Ransomware payments exceed 1B$ in 2023

Author

Jan Verhulst
February 09, 2024

WELCOME

I just read a report that ransomware payments exceeded 1B$ in 2023.

That is a significant amount.

But, I also know that most ransomware incidents are happening away from the media and the public. Companies will do anything not to disclose the fact they were caught with their pants down.

If it’s really serious, you cannot hide the fact something’s wrong. But a subdivision might get hacked or a company branch.

So the official number is going to be much higher.

I thought that was interesting.

Anyway, welcome to this week’s edition of the Blacklynx Brief.

AI NEWS
Google is Gearing Up

  • A leak suggests Google is rebranding its Bard chatbot to Gemini, introducing a new model, Gemini Ultra, on February 7th. This revamp includes a paid 'Gemini Advanced' tier and the launch of a Gemini Android app on Pixel and Galaxy devices, with Canada gaining web and soon app access. The update could spur the competition in AI, potentially accelerating the development and release of new models like OpenAI's GPT-5.

  • Researchers at New York University developed an AI that learned words like "crib" and "ball" from first-person baby videos, mirroring early human language development. Using 61 hours of footage from a baby's helmet cam, the AI associated 250,000 word-image pairs, achieving a 62% success rate in matching words to images. This study suggests that innate knowledge may not be as crucial for language learning as previously thought, potentially revolutionizing our understanding of AI's capabilities in learning and interacting with the physical world.

  • Microsoft has unveiled partnerships with media outlets to integrate AI in news operations, providing tools and insights to enhance research and curation, notably with Semafor's 'Signals' feed. These collaborations aim to utilize AI for sifting through global news and languages, improving journalistic research without replacing the human element in writing. This initiative, amid concerns about AI-generated inaccuracies, illustrates a cautious yet innovative approach to blending AI with traditional journalism, ensuring accuracy and reliability in news reporting.

  • Roblox introduced a real-time AI chat translator, enabling players from different linguistic backgrounds to communicate in 16 languages instantly within the game. This tool, trained on a blend of in-game language and broader internet slang, is set to bridge the gap for its 70 million daily users, with plans to extend translations to visual and voice elements on the platform. This development exemplifies AI's potential to eliminate language barriers, suggesting a future where seamless cross-lingual interactions become the norm across digital platforms.

  • OpenAI has introduced watermarks in DALL-E 3's image metadata, aligning with the Coalition for Content Provenance and Authenticity (C2PA) standards, to enhance digital trust. These watermarks, visible as a CR symbol and an invisible metadata tag, aim to facilitate the verification of image origins, though OpenAI notes the approach's limitations due to the ease of metadata removal and social media practices.

CYBERSECURITY NEWS
Clorox Posts 49 Million Dollar Loss

  • Cloudflare reported a state-sponsored attack on its Atlassian servers during the Thanksgiving holiday, utilizing credentials not revoked post-Okta breach. Despite immediate detection and containment, with no customer data compromised, the breach highlights the persistent efforts by cyber actors to infiltrate networks. Cloudflare's experience underscores the importance of timely credential updates and continuous vigilance in cybersecurity practices.

  • Clorox disclosed a $49 million loss due to a cyberattack in August, covering response, consulting, and operating costs from business disruptions. The attack also led to an anticipated $356 million sales drop, highlighting the extensive financial impact of cybersecurity incidents.

  • The identities of two Iranian cyber groups, Cyber Av3ngers and Black Shadow, were exposed last week, linking them to Iran's Islamic Revolutionary Guard Corps and an Iranian IT company, respectively. These revelations come amid a surge in Iranian cyber activity targeting Israeli websites and organizations, marked by operations ranging from DDoS attacks and defacements to mass data leaks and system wipes. Notably, Cyber Av3ngers escalated their efforts internationally by breaching PLC equipment in critical infrastructure, using simple default passwords to spread anti-Israel and pro-Gaza messages.

  • In Hong Kong, an employee of a multinational company was deceived into sending $25 million to scammers using deepfake technology to impersonate colleagues and the CFO. This incident is among several where deepfakes have facilitated significant financial thefts, highlighting the growing threat of sophisticated scamming techniques. Hong Kong police's report underscores the urgent need for awareness and protective measures against such advanced cyber fraud.

  • Russia has officially prohibited the use of VPN services from March 1, as announced by Ekaterina Mizulina of the Safe Internet League, aligning with efforts to control the Russian internet. This move, described as a necessity to prevent data siphoning, contradicts earlier assurances that VPNs would not be banned. Mizulina, sanctioned by the EU for her role in curtailing free expression, plays a central part in Russia's internet censorship, particularly amid the backdrop of the country's actions since the invasion of Ukraine.

  • Chinese hackers, supported by their government, infiltrated the Dutch Ministry of Defence's network, exploiting a flaw in FortiGate devices. This breach highlights the continuous cyber threats from state-sponsored groups, especially from China, against global defense infrastructures. The incident prompts a critical need for enhanced cybersecurity measures and swift patching of vulnerabilities in commonly used technology to prevent future attacks, showcasing the importance of international cooperation and transparency in cybersecurity efforts.

PODCAST TIP OF THE WEEK
Security Now



This podcast doesn’t need any introduction if you’re in cybersecurity.

Every week for almost 18 years, Leo Laporte and Steve Gibson dive into the latest security news. Leo Laporte is an icon in the podcasting world and was one of the first podcasters and Steve Gibson is a true powerhouse when it comes to security knowledge.

If you’re technically inclined, you will especially love this podcast, as Gibson tends to break down extremely technical concepts in easy-to-understand language.

Each episode is a journey through the complex landscape of cyber threats, defenses, and the ever-evolving technology designed to protect us. Gibson's expertise shines as he breaks down complex topics into digestible, actionable advice, making "Security Now" as educational as it is enjoyable.

The only gripe I have with it is that - well, it may not sound nice - but these gentlemen are getting older and you can definitely tell. They’re slowly morphing into Statler and Waldorf from the Muppet Show

I was going to recommend a couple of episodes but there’s nothing specific that comes to mind.

The digital landscape is always changing, and with it, the nature of the threats we face. That's why the latest episode of "Security Now" is always the most recommended listen.

Find the show here

BOOK TIP OF THE WEEK
Andy Greenberg - Sandworm (2019)

Dive into the heart of cyberwarfare with "Sandworm"” a riveting, fast-paced journey behind the scenes of the most daring cyberattacks in history. From the first blackouts caused by hackers to the devastating global chaos unleashed by the NotPetya malware, costing tens of billions in damages, this story tracks the rise of a formidable Russian hacker group. Known as Sandworm and linked to Russia's military intelligence, they've emerged as a top-tier force in digital warfare, launching relentless attacks on key infrastructure worldwide.

Written by WIRED's own Andy Greenberg, "Sandworm" is not just a tale of technological intrigue but a critical look at how these digital skirmishes are redefining the future of global conflict. As the lines between online battles and physical warfare blur, the stakes for national security and global stability have never been higher. Discover the intense, ongoing battle to curb the power of Sandworm and grasp the full impact of a new era of warfare that transcends the battlefield.

The book predates the conflict in Ukraine, but reading it after the start of that conflict gives another dimension to understanding what is going on.

It reads like a Tom Clancy-novel but unlike those novels , it’s all real life

AI PRODUCTIVITY TIP OF THE WEEK
Perplexity AI

"Perplexity AI" is an AI tool designed to refine the way we access and understand information. It stands out by offering nuanced, context-aware answers to a wide array of questions, moving beyond simple searches to a more interactive exchange of knowledge. This platform leverages the latest in AI technology to digest and interpret vast amounts of data, aiming to provide users with insights that are both accurate and deeply contextual.

Ideal for anyone seeking to deepen their understanding on a variety of topics, "Perplexity AI" represents a shift towards a more engaging and intelligent way of interacting with digital information. It's about enhancing the pursuit of knowledge, offering a tool that adapts and learns to deliver comprehensive answers. While its capabilities are impressive, the true value of "Perplexity AI" lies in its potential to transform curiosity into understanding, marking a step forward in the evolution of information technology.

Closing Thoughts

That’s it for us this week.

For those that are hitting the slopes next week : break a leg.

For the others out there that are getting drunk on carnivals : stay safe.

And for those who stay home with their children during the upcoming school holiday : stay strong!

See you next week !

Reply

or to participate.