Brian Krebs writes: WormGPT, a private new chatbot service advertised as a way to use Artificial Intelligence (AI) to write malicious software without all the pesky prohibitions on such activity enforced by the likes of ChatGPT and Google Bard, has started adding restrictions of its own on how the service can be used. Faced with customers trying to…
Category: Malware
Researchers find active campaigns exploiting two Kubernetes misconfigurations
Steve Zurier reports: Aqua Security on Tuesday reported that at least 60% of the Kubernetes clusters they researched were breached and had an active campaign with deployed malware and backdoors. In a release Aug. 8, Aqua Nautilus researchers explained that the exposures were caused by two misconfigurations, which emphasized how known and unknown misconfigurations are…
Oregon Sports Medicine allegedly hit by 8Base threat actors
Oregon Sports Medicine was added to 8Base’s leak site today. No files or filetree was offered as any proof of claims, but the threat actors claim that they acquired: Invoice Receipts Accounting documents Personal data Certificates Employment contracts A huge amount of confidential information Confidentiality agreements Personal files of patients Another The listing indicates that…
Il: Cyberattack shuts down Bnei Brak hospital’s computers
JNS reports: Mayanei Hayeshua Medical Center in Bnei Brak was hit by a cyberattack on Monday night, Israel’s Health Ministry announced on Tuesday morning. The hospital’s administrative computers were shut down in what was described as a ransomware attack. The ultra-Orthodox hospital, located east of Tel Aviv, said medical equipment was not affected by the…
HC3: Sector Alert: Rhysida Ransomware
August 4, 2023 TLP:CLEAR Report: 202308041500 Executive Summary Rhysida is a new ransomware-as-a-service (RaaS) group that has emerged since May 2023. The group drops an eponymous ransomware via phishing attacks and Cobalt Strike to breach targets’ networks and deploy their payloads. The group threatens to publicly distribute the exfiltrated data if the ransom is not…
Pt: SESARAM confirms cyberattack on region’s health service, suspends non-urgent activity Monday
Iolanda Chaves reports (machine translated): SESARAM has just issued a statement confirming the occurrence of a “deliberate and malicious cyberattack with the sole objective of causing damage and disrupting the normal functioning of the Regional Health Service of the Autonomous Region of Madeira”. “The internal functioning of SESARAM is thus affected, compromising some areas”, underlines…