Cybercrooks Scrape OpenAI API Keys to Pirate GPT-4

With more than 50,000 publicly leaked OpenAI keys on GitHub alone, OpenAI developer accounts are the third-most exposed in the world. [TechWeb]( Follow Dark Reading: [RSS]( June 09, 2023 LATEST SECURITY NEWS & COMMENTARY [Cybercrooks Scrape OpenAI API Keys to Pirate GPT-4]( With more than 50,000 publicly leaked OpenAI keys on GitHub alone, OpenAI developer accounts are the third-most exposed in the world. [Easily Exploitable Microsoft Visual Studio Bug Opens Developers to Takeover]( The bug is very dangerous and impacts a big swath of the developer community, researchers warn. [Sophisticated 'Impulse Project' Crypto Scam Sprawls With 1,000 Affiliate Sites]( Ready-to-defraud turnkey services from Russia's Impulse Team are offered on the cyber underground and have built a campaign that has operated undetected dating back to 2016. [Barracuda Warns All ESG Appliances Need Urgent Rip & Replace]( Patching, wiping ESG devices not enough to deny threat actor access following compromise, Barracuda says. [60K+ Android Apps Have Delivered Adware Undetected for Months]( A campaign targeting mainly US users disguised malware in fake security software, game cracks, cheats, free Netflix, and other "modded" apps. [City of Dallas Still Clawing Back Weeks After Cyber Incident]( The Texas city's networks have returned to 90% functionality following the May 3 Royal ransomware attack. [Fighting AI-Powered Fraud: Let the Battle of the Machines Begin]( As cybercriminals tap the power of machine learning and generative AI to outwit fraud-detection systems, online fraud-prevention technologies must evolve accordingly. [The Growing Cyber Threats of Generative AI: Who's Accountable?]( In the wrong hands, malicious actors can use chatbots to unleash sophisticated cyberattacks that could have devastating consequences. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [US Aerospace Contractor Hacked With 'PowerDrop' Backdoor]( Hackers used a little to do a lot, cracking a high-value target with hardly more than the living-off-the-land tools (PowerShell especially) found on any standard Windows computer. [Cyber Essentialism & 'Doing Less With Less']( Cybersecurity benefits from a focus on the vital few chores rather than the trivial many. Find the "right things" to encourage strategic thinking, then move the culture needle to promote that policy. [Top macOS Malware Threats: Here Are 6 to Watch]( Apple's growing market share — in a shrinking PC market — and the growing use of Golang for malware development is pushing a gradual increase in malicious tools targeting macOS environments. [MORE]( EDITORS' CHOICE [Cl0p Claims the MOVEit Attack; Here's How the Gang Did It]( A researcher guides Dark Reading through the most important bits of Cl0p's latest exploit. LATEST FROM DR GLOBAL [Cybersecurity Institute to Open in Saudi Arabia]( The Global Cybersecurity Forum branch, which will be in Riyadh, is meant to enable the exchange of ideas and facilitate international projects and partnerships. LATEST FROM THE EDGE [How Do I Reduce Security Tool Sprawl in My Environment?]( When it comes to tool consolidation, focus on platforms over products. LATEST FROM DR TECHNOLOGY [2 Lenses for Examining the Safety of Open Source Software]( Improving the security of open source repositories while keeping malicious components out requires a combination of technology and people. WEBINARS - [The Future is CNAPP: Cloud Security From Prevention To Threat Detection]( Cloud-native development introduces unique attack vectors that are challenging to identify and are evolving rapidly. Join us as we take a deeper look into common cloud attack paths in the wild and discuss strategies for how to combat them before ... - [Mastering Endpoint Security: The Power of Least Privilege]( Join us at one of our upcoming live and interactive events we will explore the critical role of least privilege in endpoint security, how it helps to systematically strengthen organization's security posture, and provides a solid foundation for endpoint security ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Ultimate Guide to the CISSP]( - [Welcome to Modern Web App Security]( - [Adopting a Defense-in-Depth Approach to IT Security]( - [Cybersecurity Maturity Model Certification (CMMC) Version 1.02]( - [The Cloud Security Workflow Handbook]( - [2023 Cloud Threat Report]( - [Rediscovering Your Identity]( [View More White Papers >>]( FEATURED REPORTS - [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... - [How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment]( Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ... - [Successfully Managing Identity in Modern Cloud and Hybrid Environments]( Cloud promised to simplify the security and management of enterprise systems. In many ways it has, but when it comes to identity management it's as complicated as ever. This report details how to get identity programs on track -- and ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [BioCatch Strengthens Collaboration With Microsoft Cloud for Financial Services]( [BeyondID Launches Initiative to Accelerate Zero Trust With Okta Identity Engine]( [Radiflow's CIARA 4.0 Delivers Actionable Insights to Simplify the Management of OT Cyber-Risk at Industrial Facilities]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)