilProxy targeted thousands of Microsoft 365 accounts, sending around 120,000 phishing emails to various organizations. Remarkably, 39% of compromised accounts belonged to C-level executives, …

Use of EvilProxy Phishing Kit to Attack Executives Read More »

TargetCompany Ransomware Strikes Again: New Variant and Covert Tools Unveiled

The TargetCompany ransomware, also known as Mallox, Fargo, and Tohnichi, is actively targeting organizations that are running vulnerable SQL servers. Additionally, the TargetCompany ransomware has recently introduced a new variant of malware, along with several malicious tools for maintaining persistence and conducting covert operations, which are rapidly gaining popularity. Researchers at Trend Micro in the …

TargetCompany Ransomware Strikes Again: New Variant and Covert Tools Unveiled Read More »

Scroll to Top