By code or by command, cybercriminals are circumventing ethical and safety restrictions to use generative AI chatbots in the way that they want.
Follow Dark Reading:
 September 14, 2023
LATEST SECURITY NEWS & COMMENTARY
ChatGPT Jailbreaking Forums Proliferate in Dark Web Communities
By code or by command, cybercriminals are circumventing ethical and safety restrictions to use generative AI chatbots in the way that they want.
MGM Resorts Cyberattack Hobbles Las Vegas Strip Operations
Hospitality behemoth struggles to recover following a Sunday cyber incident that looks a lot like a ransomware attack.
'Scattered Spider' Behind MGM Cyberattack, Targets Casinos
The ransomware group is a collection of young adults who also recently breached Caesars Entertainment and made a ransom score in the tens of millions.
Microsoft Azure HDInsight Plagued With XSS Vulnerabilities
To boot, the technology could be riddled with other flaws via its Apache services components, a security vendor says.
Attackers Abuse Google Looker Studio to Evade DMARC, Email Security
Cyberattackers are tapping the legitimacy of the Web-based data-visualization tool in a campaign aimed at stealing credentials and defrauding hundreds of business users.
Critical Security Bug Opens Cisco BroadWorks to Complete Takeover
Cyberattackers could exploit CVE-2023-20238 to carry out a variety of nefarious deeds, from data theft and code execution to phishing, fraud, and DoS.
Microsoft IDs Security Gaps that Let Threat Actors Steal Signing Key
China's Storm-0558 accessed user emails at some 25 enterprise organizations earlier this year using forged tokens.
When LockBit Ransomware Fails, Attackers Deploy Brand-New '3AM'
Nothing good happens after 2 a.m., they say, especially when hackers have two kinds of ransomware at their disposal.
Apple Hit By 2 No-Click Zero-Days in Blastpass Exploit Chain
Researchers at Citizen Lab recommend immediately updating any iPhones and iPads to the latest OSes.
Overcoming the Rising Threat of Session Hijacking
Passkeys and multifactor authentication aren't enough for combating infostealer malware, which can exfiltrate corporate data before anyone knows an attack happened.
Cybersecurity Skills Gap: Roadies & Gamers Are Untapped Talent
Gamers and former sound engineers and roadies can help boost the cybersecurity talent pool. Their flexible mindset and attention to detail make them valuable resources.
How New SEC Rules Can Benefit Cybersecurity Teams
Securities and Exchange Commission rules elevate cybersecurity to a critical strategic concern and compel businesses to prioritize cyber resilience.
Does Generative AI Comply With Asimov's 3 Laws of Robotics?
Putting the top 10 generative AI tools to the ethical test reveals more about humanity than artificial intelligence.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
3 Strategies to Defend Against Resurging Infostealers
Infostealer incidents have more than doubled recently, making it critical to bolster your defenses to mitigate this growing threat.

The Double-Edged Sword of Cyber Espionage
State-sponsored attacks are alarming and difficult to prevent, but they suffer from a fundamental weakness that can be leveraged by defenders.

Navigating Rwanda's New Data Protection Law
As the law's October 2023 transition deadline approaches, it's critical for organizations doing business in Rwanda to understand its requirements and implications.

MORE
EDITORS' CHOICE
Microsoft Patches a Pair of Actively Exploited Zero-Days
Five critical bugs, zero-days exploited in the wild, Exchange Server, and more headline Microsoft's September 2023 Patch Tuesday release. Here's what to patch now.
LATEST FROM THE EDGE

Being Flexible Can Improve Your Security Posture
Changing your approach when you realize you could be more efficient pays dividends, especially in six areas of your cybersecurity program.
LATEST FROM DR TECHNOLOGY

IBM Adds Data Security Broker to Encrypt Data in Multiclouds
The data security broker from Baffle brings field- and file-level encryption of sensitive data to new IBM Cloud Security Compliance Center.
LATEST FROM DR GLOBAL

Iranian APT Hits US Aviation Org via ManageEngine, Fortinet Bugs
Known security vulnerabilities in the enterprise products allowed unauthorized access through a public-facing application, US Cyber Command said.
WEBINARS
  • Cyber Risk Assessment Secrets From the Pros

    Executives want to know whether they should worry about an attack that hit another organization. They worry how safe they are from a breach. But it can be difficult for security teams to quantitatively measure risk, or even say with ...

  • The Threat Hunter's Playbook: Mastering Cloud Defense Strategies

    Secure your spot now for this unforgettable cybersecurity adventure, filled with real-world examples, best practices, and expert insights from our threat research team. Level up your cloud security defense. When you attend this webinar, you will hear from the Sysdig's ...
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Claroty Unveils Vulnerability & Risk Management Capabilities to Elevate Risk Reduction for Cyber-Physical Systems
NordVPN Launches Sonar to Prevent Phishing Attacks
World Security Report Finds Physical Security Incidents Cost Companies USD $1T in 2022
Cloudflare Announces Unified Data Protection Suite to Address Risks of Modern Coding and Increased AI Use
Google and Acalvio Partner to Deliver Active Defense to Protect Customers From Advanced Threats
MORE PRODUCTS & RELEASES
CURRENT ISSUE

Where and When Automation Makes Sense for Enterprise Security
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |   Informa Tech  |   Privacy Statement   |   Terms & Conditions  |  Contact Us