ChatGPT Browser Extension Hijacks Facebook Business Accounts

Between March 3 and March 9, at least 2,000 people a day downloaded the malicious "Quick access to ChatGPT" Chrome extension from the Google Play app store Between March 3 and March 9, at least 2,000 people a day downloaded the malicious "Quick access to ChatGPT" Chrome extension from the Google Play app store [TechWeb]( Follow Dark Reading: [RSS]( March 13, 2023 LATEST SECURITY NEWS & COMMENTARY [ChatGPT Browser Extension Hijacks Facebook Business Accounts]( Between March 3 and March 9, at least 2,000 people a day downloaded the malicious "Quick access to ChatGPT" Chrome extension from the Google Play app store. [BlackLotus Secure Boot Bypass Malware Set to Ramp Up]( BlackLotus is the first in-the-wild malware to exploit a vulnerability in the Secure Boot process on Windows, and experts expect copycats and imminent increased activity. [Legal Industry Faces Double Jeopardy as a Favorite Cybercrime Target]( Hackers are increasingly tantalized by the troves of sensitive data held by lightly protected law firms and legal services organizations. [Unpatched Zero-Day Bugs in Smart Intercom Allow Remote Eavesdropping]( A video-enabled smart intercom made by Chinese company Akuvox has major security vulnerabilities that allow audio and video spying, and the company has so far been unresponsive to the discoveries. [Pig Butchering & Investment Scams: The $3B Cybercrime Threat Overtaking BEC]( A novel take on investment scams mixes romance and the lure of crypto riches to con targets out of "the whole hog" of their assets. [Make Sure Your Cybersecurity Budget Stays Flexible]( CISOs' ability to pivot tight budgets is key to defense plans that can stand up to attackers. [And the Cyberattack Goes to ... Fans of Oscar-Nominated Films]( With the rise of cybercriminals targeting online piracy, this year's Oscar-nom fans need to be especially careful not to download malicious files while attempting to watch popular films for free. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Inside Threat: Developers Leaked 10M Credentials, Passwords in 2022]( More than five out of every 1,000 commits to GitHub included a software secret, half again the rate in 2021, putting applications and businesses at risk. [How to Jump-Start Your Cybersecurity Career]( With more than 700,000 cybersecurity jobs available, now is a good time to consider a career change. [5 Critical Components of Effective ICS/OT Security]( These agile controls and processes can help critical infrastructure organizations build an ICS security program tailored to their own risk profile. [MORE]( EDITORS' CHOICE [US Lawmakers Face Cyberattacks, Potential Physical Harm After DC Health Link Breach]( The threat actor who posted the data for sale has claimed credit for multiple other breaches, including one at grocery platform Weee! that exposed data on more than 1.1 million customers. LATEST FROM THE EDGE [Proposed FCC Rule Redefines Data Breaches for Communications Carriers]( If the proposed rule is approved, organizations would need to disclose all data breaches, even ones that don't cause any harm, to affected customers. LATEST FROM DR TECHNOLOGY [3 Ways Security Teams Can Use IP Data Context]( Innocently or not, residential proxy networks can obscure the actual geolocation of an access point. Here's why that's not great and what you can do about it. WEBINARS - [How Applications Are Attacked: A Year in Application Security]( Cloudflare sees up to 61 million requests per second, meaning we have an unprecedented view into Internet trends like application attacks and API traffic, and automated bot activity. We have put that incredible visibility to use by profiling a year of ... - [ChatGPT: Defending Your Business Against AI-Supercharged Ransomware]( This webinar will dig into the ways criminals are projected to take advantage of ChatGPT and other AI tools to improve the reach and effectiveness of their ransomware attacks. The session will conclude with a review of a 12-step plan ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Evaluator's Guide for Managed Detection and Response (MDR) Services]( - [The Relationship Between Security Maturity and Business Enablement]( - [Why Account Security Doesn't Stop at Login]( - [Securing OT, Remote Access and Converged SOC Operations]( - [Top Three Considerations To Build, Deploy, and Run Your Application Journey]( - [Top 5 ASM Use Cases Every Security Team Must Embrace Now]( - [Attack Surface Management v2.0 by Brad LaPorte]( [View More White Papers >>]( FEATURED REPORTS - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... - [2022 State of Network Management (a $499 Value FREE)]( We surveyed networking professionals about their networking budgets, spending priorities, and concerns. Find out how big of a role security is playing and how they plan to address it. Download the report today! [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Avast Introduces Avast One Platinum]( [Forrester Study Reveals Businesses Are Insufficiently Prepared to Manage Enterprise Risks]( [Keeper Security Issues Top 5 Cybersecurity Tips for 2023 College Basketball Tournament]( [ThreatBlockr Announces Partnership With Engaged Security Partners]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The Promise and Reality of Cloud Security]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)