A known ransomware group known as Snatch claims to have breached the systems of Kraft Heinz, but the food giant says it's unable to verify the cybercriminals' allegations.  The ransomware group publicly named Kraft Heinz on its website on December 14, but the post appears to have been created on August 16, which indicates that the attack occurred months ago.  Kraft Heinz said it's investigating claims of a cyberattack that occurred several months ago.

A ChatGPT vulnerability, described in a new report by a group of researchers from Google DeepMind, Cornell University, Carnegie Mellon University (CMU), UC Berkeley, ETH Zurich, and the University of Washington, exposes random training data that can be triggered only by telling the chatbot to repeat a specific word forever. According to the researchers, when ChatGPT is made to repeat a word such as "poem" or "part" forever, it will do so for a few hundred repetitions, then it will have a meltdown and begin outputting random text.

A well-known technique for lattice basis reduction has been improved by two researchers, unlocking new avenues for practical cryptography and mathematics experiments. Cryptography is essential for security in our increasingly digital lives. When sending a private message or paying a bill online, algorithms designed to keep this information private are critical. Some people seek to unveil those secrets, so researchers must work to put these systems to the test to ensure they can withstand sophisticated attacks.

The US Senate recently confirmed Harry Coker as the next National Cyber Director serving in the White House’s Office of the National Cyber Director (ONCD).  Coker previously served as executive director of the NSA and held various leadership positions in the CIA.  The role of National Cyber Director was established in 2021 after the massive SolarWinds hack came to light.  The ONCD will advise President Biden on cybersecurity policy and strategy.  

According to Zscaler's ThreatLabz 2023 State of Encrypted Attacks Report, most cyberattacks involve malware being hidden in encrypted web traffic. The spread of cyber threats through encrypted (HTTPS) web traffic is increasing year after year. It increased by 24 percent in 2023 compared to 2022. According to researchers at Zscaler,  this would amount to around 30 billion blocked threats. The report shows that 86 percent of cyberattacks now occur through encrypted channels. Malicious web content, malware payloads, and macro-based malware are all examples of encrypted malware.

Corvus Insurance recently did a study and found that threat actors are switching tactics to compromise their victims with ransomware, with more attacks now exploiting vulnerabilities rather than using phishing emails.  The insurer analyzed claims data from this year to better understand threat actor activity.  The insurer claimed that vulnerability exploitation rose as an initial access method from nearly 0% of ransomware claims in H2 2022 to almost a third in the first half of 2023.

According to new Sophos X-Ops research, ransomware gangs use media coverage of attacks to increase pressure on victims to meet their demands. An analysis conducted by Sophos X-Ops emphasized that ransomware groups and the media now have a closer relationship, suggesting that while hackers have traditionally been secretive, some now see the potential in using their publicity to strengthen extortion techniques.

The Department of Energy's (DOE) Pacific Northwest National Laboratory (PNNL) has established the Center for AI @ PNNL to coordinate the pioneering research of hundreds of scientists working on various projects focusing on science, security, and energy resilience. With the availability of generative Artificial Intelligence (AI), which allows almost anyone to produce sophisticated text and images with just a small amount of data, AI use has surged.

The Gaza Cyber Gang, a pro-Hamas threat actor, is targeting Palestinian entities with an updated version of the Pierogi backdoor. SentinelOne named the malware Pierogi++ because it is written in the C++ programming language, unlike its Delphi- and Pascal-based predecessor. According to security researcher Aleksandar Milenkoski, recent Gaza Cyber Gang activities show constant targeting of Palestinian entities, with no significant changes in dynamics since the start of the Israel-Hamas war.

Dell is urging customers of its PowerProtect products to review a newly released security advisory and patch a series of potentially serious vulnerabilities.  Dell noted that the vulnerabilities impact PowerProtect Data Domain (DD) series appliances, which are designed to help organizations protect, manage, and recover data at scale.  APEX Protect Storage, PowerProtect DD Management Center, PowerProtect DP series appliances, and PowerProtect Data Manager appliances are also affected.