"The Eighth Annual Denver Cybersecurity Summit connects C-Suite & Senior Executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. Admission gives you access to all Interactive Panels, Discussions, Catered Breakfast, Lunch & Cocktail Reception."
Microsoft has discovered a new method for jailbreaking Large Language Model (LLM) Artificial Intelligence (AI) tools and has revealed its continued efforts to improve LLM safety and security. Microsoft described the "Crescendo" LLM jailbreak method in a recent paper, delving into how an attacker can send a series of seemingly benign prompts to gradually lead a chatbot, such as OpenAI's ChatGPT, Google's Gemini, Meta's LlaMA, or Anthropic's Claude, to deliver output that the LLM model would normally filter and refuse.
A team of researchers at Pohang University of Science and Technology (POSTECH) significantly advanced online security by integrating an Artificial Intelligence (AI)-based metasurface with oblique helicoidal cholesteric liquid crystals. The continued development of digital technology calls for greater security for personal data online. Encryption systems are critical to the stability of Internet communication and serve as the foundation for online privacy.
A social engineering attack has compromised a third-party provider responsible for handling telephony for Cisco's Duo Multi-Factor Authentication (MFA) service. Cisco Duo customers have been warned to be on the lookout for follow-on phishing attacks. Customers were notified that the company handling SMS and VOIP MFA messaging traffic for Cisco Duo had been breached on April 1. The threat actor allegedly used compromised employee credentials, and once inside the service provider's systems, they downloaded SMS logs for specific users.
The OpenJS Foundation has thwarted a "credible takeover attempt" similar to the one that resulted in a backdoor being put in the open source XZ Utils package by someone called "Jia Tan." The malicious maintainer achieved that position through a successful long-term social engineering campaign. Lasse Collin, the project's author and primary maintainer, was convinced to share the duty of keeping the project running smoothly.
"The Second Annual Austin Cybersecurity Summit connects C-Suite & Senior Executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. Admission gives you access to all Interactive Panels, Discussions, Catered Breakfast, Lunch & Cocktail Reception."
"DSI’s 5th Annual Digital Forensics for National Security Symposium will provide a forum for the DoD, federal government, intelligence agencies, industry, and academia to discuss how digital forensics tools and technologies are supporting their efforts to identify, detect, investigate, prevent, and bring justice to increasingly sophisticated criminal activities."
"Transform Finance is bringing together the top thinkers in the Carolinas and surrounding areas to get a deep look into the latest trends, challenges and the technology emerging to help stay vigilant against bad actors. Come together in the second largest financial hub in the US as we come together and explore how to stay vigilant in 2024. With expert led panels, interactive workshops and many opportunities for networking the 2024 Charlotte event is the place to learn about the latest in fighting economic crime."
Over the past decade, the NCCC has become one of the premier training events for law enforcement investigators, prosecutors, and forensic examiners in the world. The 2024 National Cyber Crime Conference will be held from April 23 through April 25. The event will feature hundreds of sessions on diverse digital evidence and cybercrime topics delivered by the top experts in the field.
The threat actor known as "TA558" has been using steganography as an obfuscation method in the delivery of a variety of malware, including Agent Tesla, FormBook, Remcos RAT, LokiBot, GuLoader, Snake Keylogger, XWorm, and more. Positive Technologies reported that the group used steganography extensively, sending VBSs, PowerShell code, and RTF documents containing an embedded exploit, inside images and text files. The campaign has been dubbed "SteganoAmor" due to its use of steganography and choice of file names.