Tag Archive for: started

iPhone Hacking: Notice sent to Apple, CERT-In has started probe: IT Secretary on hacking attempt threat notification row

/in


iPhone Hacking: The government’s cybersecurity agency CERT-In has started its investigation into the issue of the Apple threat notification received by several opposition MPs, and a notice has been sent to the company, IT Secretary S Krishnan said on Thursday.

The move assumes significance as the Minister of State for Electronics and IT Rajeev Chandrasekhar had earlier this week said that the government wants Apple to clarify if its devices are secure and why ‘threat notifications’ were sent to people in over 150 countries, given the company’s repeated claims about its products being designed for privacy.

The government will investigate the threat notifications and also Apple’s claims of being secure and privacy-compliant devices, Chandrasekhar had penned in a post on X (formerly Twitter) on Tuesday, after several opposition leaders claimed ‘state-sponsored’ attack notification were sent to them from Apple and the government ordered a probe.

IT Minister Ashwini Vaishnaw has categorically rejected the opposition’s attack on the government, saying “compulsive critics” were indulging in the politics of “distraction”, as they could not tolerate the country’s progress under the PM’s Narendra Modi leadership.
On Thursday, S Krishnan, Secretary, IT Ministry confirmed that notice has been sent to Apple.

“CERT-In has started its probe… They (Apple) will cooperate in this probe,” Krishnan told reporters on the sidelines of an event related to the Meity-NSF research collaboration.

Indian Computer Emergency Response Team or CERT-In is the national nodal agency for responding to computer security incidents as and when they occur.

Asked if a notice has been sent to Apple, the IT Secretary answered in the affirmative. Apple did not reply to an email by PTI seeking comments on the notice.

Several opposition leaders on Tuesday claimed they have received an alert from Apple warning them of “state-sponsored attackers trying to remotely compromise” their iPhones and alleged hacking by the government.

Those who received such notifications included Congress chief Mallikarjun Kharge, party leaders Shashi Tharoor, Pawan Khera, K C Venugopal, Supriya Shrinate, T S Singhdeo and Bhupinder S Hooda; Trinamool…

Source…

What is Antivirus software? Getting started with PC security

/in


As our lives become more and more digital, keeping our information and devices secure has become more important than ever. And that starts with good security software. An antivirus program is a piece of software that keeps your computer (or phone, tablet, etc.) safe from other software that tries to attack it. This includes detecting and blocking viruses, a very specific type of program, but also a wide variety of other digital threats.

PCWorld is constantly covering the latest news in viruses and other threats, and how to defend against them. For the best antivirus software in 2023, be sure to check out our extensive roundup of the best antivirus programs.

What is a computer virus?

To understand what antivirus software does, you need to know what a computer virus is. “Virus” in this context has a broad definition, but to put it simply, it’s a program that gets installed on your computer, then automatically spreads itself to other computers across a network or the internet, mimicking the spread of a biological virus spreading through an organism’s cells.

What precisely a virus does depends on the specific virus, but it’s never good. In the early days of personal computers, a lot of viruses were designed merely to damage your computer for the sake of pure mischief. The famous “ILOVEYOU” virus spread through email downloads and merely overwrote files on the hard drive with junk data, until the computer became unstable and had to be completely wiped.

Then there are viruses designed to take remote control of your computer, often without you realizing it, in order to create a secret network called a “botnet.” Botnets like MyDoom can be used to spread spam or scams, or attack other computers with distributed traffic designed to shut down web services.

Someone using a desktop PC

Dominik Tomaszewski / Foundry

But the most insidious and personally dangerous type of virus, and the more common one in the modern world, is designed to steal from users themselves. This can be done several ways. A “spyware” or “spybot” program searches the files on your computer for your personal information like login passwords or bank accounts, while “ransomware” locks…

Source…

The Hacking of ChatGPT Is Just Getting Started

/in


As a result, jailbreak authors have become more creative. The most prominent jailbreak was DAN, where ChatGPT was told to pretend it was a rogue AI model called Do Anything Now. This could, as the name implies, avoid OpenAI’s policies dictating that ChatGPT shouldn’t be used to produce illegal or harmful material. To date, people have created around a dozen different versions of DAN.

However, many of the latest jailbreaks involve combinations of methods—multiple characters, ever more complex backstories, translating text from one language to another, using elements of coding to generate outputs, and more. Albert says it has been harder to create jailbreaks for GPT-4 than the previous version of the model powering ChatGPT. However, some simple methods still exist, he claims. One recent technique Albert calls “text continuation” says a hero has been captured by a villain, and the prompt asks the text generator to continue explaining the villain’s plan.

When we tested the prompt, it failed to work, with ChatGPT saying it cannot engage in scenarios that promote violence. Meanwhile, the “universal” prompt created by Polyakov did work in ChatGPT. OpenAI, Google, and Microsoft did not directly respond to questions about the jailbreak created by Polyakov. Anthropic, which runs the Claude AI system, says the jailbreak “sometimes works” against Claude, and it is consistently improving its models.

“As we give these systems more and more power, and as they become more powerful themselves, it’s not just a novelty, that’s a security issue,” says Kai Greshake, a cybersecurity researcher who has been working on the security of LLMs. Greshake, along with other researchers, has demonstrated how LLMs can be impacted by text they are exposed to online through prompt injection attacks.

In one research paper published in February, reported on by Vice’s Motherboard, the researchers were able to show that an attacker can plant malicious instructions on a webpage; if Bing’s chat system is given access to the instructions, it follows them. The researchers used the technique in a controlled test to turn Bing Chat into a scammer that asked for people’s personal information….

Source…

Emotet Botnet Started Distributing Quantum and BlackCat Ransomware

/in


Emotet Botnet

The Emotet malware is now being leveraged by ransomware-as-a-service (RaaS) groups, including Quantum and BlackCat, after Conti’s official retirement from the threat landscape this year.

Emotet started off as a banking trojan in 2014, but updates added to it over time have transformed the malware into a highly potent threat that’s capable of downloading other payloads onto the victim’s machine, which would allow the attacker to control it remotely.

Although the infrastructure associated with the invasive malware loader was taken down as part of a law enforcement effort in January 2021, the Conti ransomware cartel is said to have played an instrumental role in its comeback late last year.

CyberSecurity

“From November 2021 to Conti’s dissolution in June 2022, Emotet was an exclusive Conti ransomware tool, however, the Emotet infection chain is currently attributed to Quantum and BlackCat,” AdvIntel said in an advisory published last week.

Typical attack sequences entail the use of Emotet (aka SpmTools) as an initial access vector to drop Cobalt Strike, which then is used as a post-exploitation tool for ransomware operations.

The notorious Conti ransomware gang may have dissolved, but several of its members remain as active as ever either as part of other ransomware crews like BlackCat and Hive or as independent groups focused on data extortion and other criminal endeavors.

Emotet Botnet

Quantum is also a Conti spin-off group that, in the intervening months, has resorted to the technique of call-back phishing – dubbed BazaCall or BazarCall – as a means to breach targeted networks.

“Conti affiliates use a variety of initial access vectors including phishing, compromised credentials, malware distribution, and exploiting vulnerabilities,” Recorded Future noted in a report published last month.

AdvIntel said it observed over 1,267,000 Emotet infections across the world since the start of the year, with activity peaks registered in February and March coinciding with Russia’s invasion of Ukraine.

CyberSecurity

A second surge in infections occurred between June and July, owing to the use by ransomware groups such as Quantum and BlackCat. Data captured by the cybersecurity firm shows that the most Emotet-targeted country is…

Source…