Collaborate Disseminate
ProPublica has a long investigative article on how the Cyber Safety Review Board failed to investigate the SolarWinds attack, and specifically Microsoft’s culpability, even though they were directed by President Biden to do so.
Continue reading On the CSRB’s Non-Investigation of the SolarWinds Attack
TeamViewer’s corporate network was hacked and some reports say the Russian group APT29 is behind the attack.
The post Russian APT Reportedly Behind New TeamViewer Hack appeared first on SecurityWeek.
Continue reading Russian APT Reportedly Behind New TeamViewer Hack
The University Hospital Centre Zagreb (KBC Zagreb) is under cyberattack that started on Wednesday night, the Croatian Radiotelevision has reported. Because of the attack, the hospital has shut down its information system and will be switching parts of … Continue reading Largest Croatian hospital under cyberattack
Car dealerships in North America are still wrestling with major disruptions that started last week with cyberattacks on a company whose software is used widely in the auto retail sales sector.
The post Car Dealerships in North America Revert to Pens an… Continue reading Car Dealerships in North America Revert to Pens and Paper After Cyberattacks on Software Provider
When a ransomware attack targets something like a hospital, it quickly becomes a high-profile event that understandably results in public outrage. Hospitals are supposed to be backstops for society, a …read more Continue reading Hackaday Links: June 23, 2024
Car dealership software provider CDK Global was in the process of restoring services impacted by a cyberattack when it discovered an additional hack.
The post Disruptions at Many Car Dealerships Continue as CDK Hack Worsens appeared first on SecurityWe… Continue reading Disruptions at Many Car Dealerships Continue as CDK Hack Worsens
Ohio-based Crown Equipment, which is among the largest industrial and forklift truck manufacturers in the world, has become a victim of a cyberattack “by an international cybercriminal organization,” the company has finally confirmed to its… Continue reading Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks
CDK Global, a software-as-a-service (SaaS) provider for car dealers and auto equipment manufacturers, has suffered a cyberattack that has temporarily disrupted its customers’ operations. About CDK and its platform CDK’s platform is used by … Continue reading CDK Global cyberattack cripples 15,000 US auto dealerships
Interesting research: “Teams of LLM Agents can Exploit Zero-Day Vulnerabilities.”
Abstract: LLM agents have become increasingly sophisticated, especially in the realm of cybersecurity. Researchers have shown that LLM agents can exploit real-world vulnerabilities when given a description of the vulnerability and toy capture-the-flag problems. However, these agents still perform poorly on real-world vulnerabilities that are unknown to the agent ahead of time (zero-day vulnerabilities).
In this work, we show that teams of LLM agents can exploit real-world, zero-day vulnerabilities. Prior agents struggle with exploring many different vulnerabilities and long-range planning when used alone. To resolve this, we introduce HPTSA, a system of agents with a planning agent that can launch subagents. The planning agent explores the system and determines which subagents to call, resolving long-term planning issues when trying different vulnerabilities. We construct a benchmark of 15 real-world vulnerabilities and show that our team of agents improve over prior work by up to 4.5×…
The City of Cleveland says emergency services, utilities, and airport are unaffected by a recent cyberattack.
The post City of Cleveland Scrambling to Restore Systems Following Cyberattack appeared first on SecurityWeek.
Continue reading City of Cleveland Scrambling to Restore Systems Following Cyberattack