CISA Releases Recovery Script for Victims of ESXiArgs Ransomware | Jailbreak Trick Breaks ChatGPT Content Safeguards

The malware has affected thousands of VMware ESXi hypervisors in the last few days. [TechWeb]( Follow Dark Reading: [RSS]( February 09, 2023 LATEST SECURITY NEWS & COMMENTARY [CISA Releases Recovery Script for Victims of ESXiArgs Ransomware]( The malware has affected thousands of VMware ESXi hypervisors in the last few days. [Jailbreak Trick Breaks ChatGPT Content Safeguards]( Jailbreak command creates ChatGPT alter ego DAN, willing to create content outside of its own content restriction controls. [Toyota Global Supply Chain Portal Flaw Put Hacker in the Driver's Seat]( The automaker closed a hole that allowed a security researcher to gain system administrator access to more than 14,000 corporate and partner accounts and troves of sensitive data. [Scores of Redis Servers Infested by Sophisticated Custom-Built Malware]( At least 1,200 Redis servers worldwide have been infected with "HeadCrab" cryptominers since 2021. [Cyberattack on Fintech Firm Disrupts Derivatives Trading Globally]( The Russia-linked LockBit ransomware group claims to be behind the attack that fouled automated transactions for dozens of clients of financial technology firm ION Group. [Fresh, Buggy Clop Ransomware Variant Targets Linux Systems]( For the moment, victims can decrypt data without paying a ransom. But Clop is a ransomware variant that has caused havoc on Windows systems, so that's bound to change. [Crypto Drainers Are Ready to Ransack Investor Wallets]( Cryptocurrency drainers are the latest hot ticket being used in a string of lucrative cyberattacks aimed at virtual currency investors. [Lazarus Group Rises Again, to Gather Intelligence on Energy, Healthcare Firms]( An OpSec slip from the North Korean threat group helps researchers attribute what was first suspected as a ransomware attack to nation-state espionage. [Rising 'Firebrick Ostrich' BEC Group Launches Industrial-Scale Cyberattacks]( The group's wanton attacks demonstrate that business email compromise is everything a hacker can want in one package: low risk, high reward, quick, easy, and low effort. [Gigamon Exits NDR Market, Sells ThreatInsight Business to Fortinet]( Omdia has learned that Gigamon sold its ThreatInsight NDR business to Fortinet for approximately $31 million. The deal highlights what may be a pivot point for the NDR market. [Why ChatGPT Isn't a Death Sentence for Cyber Defenders]( Generative AI combined with user awareness training creates a security alliance that can let organizations work protected from ChatGPT. [It Isn't Time to Worry About Quantum Computing Just Yet]( Don't let something that's a decade away distract you from today's cyber threats. [How the Cloud Is Shifting CISO Priorities]( The greatly expanding attack surface created by the cloud needs to be protected. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [MITRE Releases Tool to Design Cyber-Resilient Systems]( Engineers can use the Cyber Resiliency Engineering Framework Navigator to visuzalize their cyber-resiliency capabilities. [Optimizing Cybersecurity Investments in a Constrained Spending Environment]( Three ways to stay safe in an economically uncertain 2023. [How Cybercriminals Are Operationalizing Money Laundering and What to Do About It]( It's time to share threat intelligence and prioritize digital literacy and cyber hygiene to stem the rising money laundering tide. [MORE]( EDITORS' CHOICE [Ongoing VMware ESXi Ransomware Attack Highlights Inherent Virtualization Risks]( The global assault on vulnerable VMware hypervisors may have been mitigated by updating to the latest version of the product, but patch management is only part of the story. LATEST FROM THE EDGE [Why CISOs Should Care About Brand Impersonation Scam Sites]( Enterprises often don't know whose responsibility it is to monitor for spoofed brand sites and scams that steal customers' trust, money, and personally identifiable information. LATEST FROM DR TECHNOLOGY [Cloud Apps Still Demand Way More Privileges Than They Use]( Hackers can't steal a credential that doesn't exist. WEBINARS - [The Importance of Bespoke Security]( In this webinar, you will hear from our subject matter experts, Hanah Darley, Head of Threat Research and Toby Lewis, Global Head of Threat Analysis. The discussion will cover the difference between media coverage of cyber threats compared with the ... - [Shoring Up the Software Supply Chain Across Enterprise Applications]( Modern-day software development depends heavily on third-party components, libraries, and frameworks. Attackers are increasingly targeting these software building blocks to compromise enterprise applications. In this webinar, experts discuss the ever-expanding software attack surface. Find out where potential attack vectors are ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( - [State of Email Security]( - [Ransomware Resilience and Response: The Next-Generation]( - [Ransomware Is On The Rise]( - [State of Ransomware Readiness: Facing the Reality Gap]( [View More White Papers >>]( FEATURED REPORTS - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [(ISC)² Makes Certified in Cybersecurity Exam Available in More Languages to Address Global Workforce Shortage]( [Corelight Expands Partnership With CrowdStrike to Provide Network Detection and Response Technology for CrowdStrike Services]( [Almost Half of Executives Expect a Rise in Cyber Events Targeting Accounting and Financial Data in Year Ahead]( [DataDome's Inaugural E-Commerce Holiday Bot & Online Fraud Report Reveals the U.S. as the Top Source of Bot Attacks]( [Financial Institutions Are Suffering From Increasingly Sophisticated Cyberattacks, According to Contrast Security]( [Valtix Survey: 95% of Organizations Say Multi-cloud Is a 'Strategic Priority' but Only 58% Have the Security Architecture to Support It]( [Consumer Watchdog Reports: CA Privacy Board OKs Landmark Personal Data Regulations, Some Key Protections Left Out]( [ARMO Integrates ChatGPT to Help Users Secure Kubernetes]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The Promise and Reality of Cloud Security]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)