Pennsylvania's state courts agency recently announced that it never received a ransom demand as part of a cyberattack that briefly shut down some of its online services earlier this month.  The agency said the attack was a DDoS attack on the Administrative Office of Pennsylvania Courts website, which disabled some online portals and systems that were all fully restored this week.  The agency noted that the attack didn't compromise any data or stop the courts from operating on a normal schedule.

Prudential Financial has recently disclosed a cybersecurity breach.  The breach on February 5, 2024, involved unauthorized access to certain company systems.  In a filing with the US Securities and Exchange Commission (SEC) on February 12, 2024, Prudential said it immediately activated its cybersecurity incident response protocol and is working with external experts to investigate and mitigate the incident.  Prudential suspects the involvement of a cybercrime group.

A new report from Menlo Security reveals that 55 percent of all generative Artificial Intelligence (AI) inputs include sensitive and Personally Identifiable Information (PII). Menlo Security's "The Continued Impact of Generative AI on Security Posture" report analyzed employee usage of generative AI and the security risks this usage poses to organizations. New platforms and features have grown in popularity, but they have also introduced new cybersecurity risks to businesses. One example from the report showed an 80 percent increase in attempted file uploads to generative AI websites.

Researchers have discovered two new vulnerabilities in open-source Wi-Fi software that enable attackers to trick victims into connecting to malicious clones of trusted networks, intercept their traffic, and join networks without a password. Top10VPN collaborated with security researcher Mathy Vanhoef to uncover the new Wi-Fi authentication vulnerabilities and has shared details now that they have been patched. This article continues to discuss the potential exploitation and impact of the Wi-Fi authentication vulnerabilities.

The U.S. State Department is offering rewards of up to $10 million for information that could lead to the identification or location of ALPHV/Blackcat ransomware gang leaders.  An additional $5 million bounty is also available for tips on individuals trying to take part in ALPHV ransomware attacks, likely to discourage affiliates and initial access brokers.  The ransomware gang conducted over 60 breaches worldwide during its first four months of activity between November 2021 and March 2022.

According to a new report from the communications infrastructure provider Zayo Group, Distributed Denial-of-Service (DDoS) attacks are becoming longer and more expensive. Research has found that the average length of an attack increased by over 400 percent between the first and fourth quarters of last year, from 24 minutes to 121 minutes. In 2023, the average DDoS attack lasted 68 minutes, with impacted organizations paying an average of $5,896 per minute for a total average cost of $407,727.

Group-IB researchers have discovered a new iOS Trojan dubbed GoldPickaxe.iOS that steals facial recognition data and identity documents, as well as intercepts SMS. The Trojan has been attributed to GoldFactory, a Chinese-speaking threat actor responsible for developing a suite of highly sophisticated banking Trojans. The threat actor exploits the stolen biometric data by using Artificial Intelligence (AI) face-swapping services to create deepfakes that replace their faces with those of the victims.

According to security researchers at Chainalysis, just over $22bn worth of cryptocurrency was laundered in 2023, a 30% drop from the previous year, with nefarious actors switching techniques to stay hidden from investigators.  The researchers claimed that some of the decline in crypto-money laundering could be explained by an overall decrease in crypto-transaction volumes during the same period.  The researchers noted that centralized exchanges remain the main destination for funds sent from illicit addresses, as they have for the past five years.

Microsoft recently warned that a newly addressed vulnerability in Exchange Server has been actively exploited in attacks.  Tracked as CVE-2024-21410 (CVSS score of 9.8), the critical severity flaw is described as a privilege escalation issue that allows attackers to mount pass-the-hash attacks.  According to Microsoft, an attacker could exploit the bug to relay a user's Net-NTLMv2 hash against a vulnerable server and authenticate as that user.

With funding from Google, the Technical University of Munich (TUM) is launching seven new research projects to address critical questions at the intersection of cybersecurity and Artificial Intelligence (AI). These projects focus on the data security risks of general-purpose AI models, patterns of cyberattacks on Large Language Models (LLMs), and more. For example, one of the projects aims to better understand how attacks on LLMs work, what triggers them in LLMs, and how they can be prevented. This article continues to discuss the new TUM research projects on cybersecurity and AI.