Researchers say the specialized OT malware has similarities with Industroyer, which was used to take down power in Kiev, Ukraine, in 2016
Related Posts
AT&T faces lawsuits over data breach affecting 73 million customers
AT&T faces lawsuits over data breach affecting 73 million customers
AT&T is facing multiple class-action lawsuits following the company’s admission to a massive data breach that exposed the sensitive data of 73 million current and former customers. […] Read More
BleepingComputer
Seattle Public Library Website offline Following Ransomware Attack
Seattle Public Library Website offline Following Ransomware Attack
Seattle Public Library (SPL) experienced a ransomware attack that significantly disrupted its technology systems.
This incident occurred just one day before the Library had planned to take its systems offline for scheduled maintenance over the Memorial Day weekend.
Impact on Library Services
The ransomware attack has affected various services, including access to staff and public computers, the online catalog and loaning system, e-books and e-audiobooks, in-building Wi-Fi, and the Library’s website at www.spl.org.
As a result, patrons are currently unable to access these services.
Upon discovering the ransomware event, the Library promptly engaged third-party forensic specialists and contacted law enforcement. The Library took its systems fully offline to interrupt the attack and assess its nature and impact.
The investigation is ongoing, and the Library is working diligently with external partners to determine the extent of the disruption and restore full functionality to its systems.
Ensuring the privacy and security of patron and employee information remains a top priority.
All-in-One Cybersecurity Platform for MSPs to provide full breach protection with a single tool, Watch a Full Demo
The Library has not yet provided an estimated time for resolution but will continue to update patrons as progress is made.
The Library expressed regret for the inconvenience caused and emphasized its commitment to securing and restoring its systems.
Continued Access to Physical Materials
Despite the challenges posed by the ransomware attack, the Seattle Public Library remains open and continues to lend print books and other physical materials.
Patrons are encouraged to visit the Library to check out physical books, CDs, and DVDs using paper forms.
Although placing new holds is impossible, patrons can still pick up holds already on the shelves.
The Library advises visitors to bring their physical or library card number.
Due to the inability to check physical materials back into the catalog, the Library asks patrons to hold onto their borrowed items a bit longer.
The Library does not charge daily late fines for overdue materials; due dates will be updated once systems are back online.
Patrons should expect delays as the Library manages a backlog of returned and newly delivered items.
The Seattle Public Library will introduce a new summer hours schedule at several locations across the city beginning Thursday, June 20.
This schedule aims to better meet community needs during the summer months without significantly altering the Library’s total operating hours systemwide.
The library’s blog and the Hours and Locations page provide more information about the summer hours schedule.
The Green Lake Branch, a historically landmarked Carnegie building, is temporarily closed for a seismic retrofit and other major renovations.
The branch is expected to reopen in the summer of 2024.
The project, funded by the 2019 Library Levy, includes a comprehensive structural upgrade, accessibility improvements, a new HVAC system, and interior modernization.
These enhancements will make the Green Lake Branch safer and better equipped to serve the community while preserving its historical significance.
The Seattle Public Library works tirelessly to address the ransomware attack and restore its technology systems.
In the meantime, the Library remains committed to serving the community by providing access to physical materials and maintaining open hours.
Patrons are encouraged to stay informed through the Library’s updates and to continue utilizing the available services.
Get special offers from ANY.RUN Sandbox. Until May 31, get 6 months of free service or extra licenses. Sign up for free.
The post Seattle Public Library Website offline Following Ransomware Attack appeared first on Cyber Security News.
Vigil: Open-source Security Scanner for LLM Models Like ChatGPT
Vigil: Open-source Security Scanner for LLM Models Like ChatGPT
An open-source security scanner, developed by Git Hub user Adam Swanda, was released to explore the security of the LLM model. This model is utilized by chat assistants such as ChatGPT.
This scanner, which is called ‘Vigil’, is specifically designed to analyze the LLM model and assess its security vulnerabilities. By using Vigil, developers can ensure that their chat assistants are safe and secure for use by the public.
As the name suggests, a large language model can understand and create any language. LLMs learn these skills by using huge amounts of data to learn billions of factors during training and by using a lot of computing power while they are studying and running.
Vigil Tool
If you want to ensure the safety and security of your system, Vigil is a useful tool for you. Vigil is a Python module and REST API that can help you identify prompt injections, jailbreaks, and other potential threats by evaluating Large Language Model prompts and responses against various scanners.
The repository also includes datasets and detection signatures, making it easy for you to begin self-hosting. With Vigil, you can rest assured that your system is secure and protected.
Currently, this application is in alpha testing and should be considered experimental.
Document
Protect Your Storage With SafeGuard
Is Your Storage & Backup Systems Fully Protected? – Watch 40-second Tour of SafeGuard
StorageGuard scans, detects, and fixes security misconfigurations and vulnerabilities across hundreds of storage and backup devices.
ADVANTAGES:
Examine LLM prompts for frequently used injections and inputs that present risk.
Use Vigil as a Python library or REST API
Scanners are modular and easily extensible
Evaluate detections and pipelines with Vigil-Eval (coming soon)
Available scan modules
Supports local embeddings and/or OpenAI
Signatures and embeddings for common attacks
Custom detections via YARA signatures
To protect against known attacks, one effective approach is using a Vigil to prompt injection technique. This method involves detecting known techniques used by attackers, thereby strengthening your defense against the more common or documented attacks.
Prompt Injection When an attacker generates inputs to manipulate a large language model (LLM), the LLM becomes vulnerable and unknowingly carries out the attacker’s aims.
This can be done directly by “jailbreaking” the prompt on the system or indirectly by manipulating external inputs, which may result in social engineering, data exfiltration, and other problems.
If you want to load the vigil by appropriate datasets for embedding the model with the loader.py utility.
The set scanners examine the submitted prompts; every one can help with the ultimate identification. Scanners are:
Vector database
YARA / heuristics
Transformer model
Prompt-response similarity
Canary Tokens
Experience how StorageGuard eliminates the security blind spots in your storage systems by trying a 14-day free trial.
The post Vigil: Open-source Security Scanner for LLM Models Like ChatGPT appeared first on Cyber Security News.
Cyber Security News