#AI #hack #cybersecurity

Learn more: https://cnews.link/ai-brain-hexstrike-runs-cyberattacks-on-its-own/

Mitä tuen päättyminen tarkoittaa yrityksille käytännössä?

https://nerdynet.com/windows-10-tuki-paattyy-lokakuussa-miksi-deadline-koskettaa-jokaista-yritysta/?utm_source=meta&utm_medium=social&utm_campaign=030725

Internet infrastructure company Cloudflare said it recently blocked the largest recorded volumetric distributed denial-of-service (DDoS) attack, which peaked at 11.5 terabits per second (Tbps).

In volumetric DDoS attacks, attackers overwhelm the target with massive amounts of data, consuming the bandwidth or exhausting system resources, leaving legitimate users with no access to the targeted servers and services.

“Cloudflare’s defenses have been working overtime. Over the past few weeks, we’ve autonomously blocked hundreds of hyper-volumetric DDoS attacks, with the largest reaching peaks of 5.1 Bpps and 11.5 Tbps,” the company said in a Tuesday tweet.

“Cloud Platform Exploitation Highlights Infrastructure Risks”. I kinda figured everybody was on this ship already. In fact it’s the perfect platform from which to launch. Of course, if things worked like they should then the owners of these cloud accounts would be notified that they have nasties.
Imagine what a PITA it would be to have to compromise hundreds of cloud accounts just to blow it all on one DDOS attack!

TLDR: Cloudflare successfully defended against a record-breaking 11.5 terabits per second DDoS attack that lasted just 35 seconds. The massive UDP flood originated primarily from compromised resources on Google Cloud Platform and set a new industry high for network bandwidth consumed by malicious traffic.

Read more at PCMag
bit.ly/462n0FQ

Anthropic Warns of Hacker Weaponizing Claude AI Like Never Before
The hacker ‘used AI to what we believe is an unprecedented degree’ by harnessing Claude to automate large parts of the data extortion campaign, Anthropic says.
https://uk.pcmag.com/ai/159759/anthropic-warns-of-hacker-weaponizing-claude-ai-like-never-before?fbclid=IwVERDUAMisXtleHRuA2FlbQIxMAABHrA56_3ddpHCBl-kKcw_WeQdPb58aws_XmAsoPqfhZi1DlyAzevrVdjAYY0w_aem_wx9RunK7D61DM9FH8g85vw

Tiedonhaku.fi-sivusto sisältää huonoa suomen kieltä ja linkkejä sijoitushuijaussivustoille.

Google sanoo tutkineensa sivuja, mutta ei ole löytänyt palveluissaan näytettäviä mainoksia.

Kyberturvallisuuskeskuksen asiantuntija neuvoo jättämään kyseenalaiset suositukset huomiotta.

Älä mene tälle sivustolle, jota Google sinulle suosittelee – vakava vaara
https://www.is.fi/digitoday/tietoturva/art-2000011446382.html

Noteworthy stories that might have slipped under the radar: communications of dozens of Iranian ships disrupted, only apps from verified developers will run on Android devices, and AI used across multiple phases of malicious attacks.

https://www.securityweek.com/in-other-news-iranian-ships-hacked-verified-android-developers-ai-used-in-attacks/

Google says the same OAuth token compromise that enabled Salesforce data theft also let hackers access a small number of Workspace accounts via the Salesloft Drift integration.

https://www.securityweek.com/google-confirms-workspace-accounts-also-hit-in-salesforce-salesloft-drift-data-theft-campaign/

Authorities say VerifTools sold fake driver’s licenses and passports worldwide, enabling fraudsters to bypass KYC checks and access online accounts.

https://www.securityweek.com/veriftools-fake-id-operation-dismantled-by-law-enforcement/

Proof-of-concept ransomware uses AI models to generate attack scripts in real time.

https://www.securityweek.com/promptlock-first-ai-powered-ransomware-emerges/