FISA

As many as 100 malicious artificial intelligence (AI)/machine learning (ML) models have been discovered in the Hugging Face platform. These include instances where loading a  pickle file  leads to code execution, software supply chain security firm JFrog said. "The model's payload grants the attacker a shell on the compromised machine, enabling them to gain full control over victims' machines through what is commonly referred to as a 'backdoor,'" senior security researcher David Cohen  said . "This silent infiltration could potentially grant access to critical internal systems and pave the way for large-scale data breaches or even corporate espionage, impacting not just individual users but potentially entire organizations across the globe, all while leaving victims utterly unaware of their compromised state." Specifically, the rogue model initiates a reverse shell connection to 210.117.212[.]93, an IP address that belongs to the Korea Research Envir...

U.S. cybersecurity and intelligence agencies have warned of  Phobos ransomware  attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware. "Structured as a ransomware as a service (RaaS) model, Phobos ransomware actors have targeted entities including municipal and county governments, emergency services, education, public healthcare, and critical infrastructure to successfully ransom several million in U.S. dollars," the government  said . The advisory comes from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC). Active since May 2019, multiple variants of Phobos ransomware have been identified to date, namely Eking, Eight, Elbie, Devos, Faust, and Backmydata. Late last year, Cisco Talos  revealed  that the threat ...

A novel phishing kit has been observed impersonating the login pages of well-known cryptocurrency services as part of an attack cluster codenamed CryptoChameleon that's designed to primarily target mobile devices. "This kit enables attackers to build carbon copies of single sign-on (SSO) pages, then use a combination of email, SMS, and voice phishing to trick the target into sharing usernames, passwords, password reset URLs, and even photo IDs from hundreds of victims, mostly in the United States," Lookout  said  in a report. Targets of the phishing kit include employees of the Federal Communications Commission (FCC), Binance, Coinbase, and cryptocurrency users of various platforms like Binance, Coinbase, Gemini, Kraken, ShakePay, Caleb & Brown, and Trezor. More than 100 victims have been successfully phished to date. The phishing pages are designed such that the fake login screen is displayed only after the victim completes a CAPTCHA test using hCaptcha, thus prevent...

  The BlackCat/ALPHV ransomware gang has officially claimed responsibility for a  cyberattack on Optum , a subsidiary of UnitedHealth Group (UHG), which led to an ongoing outage affecting the Change Healthcare platform. Change Healthcare is the largest payment exchange platform used by more than 70,000 pharmacies across the United States. UHG is the world's largest healthcare company by revenue, employing 440,000 people worldwide and working with over 1.6 million physicians and care professionals in 8,000 hospitals and other care facilities. In a statement published on their dark web leak site today, BlackCat said that they allegedly stole 6TB of data from Change Healthcare's network belonging to "thousands of healthcare providers, insurance providers, pharmacies, etc." "Being inside a production network one can imagine the amount of critical and sensitive data that can be found. The data relates to all Change Health clients that have sensitive data being process...

  Understanding the risks - and benefits - of using AI tools. Ignited by the release of ChatGPT in late 2022, artificial intelligence (AI) has captured the world's interest and has the potential to bring many benefits to society. However, for the opportunities of AI to be fully realised, it must be developed in a safe and responsible way, especially when the pace of development is high, and the potential risks are still unknown. As with any emerging technology, there's always concern around what this means for security.  This guidance is designed to help managers, board members and senior executives (with a non-technical background) to understand some of the risks - and benefits - of using AI tools . Managers don't need to be technical experts, but they should know enough about the potential risks from AI to be able to discuss issues with key staff. What is artificial intelligence? Artificial intelligence  (AI) can be described as  ‘Any computer system that can perfo...

Details have emerged about a now-patched high-severity security flaw in Apple's Shortcuts app that could permit a shortcut to access sensitive information on the device without users' consent. The vulnerability, tracked as  CVE-2024-23204  (CVSS score: 7.5), was addressed by Apple on January 22, 2024, with the release of  iOS 17.3, iPadOS 17.3 ,  macOS Sonoma 14.3 , and  watchOS 10.3 . "A shortcut may be able to use sensitive data with certain actions without prompting the user," the iPhone maker said in an advisory, stating it was fixed with "additional permissions checks." Apple Shortcuts is a  scripting application  that allows users to create personalized workflows (aka macros) for  executing   specific tasks  on their devices. It comes installed by default on iOS, iPadOS, macOS, and watchOS operating systems. Bitdefender security researcher Jubaer Alnazi Jabin, who discovered and reported the Shortcuts bug, said it could be weaponiz...