| Newsletter | https://news.risky.biz/tag/seriously-risky-business/ |
| Podcasts | https://risky.biz/feeds/risky-business-news |
| @tomatospy |
@tomatospy @thegrugq 'why do cyber attacks have to be mean?'
It's as if The Grugq had his own Ueshiba epiphany. According to the stories, that's how he gave up fighting and created Aikido.
Interesting premise and great discussion btw
@mdh @GossiTheDog @euroinfosec
Yes. That’s right, Google https://cloud.google.com/blog/topics/threat-intelligence/adversarial-misuse-generative-ai and OpenAI https://cdn.openai.com/threat-intelligence-reports/influence-and-cyber-operations-an-update_October-2024.pdf have said that it is being used.
These reports are both based on examining how AI models are being used.
My guess is the disconnect arises because from an incident response perspective use of AI tools is not obvious.
[Chinese] APTs Behaving Badly
"We'd describe 'acceptable behaviour' as being targeted at national security rather than economic interests, carrying out proportionate operations and avoiding unnecessary harm to third parties. Many cyber actors, including the US and allies, generally adhere to these behaviours, but others, including Chinese actors, do not."
[...]
"Mass deployment of malware is unacceptable because it causes unnecessary collateral damage — not the done thing for a responsible state program. To make matters worse, once Sophos had cottoned on to the intrusions, Guan and his colleagues allegedly altered their malware to make it more damaging, in a kind of scorched earth policy. If victims attempted to remove the malware, it would deploy encryption from the Ragnarok ransomware variant. We have no idea why attackers would do this or what benefit they would get from torching their victims’ infrastructure.."
Via @tomatospy - https://news.risky.biz/fcc-to-demand-telcos-improve-security/
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edition is sponsored by Proofpoint. You can hear a podcast discussion of this newsletter by searching for
This week's Seriously Risky Business is out:
- China v World in cyber security reports
- US Fedgov situation normal: gaping security holes
- DoJ outs Russian social media manipulation
Or read here:
https://news.risky.biz/china-vs-world-cyber-security-reporting-duel/
This week's Seriously Risky Business:
- When it is good business to hack your customers
- When state actors drop turds on the way out
- Drawing a line with indictments
Or read here:
https://news.risky.biz/when-regulation-encourages-isps-to-hack-their-customers-2/
This week's Seriously Risky Business:
- When it is good business to hack your customers
- When state actors drop turds on the way out
- Drawing a line with indictments
Or read here:
https://news.risky.biz/when-regulation-encourages-isps-to-hack-their-customers-2/
The latest Seriously Risky Business is out.
I write about:
- how cyber command is like a half-ripe melon
- how scattered spider is like Hollywood
- and why TikTok's influence report is too little, too late
Or read here:
https://news.risky.biz/tiktok-manipulation-report-is-too-little-too-late/
Wombatadon
Sven Herpig
