2 min read
Articles of interest from the week of February 27, 2023
John Frasier Mar 2, 2023 7:39:36 AM
Users Looking for ChatGPT Apps Get Malware Instead
The massive popularity of OpenAI’s chatbot ChatGPT has not gone unnoticed by cybercriminals: they are exploiting the public’s eagerness to experiment with it to trick users into downloading Windows and Android malware and visiting phishing pages. (Help Net Security)
“Like any “Next Big Thing,” ChatGPT can count among its ardent admirers a number of con-artists and criminals who are unabashedly attempting to make money by association with it.
– Jason Ingalls, Founder & CEO at Ingalls Information Security
GoDaddy Source Code Stolen as Part of a Multiyear Campaign
GoDaddy’s source code was stolen and systems were infected with malware by an unknown threat actor in a breach of the web hosting company linked to a multiyear campaign.
The company, responding to customer complaints about intermittent site redirects starting in early December 2022, discovered unauthorized access to its cPanel shared hosting servers. (Cybersecurity Dive)
Pepsi Bottling Ventures Suffers Data Breach
Pepsi Bottling Ventures, the largest bottlers of Pepsi beverages in the US, has reported a data breach affecting the personal information of employees, including financial account information, state and federal government-issued ID numbers, driver’s license numbers, ID cards, social security numbers, and digital signatures. (CSO)
PlugX Trojan Disguised as Legitimate Windows Debugger Tool in Latest Attacks
The PlugX remote access trojan has been observed masquerading as an open-source Windows debugger tool called x64dbg in an attempt to circumvent security protections and gain control of a target system.
"This file is a legitimate open-source debugger tool for Windows that is generally used to examine kernel-mode and user-mode code, crash dumps, or CPU registers," Trend Micro researchers said in a report published last week. (The Hacker News)
US Warns of Cyberattacks by Russia on Anniversary of Ukraine War
The US Cybersecurity and Infrastructure Security Agency has issued an advisory urging organizations to increase cybersecurity vigilance today, the anniversary of Russia’s invasion of Ukraine, in the wake of a cyberattack against several Ukrainian government websites.
"The United States and European nations may experience disruptive and defacement attacks against websites in an attempt to sow chaos and societal discord," the CISA advisory said. (CSO)
CISA Releases Decider Tool to Help with MITRE ATT&CK Mapping
CISA released Decider, a free tool to help the cybersecurity community map threat actor behavior to the MITRE ATT&CK framework. Created in partnership with the Homeland Security Systems Engineering and Development Institute™ (HSSEDI) and MITRE, Decider helps make mapping quick and accurate through guided questions, a powerful search and filter function, and a cart functionality that lets users export results to commonly used formats. (CISA)