According to the Financial Services Information Sharing and Analysis Center (FS-ISAC), generative Artificial Intelligence (AI) provides significant business and cybersecurity benefits to financial companies, but cyber threats related to the technology remain a concern. Threat actors can use generative AI to create malware. Skilled cybercriminals can exfiltrate information from or poison Large Language Models (LLMs) that train generative AI. Using corrupted outputs can have serious legal, reputational, and operational effects on financial institutions.

Security flaws discovered in Dormakaba's Saflok electronic RFID locks used in hotels could be exploited by malicious actors to forge keycards and sneak into locked rooms. When combined, the vulnerabilities, collectively named "Unsaflok," enable an attacker to unlock all rooms in a hotel with a single pair of forged keycards. Full technical details about the vulnerabilities have not yet been shared due to their potential impact. The flaws affect over three million hotel locks across 13,000 properties in 131 countries.

The video game company Activision is investigating a hacking campaign aimed at stealing players' credentials. Aside from stealing passwords for various types of accounts, it is unclear what the hackers' specific goals are. The malware campaign appears to have been discovered first by Zebleer, a developer and seller of cheating software. Zebleer described the effort as an "infostealer malware campaign," in which malware disguised as legitimate-looking software is unknowingly installed by the victim and steals their usernames and passwords.

The US Department of the Treasury has issued a warning about the cybersecurity risks posed by Artificial Intelligence (AI) to the financial sector. The report, based on Presidential Executive Order 14110 on the "Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence," also makes a number of recommendations for financial institutions on how to mitigate these risks.

A phishing campaign called "Operation FlightNight" involves phishing lures disguised as invitation letters from the Indian Air Force. The malicious campaign has targeted Indian government entities, including agencies for electronic communications, Information Technology (IT) governance, and national defense. The phishing emails carry an ISO file containing malware as well as a shortcut file (LNK) appearing to be the PDF invitation letter. When opened, it executes the hidden malware while displaying a decoy document that was most likely stolen in a previous intrusion and repurposed.

A campaign involving an updated version of "TheMoon" malware has targeted End-of-Life (EoL) small business routers and Internet of Things (IoT) devices through a cybercriminal proxy service called "Faceless." Lumen Technologies' Black Lotus Labs team discovered that TheMoon malware, which first appeared in 2014, was working quietly while growing to over 40,000 bots from 88 countries by January and February this year. Black Lotus Labs first described the malware in 2019 and noted that it is in a new phase.

Hot Topic recently announced that attackers targeted Hot Topic Rewards accounts in automated attacks using login information obtained from an unknown source.  The company said that it determined that unauthorized parties launched automated attacks against its website and mobile application on November 18-19 and November 25, 2023, using valid account credentials (e.g., email addresses and passwords) obtained from an unknown third-party source.

Point32Health, the second-largest health insurer in Massachusetts, has recently revealed that the personal information of more than 2.8 million individuals was stolen in a ransomware attack in April 2023.

The US Department of Energy (DOE) recently announced a $15 million investment in university-based electric power centers to bolster cybersecurity in the energy sector.  The DOE says the funding will go to six universities selected by the Office of Cybersecurity, Energy Security, and Emergency Response (CESER), which will partner with industry stakeholders and the DOE National Laboratories for cybersecurity research and training development.