ChatGPT Jailbreaking Forums Proliferate on Dark Web | MGM Resorts Cyberattack Hobbles Las Vegas Strip Operations

By code or by command, cybercriminals are circumventing ethical and safety restrictions to use generative AI chatbots in the way that they want. [TechWeb]( Follow Dark Reading: [RSS]( September 14, 2023 LATEST SECURITY NEWS & COMMENTARY [ChatGPT Jailbreaking Forums Proliferate in Dark Web Communities]( By code or by command, cybercriminals are circumventing ethical and safety restrictions to use generative AI chatbots in the way that they want. [MGM Resorts Cyberattack Hobbles Las Vegas Strip Operations]( Hospitality behemoth struggles to recover following a Sunday cyber incident that looks a lot like a ransomware attack. ['Scattered Spider' Behind MGM Cyberattack, Targets Casinos]( The ransomware group is a collection of young adults who also recently breached Caesars Entertainment and made a ransom score in the tens of millions. [Microsoft Azure HDInsight Plagued With XSS Vulnerabilities]( To boot, the technology could be riddled with other flaws via its Apache services components, a security vendor says. [Attackers Abuse Google Looker Studio to Evade DMARC, Email Security]( Cyberattackers are tapping the legitimacy of the Web-based data-visualization tool in a campaign aimed at stealing credentials and defrauding hundreds of business users. [Critical Security Bug Opens Cisco BroadWorks to Complete Takeover]( Cyberattackers could exploit CVE-2023-20238 to carry out a variety of nefarious deeds, from data theft and code execution to phishing, fraud, and DoS. [Microsoft IDs Security Gaps that Let Threat Actors Steal Signing Key]( China's Storm-0558 accessed user emails at some 25 enterprise organizations earlier this year using forged tokens. [When LockBit Ransomware Fails, Attackers Deploy Brand-New '3AM']( Nothing good happens after 2 a.m., they say, especially when hackers have two kinds of ransomware at their disposal. [Apple Hit By 2 No-Click Zero-Days in Blastpass Exploit Chain]( Researchers at Citizen Lab recommend immediately updating any iPhones and iPads to the latest OSes. [Overcoming the Rising Threat of Session Hijacking]( Passkeys and multifactor authentication aren't enough for combating infostealer malware, which can exfiltrate corporate data before anyone knows an attack happened. [Cybersecurity Skills Gap: Roadies & Gamers Are Untapped Talent]( Gamers and former sound engineers and roadies can help boost the cybersecurity talent pool. Their flexible mindset and attention to detail make them valuable resources. [How New SEC Rules Can Benefit Cybersecurity Teams]( Securities and Exchange Commission rules elevate cybersecurity to a critical strategic concern and compel businesses to prioritize cyber resilience. [Does Generative AI Comply With Asimov's 3 Laws of Robotics?]( Putting the top 10 generative AI tools to the ethical test reveals more about humanity than artificial intelligence. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [3 Strategies to Defend Against Resurging Infostealers]( Infostealer incidents have more than doubled recently, making it critical to bolster your defenses to mitigate this growing threat. [The Double-Edged Sword of Cyber Espionage]( State-sponsored attacks are alarming and difficult to prevent, but they suffer from a fundamental weakness that can be leveraged by defenders. [Navigating Rwanda's New Data Protection Law]( As the law's October 2023 transition deadline approaches, it's critical for organizations doing business in Rwanda to understand its requirements and implications. [MORE]( EDITORS' CHOICE [Microsoft Patches a Pair of Actively Exploited Zero-Days]( Five critical bugs, zero-days exploited in the wild, Exchange Server, and more headline Microsoft's September 2023 Patch Tuesday release. Here's what to patch now. LATEST FROM THE EDGE [Being Flexible Can Improve Your Security Posture]( Changing your approach when you realize you could be more efficient pays dividends, especially in six areas of your cybersecurity program. LATEST FROM DR TECHNOLOGY [IBM Adds Data Security Broker to Encrypt Data in Multiclouds]( The data security broker from Baffle brings field- and file-level encryption of sensitive data to new IBM Cloud Security Compliance Center. LATEST FROM DR GLOBAL [Iranian APT Hits US Aviation Org via ManageEngine, Fortinet Bugs]( Known security vulnerabilities in the enterprise products allowed unauthorized access through a public-facing application, US Cyber Command said. WEBINARS - [Cyber Risk Assessment Secrets From the Pros]( Executives want to know whether they should worry about an attack that hit another organization. They worry how safe they are from a breach. But it can be difficult for security teams to quantitatively measure risk, or even say with ... - [The Threat Hunter's Playbook: Mastering Cloud Defense Strategies]( Secure your spot now for this unforgettable cybersecurity adventure, filled with real-world examples, best practices, and expert insights from our threat research team. Level up your cloud security defense. When you attend this webinar, you will hear from the Sysdig's ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Threat Intelligence: Data, People and Processes]( - [Crucial Considerations when Enabling Secure Industrial Digital Transformation]( - [Causes and Consequences of IT and OT Convergence]( - [Evaluating SASE for the Work-From-Anywhere Era]( - [Work From Anywhere Doesn't Have to Be Complicated]( - [Essential SASE Must-haves]( - [Rediscovering Your Identity]( [View More White Papers >>]( FEATURED REPORTS - [What Ransomware Groups Look for in Enterprise Victims]( Ransomware attackers cast a wide net -- they just care about causing damage, making money, and gaining new victims. That means no organization is automatically immune to attack just because of its size or industry. Organizations need to take steps ... - [How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment]( Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ... - [Successfully Managing Identity in Modern Cloud and Hybrid Environments]( Cloud promised to simplify the security and management of enterprise systems. In many ways it has, but when it comes to identity management it's as complicated as ever. This report details how to get identity programs on track -- and ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Claroty Unveils Vulnerability & Risk Management Capabilities to Elevate Risk Reduction for Cyber-Physical Systems]( [NordVPN Launches Sonar to Prevent Phishing Attacks]( [World Security Report Finds Physical Security Incidents Cost Companies USD $1T in 2022]( [Cloudflare Announces Unified Data Protection Suite to Address Risks of Modern Coding and Increased AI Use]( [Google and Acalvio Partner to Deliver Active Defense to Protect Customers From Advanced Threats]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Where and When Automation Makes Sense for Enterprise Security]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=118205&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Weekly_09.14.23&sp_cid=49821&utm_content=DR_NL_Dark%20Reading%20Weekly_09.14.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#85 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)