EmergingTech Spotlight

1. Managing the Risks of Generative AI - 79% of senior IT leaders reported concerns that these technologies bring the potential for security risks, and another 73% are concerned about biased outcomes. More broadly, organizations must recognize the need to ensure the ethical, transparent, and responsible use of these technologies. [more]

2. Malicious use of LLM - Recent proof-of-concept attacks displayed how a benign-seeming executable file could be used to make an API call to ChatGPT to generate dynamic, mutating versions of malicious code at each call. Through such process, it will produce vulnerability exploits difficult to detect by cybersecurity tools. Security professional noted that “ChatGPT lowers the bar for hackers, malicious actors that use AI models can be considered the modern 'Script Kiddies'“.[more][more-HYAS]

3. Dr Mohamed Al Kuwaiti, Head of Cybersecurity, UAE Government, noted that the emerging trend at the start of the year is that ChatGPT is used in some of the ransomware and phishing attacks. He noted that their investigation noted that it is really clear that adversaries are increasingly using LLM. [more]

   1. Dr Al Kuwaiti shared that “ChatGPT is used for reprogramming and adding some of the ransomware scripts. Attackers use it for e-mail phishing or drafting emails. We saw some of those as a matter of fact.”

4. Computer science professor, Gene Spafford “Spaf”, penned down his thoughts on AI and ML. He pointed out on the similarity of previous hype cycle and craze of other technologies (such as robotics). The usual urge to be among the early adopters, as well as those speculating about the most severe forms of misuse. He concluded that there are risks to not developing new technologies. However, the more significant risk may be assuming that only the well-intentioned will use them. [more]

Web3 Cryptospace Spotlight

1. 3 Jun - Multiple Atomic Wallet users posted on social media that their wallet assets had been stolen. Atomic indicated that less than 1% of monthly active users are currently affected. While the crypto wallet service shared little information on the stolen amounts, cryptocurrency security researcher ZachXBT tracked at least $35 million worth of funds drained from the compromised accounts. After analyzing the transactions originating from the hack, Elliptic is highly confident that the Lazarus Group orchestrated the heist. The crypto service has yet to share details on how the attackers gained access to user accounts, but it appears that users’ private keys might have been exposed prior to the incident. [more]

2. 7 Jun - The Arbitrum blockchain suffered from a bug in its software that caused the network to stop processing transactions on-chain for several hours. The bug in Arbitrum’s sequencer had resulted in transaction backlog that stressed the network. Hours later, Arbitrum Foundation’s community lead took to its Discord channel to announce the fix deployment. [more][more-2] [more-Arbitrum]

3. The United States Justice Department has unsealed charges against two men it said are responsible for the $400 million hack of former Bitcoin exchange Mt. Gox. It noted that 43-year-old Alexey Bilyuchenko and 29-year-old Aleksandr Verner allegedly conspired to launder 647,000 Bitcoins they stole from Mt. Gox through a hack of the exchange’s servers. [more]

4. Elliptic explores the ten crypto crime typologies which have emerged in recent years (such as DeFi and Cross-chain Crime, Pig Butchering, Elderly Financial Exploitation), and reveal how you can stay protected. [more]