IT Security Newsletter

IT Security Newsletter - 2/22/2023

Written by Cadre | Wed, Feb 22, 2023

Activision confirms data breach exposing employee and game info

Activision has confirmed that it suffered a data breach in early December 2022 after hackers gained access to the company's internal systems by tricking an employee with an SMS phishing text. The video game maker says that the incident has not compromised game source code or player details. However, security research group vx-underground says that the threat actor "exfiltrated sensitive work place documents" along with the content release schedule until November 17, 2023. READ MORE...

Chip company loses $250m after ransomware hits supply chain

Applied Materials, one of the world's leading suppliers of equipment, services, and software for the manufacture of semiconductors, has warned that its second-quarter sales are likely to be hurt to the tune of $250 million due to a cybersecurity attack at one of its suppliers. And although Applied Materials did not name the supplier, it's thought that the victim is MKS Instrument Inc, a vendor that a week ago said a ransomware attack would force it to delay the release of its own quarterly results. READ MORE...

Coinbase Hack Linked to Group Behind Last Year's Twilio, Cloudflare Attacks

Coinbase, one of the world's largest cryptocurrency exchanges, was recently targeted in a sophisticated cyberattack that appears to have been conducted by the same threat group that targeted Twilio, Cloudflare and many others last year. Coinbase revealed on Friday that its employees were targeted in an SMS phishing campaign on Sunday, February 5. The targeted workers received text messages instructing them to urgently log in to their account through a provided link. READ MORE...

VMware patches critical injection flaw in Carbon Black App Control (CVE-2023-20858)

VMware has fixed a critical vulnerability (CVE-2023-20858) in Carbon Black App Control, its enterprise solution for preventing untrusted software from executing on critical systems and endpoints. Even though the flaw has been privately reported to VMware, and there is no mention of it being actively exploited, admins are urged to upgrade to a fixed version as soon as possible. READ MORE...

HardBit ransomware wants insurance details to set the perfect price

A ransomware threat called HardBit has moved to version 2.0 and its operators are trying to negotiate a ransom payment that would be covered by the victim's insurance company. Specifically, the threat actor tries to convince the victim that it is in their interest to disclose all insurance details so they can adjust their demands so the insurer would cover all costs. READ MORE...

ChatGPT is bringing advancements and challenges for cybersecurity

Understanding why ChatGPT is garnering so much attention takes a bit of background. Up until recently, AI models have been quite "dumb": they could only respond to specific tasks when trained on a large dataset providing context on what to find. But, over the last five years, research breakthroughs have taken AI to a whole new level, enabling computers to better understand the meaning behind words and phrases. READ MORE...

Will ChatGPT start writing killer malware?

ChatGPT didn't write this article - I did. But I guess that's just what ChatGPT might say. Luckily, there are some grammar errors left to prove I'm not a robot. But that's just the kind of thing ChatGPT might do too in order to seem real. This current robot hipster tech is a fancy autoresponder that is good enough to produce homework answers, research papers, legal responses, medical diagnoses, and other things that have passed the "smell test" when treated as if they are the work of human actors. READ MORE...

Researchers Create an AI Cyber Defender That Reacts to Attackers

A newly created artificial intelligence (AI) system based on deep reinforcement learning (DRL) can react to attackers in a simulated environment and block 95% of cyberattacks before they escalate. That's according to the researchers from the Department of Energy's Pacific Northwest National Laboratory who built an abstract simulation of the digital conflict between attackers and defenders in a network and trained four different DRL neural networks to maximize rewards based on preventing compromises. READ MORE...

Sci-fi becomes real as renowned magazine closes submissions due to AI writers

One side effect of unlimited content-creation machines-generative AI-is unlimited content. On Monday, the editor of the renowned sci-fi publication Clarkesworld Magazine announced that he had temporarily closed story submissions due to a massive increase in machine-generated stories sent to the publication. In a graph shared on Twitter, Clarkesworld editor Neil Clarke tallied the number of banned writers submitting plagiarized or machine-generated stories. READ MORE...

  • ...in 1732, American general and first President of the United States George Washington is born in Virginia.
  • ...in 1918, TV and radio announcer Don Pardo, who lent his voice to 39 seasons of "Saturday Night Live", is born in Westfield, MA.
  • ...in 1924, Calvin Coolidge becomes the first US President to deliver a radio address from the White House.
  • ...in 1959, TV and film actor Kyle MacLachlan ("Twin Peaks", "Portlandia") is born in Yakima, WA.
  • ...in 1997, Scottish scientists announce the first successful cloning of a mammal from an adult cell, a sheep named Dolly.