We reveal ChatGPT's dark side and the latest attack news
In this edition
- Major European insurance company warns cyberattack coverage may be infeasible
- ChatGPT's dark side: Cybercriminals create malware, target victims using revolutionary AI tool
- Popular DevOps tool ‘Git’ patches critical zero-day flaws
- Honeypots record millions of data breach attempts in a one-month period
Feature Article
Honeypots record millions of data breach attempts in a one-month period
Ransomware insights
Ransomware attacks by threat group for January 2023:
177 results were detected on the Cybersixgill Investigative Platform in January, in comparison with 216 results in December.
The Lockbit ransomware gang were
responsible for 37% of ransomware attacks in January 2023.Lockbit, one of the most notorious
ransomware groups of 2022, first emerged in September 2019 as Ransomware-as-a-Service (RaaS) operation, with Russian linked origins. Lockbit is known for their double extortion tactics to compel ransomware victims to pay a ransom to regain access to their encrypted file.
The top CVE’s this month based on Cybersixgill’s data
1.
CVE-2022-23529
This flaw has a DVE score of 9.9. This vulnerability can lead to Remote Code Execution (RCE) when a server verifies a maliciously crafted JSON web token (JWT) request from version 8.5.1 up to (excluded) 9.0.0.
CVSS: 3.1
DVE: 9.9
2.
CVE-2022-47966
Current DVE score of 9.9. This vulnerability allows an unauthenticated adversary to execute code on a system.
CVSS: 3.1
DVE: 9.9
3.
CVE-2022-41082
This vulnerability holds a current DVE score of 10. It refers to a vulnerability in Microsoft Exchange Server Remote Code Execution.
CVSS: 3.1
DVE: 10
Malware insights
The most mentioned malware for January 2023:
In January, Emotet malware had the highest number of mentions on the underground (over 2,700) according to the Cybersixgill Investigative Portal.
Emotet is a malware that was first discovered in 2014 and has since evolved into one of the most sophisticated and dangerous threats to computer networks. It primarily spreads through spam emails containing malicious attachments or links that, when opened, infect the user’s device and network.
Live from the newsroom
How Telegram became the battlefront of the Russia-Ukraine cyberwar
See DetailsHere's how healthcare companies are using artificial intelligence to enhance cybersecurity
See Details