SneakyPrompt is a new algorithm developed by a team of researchers that generates commands to circumvent the safety filters of text-to-image generative Artificial Intelligence (AI) models such as DALL-E 2 and Midjourney. The goal of this study is to find ways to improve those safeguards in the future. The algorithm's creators, which include researchers from Johns Hopkins University in Baltimore and Duke University in Durham, North Carolina, will present their findings at the IEEE Symposium on Security and Privacy in San Francisco in May 2024.

More than 250 organizations recently participated in GridEx VII, the seventh edition of the biennial exercise focusing on the security of the electrical grid in the United States and Canada.  GridEx is organized by the Electricity Information Sharing and Analysis Center (E-ISAC) at the North American Electric Reliability Corporation (NERC) and is the largest grid security exercise in North America.  GridEx VII's main focus was testing crisis response and recovery plans for cyber and physical threats targeting the electrical grid.

A team of researchers from MIT, the MIT-IBM Watson AI Lab, and other organizations developed a method for deep learning models to efficiently adapt to new sensor data directly on an edge device, thus increasing security and more. Personalized deep learning models can power Artificial Intelligence (AI) chatbots that adapt to understand a user's accent, as well as smart keyboards that regularly update to better predict the next word based on a user's typing history. This customization requires constant Machine Learning (ML) model fine-tuning with new data.

According to Check Point researchers, the Russia-linked cyber espionage group Gamaredon has been spreading a worm called LitterDrifter through USB attacks against Ukraine. Gamaredon, also known as Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa, has been active since 2014, with most of its activity focused on Ukraine. The Gamaredon Advanced Persistent Threat (APT) group continues targeting entities in Ukraine, including security services, military, and government organizations.

The LummaC2 stealer malware, also known as Lumma Stealer, now includes a new anti-sandbox technique that uses the mathematical principle of trigonometry to avoid detection and exfiltrate valuable data from infected hosts. The method is supposed to "delay detonation of the sample until human mouse activity is detected," according to Outpost24 security researcher Alberto Marn. LummaC2, which is written in the C programming language, has been sold in underground forums since December 2022.

Cybersecurity researchers at Abnormal Security have uncovered a charity attack exploiting the ongoing events in Gaza and Israel.  The researchers noted that cybercriminals targeted 212 individuals across 88 organizations, attempting to manipulate sympathy for children in Palestine to solicit fraudulent donations.  The attackers, posing as a group from “help-palestine.com,” urged recipients to contribute to a campaign supposedly providing vital support to families in Palestine.

A months-long review of non-public data gathered by investigative journalists at Reuters has confirmed previous reports linking an Indian hack-for-hire group to numerous and sometimes disruptive cyber espionage and surveillance incidents against individuals and entities around the world. The New Delhi-based group known as Appin does not exist anymore, at least in its original form or branding. The group's operatives hacked into computers belonging to business executives, politicians, military officials, and other high-value individuals for several years, starting around 2009.

According to Zscaler, despite significant security concerns, organizations feel pressured to use generative Artificial Intelligence (AI) tools. Based on a survey of over 900 global Information Technology (IT) decision makers, while 89 percent of organizations view generative AI tools such as ChatGPT as a potential security risk, 95 percent already use them in some form within their businesses.

Employees' personal information was recently stolen in a ransomware attack targeting a Philippines subsidiary of Yamaha Motor.  The incident, the Japanese mobility and industrial giant says, occurred on October 25 and only impacted one server managed by Yamaha Motor Philippines, the company's motorcycle manufacturing and sales subsidiary in the country.  The company noted that the server was accessed without authorization by a third party and hit by a ransomware attack.

A team of researchers demonstrated that under certain conditions, passive network attackers can recover secret RSA keys from naturally occurring errors resulting in failed SSH connection attempts. SSH is a cryptographic network protocol for secure communication used in remote system access, file transfers, and system administration tasks. RSA is a public-key cryptosystem used in SSH for user authentication, and it involves a private, secret key to decrypt communication encrypted with a public, shareable key.