Several French government agencies have experienced "intense" cyberattacks. The description of the attacks aligns with that of Distributed Denial-of-Service (DDoS) attacks. According to the French government, the attack was carried out with familiar technical means but at an unprecedented level of intensity. Although DDoS incidents have been attributed to state-sponsored groups, the attack's simplicity prevents it from providing a long-term disruptive capability or a method for the attacker to infiltrate target networks.

Google recently revealed that it had awarded $10 million to 632 researchers from 68 countries in 2023 for finding and responsibly reporting security flaws in the company's products and services.  Though this is lower than the $12 million Google's Vulnerability Reward Program paid to researchers in 2022, the amount is still significant, showcasing a high level of community participation in Google's security efforts.

A team of researchers has developed ArtPrompt, a new approach for bypassing the safety measures built into Large Language Models (LLMs). According to the researchers' paper titled "ArtPrompt: ASCII Art-based Jailbreak Attacks against Aligned LLMs," users can make chatbots such as GPT-3.5, GPT-4, Gemini, Claude, and Llama2 respond to queries that are supposed to be rejected. The attack involves using ASCII art prompts generated by their ArtPrompt tool.

An experimental multiplayer online war game named "Tantalus," after a figure from Greek mythology, provides insightful data for real-world cyberattacks. Researchers at Sandia National Laboratories have used the game to study different conditions in cyberdeterrence strategies. The game is a human research study designed to collect data on how people's decisions during threatening situations affect national security.

Fintech firm EquiLend has recently started sending notification letters to its employees to inform them of a data breach resulting from a January 2024 ransomware attack.  On January 24, the company announced that some of its systems were taken offline due to “a technical issue” and that services would be disrupted for several days.  EquiLend confirmed the next day that a ransomware attack caused the disruption and was able to restore its client-facing services by February 5, but shared no details on the scope of the attack until now.

Security researchers at SpecterOps have developed a knowledge base repository for attack and defense techniques stemming from the improper setup of Microsoft's Configuration Manager (MCM). Improper setup could enable attackers to execute payloads or become domain controllers. MCM, formerly known as System Center Configuration Manager (SCCM, ConfigMgr), is used in many Active Directory (AD) environments to help administrators manage servers and workstations on a Windows network.

Despite its safeguards and safety protocols, Google's Gemini Large Language Model (LLM) is still vulnerable to attacks that could cause it to generate harmful content, reveal sensitive data, or perform malicious actions. Google Gemini, formerly known as Bard, is a multimodal Artificial Intelligence (AI) tool capable of processing and generating text, images, audio, video, and code. In a new study, HiddenLayer researchers discovered that they could manipulate Google's AI technology to generate election misinformation, cause it to leak system prompts, and more.

According to security researchers at Sophos, over three-quarters of cyber incidents impacted small businesses in 2023, with ransomware having the biggest impact on these firms.  The researchers noted that the notorious LockBit group made up the highest number of small business ransomware incidents handled by Sophos Incident Response last year, at 27.59%.  LockBit infections were considerably higher than the next highest groups: Akira (15.52%), BlackCat (13.79%), and Play (10.34%).

According to Japanese cybersecurity officials, the North Korea-affiliated Lazarus Group recently launched a supply chain attack on the PyPI software repository for Python apps. The threat actors uploaded malicious packages named "pycryptoenv" and "pycryptoconf," which are similar to the legitimate "pycrypto" encryption toolkit for Python. Developers who have downloaded the malicious packages onto their Windows machines are infected with a Trojan called "Comebacker." The malicious Python packages had been downloaded between 300 and 1,200 times.

A new banking Trojan called "CHAVECLOAK" targets Brazilian users through phishing emails with PDF attachments. According to Cara Lin, a Fortinet FortiGuard Labs researcher, the attack involves the PDF downloading a ZIP file and then executing the final malware using DLL side-loading techniques. Contract-themed DocuSign lures are used to trick users into opening PDF files with a button to read and sign the documents. Clicking the button triggers the retrieval of an installer file from a shortened remote link.