Researchers at the cybersecurity company ESET have observed what they believe to be a dismantling of the Mozi botnet, which has infiltrated over a million Internet of Things (IoT) devices globally. During an investigation of the botnet, the researchers claim to have seen the "sudden demise" of Mozi. Mozi is a peer-to-peer IoT botnet that hijacks home routers and digital video recorders through the abuse of weak telnet passwords and known exploits.

Faculty and Ph.D. students at the Rochester Institute of Technology's (RIT) ESL Global Cybersecurity Institute identified problems regarding generative hate speech in Google's PaLM2 Large Language Model (LLM), which drives Bard. These issues show the fundamental limitations of LLMs. The team pointed out that despite LLMs being deployed for the general population, there are no proper guardrails in place to ensure that they are not used to generate hate speech and other harmful content.

Information Technology (IT) security experts have developed a new method to monitor nuclear disarmament treaties. They created a mechanism that uses radio waves to remotely monitor if any changes are being made in a specific room. The researchers describe the approach's robustness and security in the journal Nature Communications.

A study conducted by faculty and students at the University of Chicago and the University of Maryland uncovered tensions and breakdowns in the sociotechnical infrastructure of emergency remote learning that have compromised the privacy and data of elementary school students. The team of researchers explored how remote learning affected teachers, parents, and PreK-6 students regarding privacy and security. The study aims to better prepare decision-makers to address these problems before another crisis occurs.

HP Wolf Security has found fake malware designed to lure would-be cybercriminals into compromising their own devices. The cybersecurity company came across the operation during a routine examination of the web's dark corners for its third quarter report. It exposed the attackers who were hosting fake Remote Access Trojans (RATs) on GitHub in an attempt to trick inexperienced cybercriminals into infecting their own computers.

An Iranian nation-state threat actor, tracked as Scarred Manticore, primarily targets government, military, and telecommunications sectors in Saudi Arabia, the United Arab Emirates, Jordan, Kuwait, Oman, Iraq, and Israel. According to researchers at Check Point, one of the companies investigating the group's ongoing espionage campaign, Scarred Manticore has conducted secret operations in Middle Eastern countries over the past few years, infiltrating telecommunications and government entities to systematically exfiltrate data from their systems.

The threat group KillNet is selling a new Distributed Denial-of-Service (DDoS) tool that could encourage more cybercriminals to conduct DDoS attacks. The launch of the new tool, which can be rented for a day, a week, or a month, coincides with a 65 percent increase in HTTP DDoS attacks in the three months ending in September. SOCRadar analysts observed KillNet advertising its new "DDoS-for-hire" service on Telegram.

F5 has issued a warning to BIG-IP administrators about "skilled" hackers compromising devices by exploiting two recently disclosed vulnerabilities to hide their access and stealthily execute code. F5 BIG-IP is a suite of products and services that offer load balancing, security, and performance management for networked applications. Large companies and government organizations have widely adopted the platform, which makes any product vulnerability a significant concern. This article continues to discuss the F5 BIG-IP flaws being exploited by hackers in stealthy attacks.

State-sponsored threat actors from the Democratic People's Republic of Korea (DPRK) have been targeting blockchain engineers of an unnamed cryptocurrency exchange platform through Discord with macOS malware named KANDYKORN. According to Elastic Security Labs, the activity dating back to April 2023 overlaps with Lazarus Group, based on an analysis of the network infrastructure and techniques used. Researchers reported that the threat actors used a Python application to lure blockchain engineers in order to gain initial access to the environment.

Attackers are using new wiper malware called BiBi-Linux in attacks against Israeli companies to destroy their data. During a forensics investigation of a breach at an Israeli company, the Security Joes Incident Response team discovered the malware. According to Security Joes researchers, the malware is an x64 ELF executable without obfuscation or protection measures. It enables attackers to specify target folders and, if executed with root permissions, could destroy an entire operating system.