Attackers can manipulate routing tables to bypass traffic meant for a Virtual Private Network (VPN) and redirect it to an untrusted local network using a technique called "TunnelVision." It involves the exploitation of a Dynamic Host Configuration Protocol (DHCP) design flaw. According to researchers at the Leviathan Security Group, this technique does not rely on exploiting VPN technologies or underlying protocols. Instead, it works entirely independently of the VPN provider or implementation.

As more children use Virtual Reality (VR) apps, new research suggests that few parents understand VR technologies' security and privacy risks. According to the study, few parents actively address security and privacy issues. North Carolina State University researchers interviewed 20 parents with children under 18 who use VR apps.

Cornell Tech's Security, Trust, and Safety (SETS) Initiative will guide new teaching, research, engagement, and entrepreneurial activities aimed at addressing critical problems posed by unsafe digital technologies to societies globally. SETS will delve into topics, including foundational theory on computer security and privacy, as well as emerging threats to online safety. Industry practitioners must understand generative Artificial Intelligence (AI) as a vector for abuse and a way to mitigate it.

The Sysdig Threat Research Team (TRT) has discovered "LLMjacking," a new cyberattack that targets cloud-hosted Large Language Model (LLM) services using stolen cloud credentials. Attackers used a vulnerable version of Laravel to access these credentials. Previous discussions regarding LLM-based Artificial Intelligence (AI) systems have focused on prompt abuse and altering training data. The LLMjacking attack sought to sell LLM access to other cybercriminals, with the legitimate cloud account owner bearing the costs.

The US Cybersecurity and Infrastructure Security Agency (CISA) has announced a new project aimed at adding important information to CVE records in order to help organizations improve vulnerability management. The "Vulnrichment" project enriches public CVE records with Common Platform Enumeration (CPE), Common Vulnerability Scoring System (CVSS), Common Weakness Enumeration (CWE), and Known Exploited Vulnerabilities (KEV) data. CISA has already enriched 1,300 CVEs, especially new and recent ones.

At least 538,000 people affected by the Ohio Lottery Christmas Eve cyberattack are receiving data breach notification letters. Names, Social Security numbers, and other personal information were stolen. Although the Ohio Lottery did not disclose the nature of the incident, which disrupted mobile and prize-cashing operations, the "DragonForce" ransomware gang claimed responsibility days later. The threat actors say they encrypted devices and stole documents related to Ohio Lottery customers and employees.

Large Language Model (LLM) advancements are fueling social engineering scammers, posing a significant cybersecurity threat. As companies rush to adopt Artificial Intelligence (AI) technology, they increase cyber risk. Cybercriminals are using AI to create convincing social engineering attacks and generate misinformation. They can use AI tools to create fake personas and make themselves appear legitimate via social media, email, and live audio or video calls. Generative AI in social engineering is still relatively new, but it will soon shape cybercrime.

Fortinet says cybercriminals are taking advantage of the exponential growth in connected devices, new applications, and online services, which create new vulnerabilities. The company's latest semiannual report provides a snapshot of the active threat landscape from July to December 2023, including how quickly cybercriminals are using newly discovered exploits from across the cybersecurity industry. There was also a rise in targeted ransomware and wiper activity against the Operational Technology (OT) sector.

"Kimsuky," a North Korean threat actor, has used "Durian," a previously undocumented Golang-based malware, in attacks against two South Korean cryptocurrency firms. Durian has comprehensive backdoor functionality for command execution, file downloads, and file exfiltration. The August and November 2023 attacks used legitimate South Korean software as an infection pathway, but the exact mechanism used to manipulate the program is unknown. This article continues to discuss findings regarding Kimsuky's use of Durian malware against cryptocurrency firms. 

While there is widespread discourse surrounding deepfakes, the current state of Artificial Intelligence (AI)-generated synthetic media will appear archaic in contrast to the magnitude and complexity of what is to come. Kevin Mandia, CEO of Mandiant at Google Cloud, predicts that the next generation of more convincing and realistic deepfake audio and video will be mass-produced using AI technology within a matter of months. This article continues to discuss insights regarding AI-borne deepfakes.