Large Language Model (LLM) advancements are fueling social engineering scammers, posing a significant cybersecurity threat. As companies rush to adopt Artificial Intelligence (AI) technology, they increase cyber risk. Cybercriminals are using AI to create convincing social engineering attacks and generate misinformation. They can use AI tools to create fake personas and make themselves appear legitimate via social media, email, and live audio or video calls. Generative AI in social engineering is still relatively new, but it will soon shape cybercrime.

Fortinet says cybercriminals are taking advantage of the exponential growth in connected devices, new applications, and online services, which create new vulnerabilities. The company's latest semiannual report provides a snapshot of the active threat landscape from July to December 2023, including how quickly cybercriminals are using newly discovered exploits from across the cybersecurity industry. There was also a rise in targeted ransomware and wiper activity against the Operational Technology (OT) sector.

"Kimsuky," a North Korean threat actor, has used "Durian," a previously undocumented Golang-based malware, in attacks against two South Korean cryptocurrency firms. Durian has comprehensive backdoor functionality for command execution, file downloads, and file exfiltration. The August and November 2023 attacks used legitimate South Korean software as an infection pathway, but the exact mechanism used to manipulate the program is unknown. This article continues to discuss findings regarding Kimsuky's use of Durian malware against cryptocurrency firms. 

While there is widespread discourse surrounding deepfakes, the current state of Artificial Intelligence (AI)-generated synthetic media will appear archaic in contrast to the magnitude and complexity of what is to come. Kevin Mandia, CEO of Mandiant at Google Cloud, predicts that the next generation of more convincing and realistic deepfake audio and video will be mass-produced using AI technology within a matter of months. This article continues to discuss insights regarding AI-borne deepfakes.  

A study conducted by researchers at Washington State University found that higher education cybersecurity programs vary greatly there has been little research on the instructional methods behind their curriculums. The review examined programs at 100 US institutions designated by the National Security Administration as National Centers of Academic Excellence in Cybersecurity.

Dell Technologies has recently sent notices to millions of customers warning that data, including full names and physical addresses, was stolen during a security incident. Dell Technologies did not provide details on the breach beyond a brief statement mentioning an incident involving a Dell portal, which contains a database with limited types of customer information. The notice sent to customers said the hacked database contained very basic customer data related to purchases from Dell.

A Chrome 124 update released by Google recently patches a zero-day vulnerability that has an exploit that exists in the wild. The zero-day is tracked as CVE-2024-4671, and it has been described by Google as a high-severity use-after-free bug in the Visuals component. Google did not mention any information on the attacks exploiting the vulnerability. Chrome 124.0.6367.201/.202 for Mac and Windows and Chrome 124.0.6367.201 for Linux contain the patch for CVE-2024-4671. According to Google, this is the second Chrome vulnerability of 2024 that has been exploited in malicious attacks.

Ascension, a non-profit that runs one of the largest healthcare systems in the United States, is trying to contain a significant cyberattack currently causing disruption and “downtime procedures” at hospitals nationwide. The St Louis healthcare giant said computer systems affected include electronic health records, the MyChart patient communication portal, certain phone systems, and systems used for ordering tests, procedures, and medications. The company discovered the hack on May 8th.

Two US healthcare providers have recently announced serious cybersecurity incidents in which patient information was accessed. DocGo provides mobile medical services and transportation in 26 states and the UK. The firm revealed that it recently identified unauthorized activity on its network.