Advanced threat actor UNC6148 is actively targeting SonicWall SMA 100 series appliances with sophisticated OVERSTEP backdoor malware, bypassing patches through stolen credentials.

#SecurityLand #BreachBreakdown #UNC6148 #Mandiant #GTIG #SonicWall #OVERSTEP

Read More: https://www.security.land/sonicwall-sma-100-series-targeted-by-advanced-backdoor-campaign/

#DPRK escalated #cyberthreat from #NorthKorea who are increasingly targeting #Europe in addition to the #UnitedStates, as identified by the #Google Threat #Intelligence Group (#GTIG).

#DPRK #IT workers employ sophisticated tactics such as posing as legitimate remote workers, using fabricated identities, and engaging in extortion by threatening leak sensitive company information, including proprietary #data and #sourcecode like #defense and government in #EU

https://cloud.google.com/blog/topics/threat-intelligence/dprk-it-workers-expanding-scope-scale?linkId=14819655

Google Threat Intelligence Group (GTIG) report: “Adversarial Misuse of Generative AI” details how threat actors (ATP and IO actors) are attempting to misuse Google’s Gemini web application and if these efforts have created any novel or unique AI-enabled attack techniques.

High level results: At this time, AI can be useful to threat actors for performing common tasks like troubleshooting, research, learning/training, and content generation. GTIG is indicating they are NOT seeing new or novel capabilities being created by threat actor activities with AI.

“Rather than enabling disruptive change, generative AI allows threat actors to move faster and at higher volume. For skilled actors, generative AI tools provide a helpful framework” … “For less skilled actors, they also provide a learning and productivity tool, enabling them to more quickly develop tools and incorporate existing techniques.”

DL report (PDF) here: https://services.google.com/fh/files/misc/adversarial-misuse-generative-ai.pdf

#AI #cybersecurity #Google #GTIG #LLMs #hackers #GenAI #Gemini