It wasn’t a great weekend for video game fans, as players of Diablo IV multiplayer role-playing game were greeted with an error message as it tried to connect to the servers of developer Blizzard. Read More
Graham Cluley
The all in one place for non-profit security aid.
It wasn’t a great weekend for video game fans, as players of Diablo IV multiplayer role-playing game were greeted with an error message as it tried to connect to the servers of developer Blizzard. Read More
Graham Cluley
Beware of BlackPlague Malware That Steals Discord Token & Telegram Sessions
Cybersecurity experts have identified a new strain of malware named “BlackPlague” that targets explicitly popular communication platforms Discord and Telegram.
This sophisticated malware is designed to steal user tokens and session data, posing a significant threat to the privacy and security of millions of users worldwide.
According to a report shared by MonThreat on social media, BlackPlague malware has been rapidly spreading, exploiting vulnerabilities in both Discord and Telegram.
BlackPlague Stealer Shared
A new stealer malware called BlackPlague, which is written in C# and continues to develop with Python for faster performance has been shared. BlackPlague stealer is claimed to be able to capture Discord tokens, Steam, Ubisoft, and Telegram sessions.… pic.twitter.com/c4y8aVfPLy
— ThreatMon (@MonThreat) May 21, 2024
ANYRUN malware sandbox’s 8th Birthday Special Offer: Grab 6 Months of Free Service
The malware infiltrates users’ systems and extracts sensitive information, including Discord tokens and Telegram session data.
Malicious actors can then use these tokens and session data to gain unauthorized access to user accounts, potentially leading to data breaches, identity theft, and other cybercrime.
The malware’s ability to bypass traditional security measures and its focus on widely-used communication platforms make it particularly dangerous.
Cybersecurity experts urge users to be vigilant and take proactive steps to protect their accounts.
This includes enabling two-factor authentication, regularly updating passwords, and being cautious about downloading files or clicking on links from unknown sources.
Cybersecurity professionals recommend several measures to safeguard personal information in light of the growing threat posed by BlackPlague.
Firstly, users should ensure that their software and applications are up-to-date, as updates often include patches for known vulnerabilities.
Additionally, robust antivirus and anti-malware solutions can help detect and neutralize threats before they cause harm.
Users are also advised to monitor their accounts for any unusual activity and report suspicious behavior to the respective platform’s support team.
By staying informed and adopting best practices for online security, individuals can significantly reduce the risk of falling victim to BlackPlague and other similar threats.
As the digital landscape continues to evolve, the importance of cybersecurity cannot be overstated.
The emergence of BlackPlague is a stark reminder of the ever-present dangers in the online world and the need for constant vigilance to protect personal and sensitive information.
Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers
The post Beware of BlackPlague Malware That Steals Discord Token & Telegram Sessions appeared first on Cyber Security News.
ChatGPT for Malware Analysis: Enhancing GPT’s Ability to Guide Malware Analyst
GPT excels in verbal thinking, skillfully choosing precise words for optimal responses. Understanding this key property is crucial, as much of its subsequent behavior stems from this ability.
This AI model taps into an extensive cheat sheet; any historical answer in its training data can be reproduced with strange accuracy.
Cybersecurity researchers at CheckPoint recently affirmed that security analysts could use ChatGPT for malware analysis by enhancing the GPT’s ability.
GPT may not recall answers that seem expected on its cheat sheet. For instance, in a malware analysis context, GPT struggled when a Google Scholar search failed to yield proof on the first page.
Speculating and completing a sentence about the search results led to a natural response failure.GPT excels in summarizing large inputs, showcasing its grammar understanding, and prioritizing key facts. Trustworthy in filtering the big picture, like summarizing extensive malware-related API call logs.
Here’s what GPT presented when asked to summarize the log:-
Malware-related API call log summary (Source – Checkpoint)
The sentence completion power of GPT enables remarkable logical reasoning, but caution is needed. Overloading it with complex and verbose conditions can lead to misunderstandings and forgotten requirements.
Applying GPT to malware analysis reveals oddly human-like challenges. Check Point said examples abound as GPT grapples with tasks categorized into broader challenges.
Here below, we have mentioned all the 6 general principal obstacles:-
Memory Window Drift: GPT breaks texts into tokens with a fixed window size. This limits large inputs, especially as the window moves beyond the initial conversation instructions. Then, it relies on second-hand task descriptions, losing information once it’s out of the window, and this stumbling block is a common challenge, even with API call logs.
Gap between Knowledge and Action: Feynman criticized memorization without understanding, a sentiment echoed in GPT challenges for malware analysis. Completing sentences isn’t enough; attention to knowledge integration is crucial. Problem-solving involves implicit questions, and accidentally hindering this process is a hurdle. Self-awareness acts as a failsafe, revealing gaps between knowledge and action, leading to other difficulties in GPT’s application.
Logical Reasoning Ceiling: In applying GPT to malware analysis, researchers discovered challenges in managing its logical reasoning capacity. Overcoming issues, three best practices emerged:-
Preferring lists over demanding a single ‘right answer’
Using terse instructions
Recognizing GPT’s varying capabilities in logical reasoning
Detachment from Expertise: GPT’s implicit web-weaving via sentence completion is powerful, but output quality may suffer if reason alone is forced. While basic characterizations are accurate in malware analysis, expert insights emphasize context, API call order, anti-analysis techniques, and tailored search strategies, challenging common wisdom and optimizing outcomes.
Goal Orientation: In tests, GPT often provided theoretically perfect but impractical advice, ignoring practical constraints. Triage tasks saw model recommendations emphasizing theoretical correctness over efficient solutions. GPT’s potential falls short when induced to focus solely on immediate input, hindering its ability to mimic the subtle work of a malware analyst.
Spatial Blindness: GPT demonstrated its distinct nature in malware analysis testing. Notably, its dependence on precisely configured prompts for effective Google searches revealed its unique behavior. In tasks like GandCrab, GPT struggled with poorly engineered prompts, requiring adjustments to induce a proper understanding.
Despite appearing trivial, these steps simulate a beginner analyst’s 3-day experience. The effort is necessary to guide GPT past potential obstacles in task processing.
Besides the focus on challenges, don’t overlook GPT’s main advantage:-
“It operates faster and more cost-effectively than a human analyst.”
Before embracing automation, ensuring GPT matches a newbie analyst in basic tasks is essential for future advancements.
Patch Manager Plus, the one-stop solution for automated updates of over 850 third-party applications: Try Free Trial.
The post ChatGPT for Malware Analysis: Enhancing GPT’s Ability to Guide Malware Analyst appeared first on Cyber Security News.
Cyber Security News
Examining the current state of security orchestration.
In this episode of CyberWire-X, N2K’s CSO, Chief Analyst, and Senior Fellow, Rick Howard, is joined by guest Rohit Dhamankar, Fortra’s Vice President of Product Strategy, and Hash Table member Steve Winterfeld, Akamai’s Advisory CISO. Rick, Rohit and Steve discuss CISO initiatives such as vendor consolidation, automation, and attack surface management as a way to determine if it’s possible to achieve both increased security maturity and decreased operational load. This session covers common mistakes when adopting security technologies, including the pros and cons of AI, and how to better collaborate together. Read More
The CyberWire