Cybersecurity experts from the University of East Anglia and the University of Kent call for more attention to criminals creating their own Artificial Intelligence (AI) chatbots for hacking and scams. Malicious variants of Large Language Models (LLMs), the technology that drives AI chatbots such as ChatGPT, are emerging. WormGPT and FraudGPT are examples that can create malware, identify security flaws in systems, provide advice on how to scam people, support hacking, and more.

The University of Albany (UAlbany) will participate in a new national research consortium aimed at supporting and demonstrating approaches to developing safe and trustworthy Artificial Intelligence (AI). The Department of Commerce's National Institute of Standards and Technology (NIST) has established the US AI Safety Institute (AISIC), which will lead the US government's AI safety and trust efforts, specifically in evaluating and developing guardrails for advanced AI models.

According to National Cyber Director Harry Coker, the White House's main cybersecurity directorate will release a paper on memory-safe software development to encourage public and private sector programmers to adopt practices that prevent hackers from infiltrating systems by exploiting code vulnerabilities. Coker pointed out that memory safety bugs are some of the most dangerous vulnerabilities criminals seek to exploit. He adds that memory-safe coding languages prevent those errors from making it into production, but developers have been slow to adopt them.

Deepfake attacks that use "face swap" technology to evade remote identity verification increased by 704 percent in 2023, according to iProov's 2024 Threat Intelligence Report, "The Impact of Generative AI on Remote Identity Verification." Many deepfake-focused threat actors are increasing their sophistication with free and inexpensive face swap tools, virtual cameras, and mobile emulators. Generative AI has significantly improved threat actors' productivity levels.

Antonio Parata, a CrowdStrike security researcher, demonstrated how to use a signed Minifilter Driver in a Bring Your Own Vulnerable Driver (BYOVD) attack to terminate a specific process from the kernel. The BYOVD technique is often used by malware to terminate processes associated with security tools such as an Endpoint Detection and Response (EDR) solution. BYOVD is gaining popularity as attackers realize that terminating the EDR process is a better strategy than using obfuscation techniques to avoid the EDR solution.

RustDoor is a new Rust-based macOS malware distributed as a Visual Studio update. It provides backdoor access to compromised systems and uses infrastructure linked to the ALPHV/BlackCat ransomware group. The backdoor delivery campaign began in November 2023 and continues to distribute new variants of the malware. According to researchers at Bitdefender, the malware can run on Intel-based (x86_64) and ARM (Apple Silicon) architectures. This article continues to discuss findings regarding the new Rust-based macOS malware RustDoor.

The metaverse raises significant concerns, including those about cybersecurity. The metaverse is a three-dimensional (3D) virtual immersive environment in which users interact as avatars. According to the 2023 report "Exploring the Industrial Metaverse in Manufacturing" from Deloitte and the Manufacturing Leadership Council, 72 percent of manufacturers are most concerned about the cybersecurity risks associated with implementing metaverse-enabling technologies.

Livall, a smart ski and bike helmet maker, has fixed a security flaw that enabled easy real-time location tracking of a user wearing its helmets. The company makes Internet-connected helmets that allow groups of skiers or bike riders to communicate with one another via the helmet's built-in speaker and microphone, as well as share their real-time location in a friend group using Livall's smartphone apps.

According to Malwarebytes' recent State of Malware report, the rise of Ransomware-as-a-Service (RaaS) gangs such as LockBit and ALPHV was accompanied by a 68 percent increase in known ransomware attacks in 2023, reaching a new high. The total number of known cyberattacks was 4,475 in 2023. The US made up nearly half of the ransomware attacks. The UK was second with 7 percent of costly incidents, followed by Canada, Italy, and Germany with 4 percent each. According to the report, the LockBit gang demanded the highest ransom of the year, $80 million, following an attack on Royal Mail.

A new banking trojan called Coyote has targeted 61 banking institutions in Brazil. Researchers discovered that Coyote differs from other banking trojans of its kind because of its use of the open-source Squirrel framework for installing and updating Windows apps. Another differentiating factor is the shift from Delphi, which is popular among banking malware families targeting Latin America, to a relatively new multi-platform programming language called Nim. This article continues to discuss findings regarding the Coyote banking trojan.