Szolgáltatóknak

Despite the absence of laws specifically covering AI-based attacks, regulators can use existing rules around fraud and deceptive business practices.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The company's data loss prevention platform helps customers identify and classify data across SaaS and GenAI applications, endpoints, and emails.

After reviewing the Top 10 Not So Common SSH Usernames and Passwords [ 1] published by Johannes 2 weeks ago, I noticed activity by one in his list that we don't really know what it is. Beginning 12 October 2024, my DShield sensor started storing one of the usernames mentioned in his diary that I had never seen before (I have over a year of data). The username chenzilong has been used with 5 different passwords including, some combination with the same username. So far, this account activity has been used with 302 different IPs.

The “Jumpy Pisces” cyberespionage group appeared to provide initial access for ransomware deployment.

RDP is one of the most prominent entry points into networks. Ransomware actors have taken down many large networks after initially entering via RDP. Credentials for RDP access are often traded by “initial access brokers".

The National Security Memorandum on Artificial Intelligence tasks various federal agencies with securing the AI supply chain from potential cyberattacks and disseminating timely threat information about such attacks.

The Russian-backed group is using a novel access vector to harvest victim data and compromise devices in a large-scale intelligence-gathering operation.

Threat actors are using an Android malware payload to pull off an elaborate social-engineering scam.