Artificial intelligence behaving badly? Or just tastelessly? Third-party risks. Signs that the advantage may be tilting toward the defender.
Social engineering with generative AI. Mylobot and BHProxies. PureCrypter is deployed against government organizations and staged through Discord. Dish Network reports disruption. Third-party app and software as a service risk. Further assessments of the cyber phase of Russia's war so far, with warnings to stay alert. Are tough times coming in gangland? Comments on NIST's revisions to its Cybersecurity Framework are due this Friday. AJ Nash from ZeroFox on Mis/Dis/and Malinformation. Rick Howard digs into Zero Trust. And get this—AI is writing science fiction!
Selected reading.
Social engineering with generative AI. (CyberWire)
Who’s Behind the Botnet-Based Service BHProxies? (KrebsOnSecurity)
Mylobot: Investigating a proxy botnet (Bitsight)
PureCrypter targets government entities through Discord (Menlo Security)
PureCrypter malware hits govt orgs with ransomware, info-stealers (BleepingComputer)
Uncovering the Risks & Realities of Third-Party Connected Apps: 2023 SaaS-to-SaaS Access Report (Adaptive Shield)
Ukraine war anniversary likely to bring ‘disruptive’ cyberattacks on West, agencies warn (Global News)
How the Ukraine War Has Changed Russia’s Cyberstrategy (Foreign Policy)
A year of wiper attacks in Ukraine (WeLiveSecurity)
Russia's yearlong cyber focus on Ukraine (Axios)
A year after Russia's invasion, cyberdefenses have improved around the world (Washington Post)
One year on, how is the war playing out in cyberspace? (WeLiveSecurity)
The Russia-Ukraine cyber war: one year later (IT World Canada)
Russia launched large-scale operations in cyberspace alongside war (euronews)
WSJ News Exclusive | Hackers Extort Less Money, Are Laid Off as New Tactics Thwart More Ransomware Attacks (Wall Street Journal)
AI-generated fiction is flooding literary magazines — but not fooling anyone (The Verge)