Asahi Data Breach Impacts 2 Million Individuals
Japanese beer giant Asahi on Thursday announced that hackers stole the personal information of roughly 2 million individuals in a disruptive ransomware attack in September. Asahi disclosed the incident on September 29, the same day that it occurred. Its operations in Japan continue to be partially disrupted, as the impacted systems are gradually being restored. In early October, the Qilin ransomware group added Asahi to its Tor-based leak site, claiming the theft of 27 gigabytes of data. READ MORE...
OpenAI discloses API customer data breach via Mixpanel vendor hack
OpenAI is notifying some ChatGPT API customers that limited identifying information was exposed following a breach at its third-party analytics provider Mixpanel. Mixpanel offers event analytics that OpenAI uses to track user interactions on the frontend interface for the API product. According to the AI company, the cyber incident affected "limited analytics data related to some users of the API" and did not impact users of ChatGPT or other products. READ MORE...
FCC sounds alarm after emergency tones turned into potty-mouthed radio takeover
Malicious intruders have hijacked US radio gear to turn emergency broadcast tones into a profanity-laced alarm system. That's according to the latest warning issued by the Federal Communications Commission (FCC), which has flagged a "recent string of cyber intrusions" that diverted studio-to-transmitter links (STLs) so attackers could replace legitimate programming with their own audio - complete with the signature "Attention Signal" tone of the domestic Emergency Alert System (EAS). READ MORE...
Krebs on Security: Meet Rey, the Admin of 'Scattered Lapsus$ Hunters'
A prolific cybercriminal group that calls itself "Scattered LAPSUS$ Hunters" has dominated headlines this year by regularly stealing data from and publicly mass extorting dozens of major corporations. But the tables seem to have turned somewhat for "Rey," the moniker chosen by the technical operator and public face of the hacker group: Earlier this week, Rey confirmed his real life identity and agreed to an interview after KrebsOnSecurity tracked him down and contacted his father. READ MORE...
Holiday shoppers targeted as Amazon and FBI warn of surge in account takeover attacks
The FBI has issued a public service announcement warning about a surge in account takeover (ATO) fraud, and the timing lines up with a major alert Amazon has just sent to its 300 million customers about brand impersonation scams. Account takeover fraud is just what it says: Scammers figure out a way to hijack your account and use it for their own gain. It affects everything from email and social media to retailer, travel, and banking accounts. READ MORE...
How Malware Authors Are Incorporating LLMs to Evade Detection
Threat actors are testing malware that incorporates large language models (LLMs) to create malware that can evade detection by security tools. In an analysis published earlier this month, Google's Threat Intelligence Group (GTIG) describes how attackers are using artificial intelligence (AI) services, such as Google Gemini and Hugging Face, to rewrite malicious code or generate unique commands for the malware to execute. READ MORE...
State-backed spyware attacks are targeting Signal and WhatsApp users, CISA warns
CISA, the US Cybersecurity and Infrastructure Security Agency, has issued a new warning that cybercriminals and state-backed hacking groups are using spyware to compromise smartphones belonging to users of popular encrypted messaging apps such as Signal, WhatsApp, and Telegram. In an advisory released this week, CISA warns that malicious hackers are not trying to crack the end-to-end encryption used by the apps directly to secure conversations, but are instead targeting the devices themselves. READ MORE...
Crisis24 shuts down emergency notification system in wake of ransomware attack
OnSolve CodeRED, a voluntary, opt-in emergency notification system used by law enforcement agencies and municipalities across the country, has been permanently shut down in the wake of a ransomware attack. Crisis24, the company behind the service, said it decommissioned the platform after the cyberattack damaged the OnSolve CodeRED environment earlier this month. "Current forensic analysis indicates that the incident was contained within that environment," the company said in a statement. READ MORE...
Prompt Injections Loom Large Over ChatGPT's Atlas Browser
As a new AI-powered Web browser brings agentics closer to the masses, questions remain regarding whether prompt injections, the signature LLM attack type, could get even worse. ChatGPT Atlas is OpenAI's large language model (LLM)-powered Web browser launched Oct. 21 and based on Chromium. Currently available for macOS (with other platforms to come), Atlas comes with native ChatGPT functionality including text generation, Web page summarization, and agent capabilities. READ MORE...
- ...in 1913, Henry Ford establishes the first assembly line for automobile production, which he modeled after the production line at Kahn's Meat Packing in Cincinnati.
- ...in 1940, comedian/actor/writer Richard Pryor ("Silver Streak", "Jo Jo Dancer, Your Life is Calling") is born in Peoria, IL.
- ...in 1945, actress/singer/comedian Bette Midler ("The Rose", "Hocus Pocus") is born in Honolulu, HI
- ...in 1955, activist Rosa Parks is jailed for protesting Montgomery, AL's racial segregation laws by refusing to give up her bus seat for a white passenger.
