cyberattack – WindowsTechs.com

Prompt Injection Defenses Against LLM Cyberattacks

Posted on November 7, 2024 by Bruce Schneier

Interesting research: “Hacking Back the AI-Hacker: Prompt Injection as a Defense Against LLM-driven Cyberattacks“:

Large language models (LLMs) are increasingly being harnessed to automate cyberattacks, making sophisticated exploits more accessible and scalable. In response, we propose a new defense strategy tailored to counter LLM-driven cyberattacks. We introduce Mantis, a defensive framework that exploits LLMs’ susceptibility to adversarial inputs to undermine malicious operations. Upon detecting an automated cyberattack, Mantis plants carefully crafted inputs into system responses, leading the attacker’s LLM to disrupt their own operations (passive defense) or even compromise the attacker’s machine (active defense). By deploying purposefully vulnerable decoy services to attract the attacker and using dynamic prompt injections for the attacker’s LLM, Mantis can autonomously hack back the attacker. In our experiments, Mantis consistently achieved over 95% effectiveness against automated LLM-driven attacks. To foster further research and collaboration, Mantis is available as an open-source tool: …

Continue reading Prompt Injection Defenses Against LLM Cyberattacks→

Threat Actors Are Exploiting Vulnerabilities Faster Than Ever

Posted on October 23, 2024 by Cedric Pernet

It only takes five days on average for attackers to exploit a vulnerability, according to a new report. Continue reading Threat Actors Are Exploiting Vulnerabilities Faster Than Ever→

What’s behind the 51% drop in ransomware attacks?

Posted on October 18, 2024 by Jonathan Reed

In a world where cyber threats feel omnipresent, a recent report has revealed some unexpected good news: ransomware attacks on state and local governments have dropped by 51% in 2024. Still, this decline does not signal the end of the ransomware threat, nor should it lead to complacency. As the nature of ransomware evolves, so […]

The post What’s behind the 51% drop in ransomware attacks? appeared first on Security Intelligence.

Continue reading What’s behind the 51% drop in ransomware attacks?→

Fidelity Data Breach Exposes Data of Over 77,000 Customers

Posted on October 10, 2024 by Megan Crouse

An attacker snuck in by creating two new user accounts. Fidelity assures customers their investments aren’t affected. Continue reading Fidelity Data Breach Exposes Data of Over 77,000 Customers→

China Possibly Hacking US “Lawful Access” Backdoor

Posted on October 8, 2024 by Bruce Schneier

The Wall Street Journal is reporting that Chinese hackers (Salt Typhoon) penetrated the networks of US broadband providers, and might have accessed the backdoors that the federal government uses to execute court-authorized wiretap requests. Those backdoors have been mandated by law—CALEA—since 1994.

It’s a weird story. The first line of the article is: “A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers.” This implies that the attack wasn’t against the broadband providers directly, but against one of the intermediary companies that sit between the government CALEA requests and the broadband providers…

Continue reading China Possibly Hacking US “Lawful Access” Backdoor→

American Water shuts down systems after cyberattack

Posted on October 8, 2024 by Zeljka Zorz

American Water, the largest water and wastewater utility company in the US, has shut down some of its systems following a cyberattack. While the company confirmed that none of its water or wastewater facilities or operations have been negatively affect… Continue reading American Water shuts down systems after cyberattack→

Cyberattack Causes MoneyGram Service Outage

Posted on September 24, 2024 by Ionut Arghire

MoneyGram’s money transfer services are down after the company took systems offline to contain a cyberattack.
The post Cyberattack Causes MoneyGram Service Outage appeared first on SecurityWeek.
Continue reading Cyberattack Causes MoneyGram Service Outage→

Kansas Water Facility Switches to Manual Operations Following Cyberattack

Posted on September 24, 2024 by Ionut Arghire

Ransomware possibly involved in a cybersecurity incident at Arkansas City’s water treatment facility.
The post Kansas Water Facility Switches to Manual Operations Following Cyberattack appeared first on SecurityWeek.
Continue reading Kansas Water Facility Switches to Manual Operations Following Cyberattack→

Suspect arrested over the Transport for London cyberattack

Posted on September 12, 2024 by Zeljka Zorz

The UK National Crime Agency has arrested and detained a suspect – a 17-year-old male in Walsall (West Midlands) – on suspicion of Computer Misuse Act offences in relation to the Transport for London (TfL) cyberattack, the agency has announ… Continue reading Suspect arrested over the Transport for London cyberattack→

Microchip Technology confirms theft of employee data

Posted on September 5, 2024 by Zeljka Zorz

US-based semiconductor manufacturer Microchip Technology has confirmed that the cyberattack it suffered in August 2024 resulted in the theft of data, including “employee contact information and some encrypted and hashed passwords.” The brea… Continue reading Microchip Technology confirms theft of employee data→