Tag: info

LLM services are being hit by hackers looking to sell on private info

Post author By lisa nichols
Post date May 10, 2024
No Comments on LLM services are being hit by hackers looking to sell on private info

[ad_1]

Using cloud-hosted large language models (LLM) can be quite expensive, which is why hackers have apparently begun started stealing, and selling, login credentials to the tools.

Cybersecurity researchers Sysdig Threat Research Team recently spotted one such campaign, dubbing it LLMjacking.

In its report, Sysdig said it observed a threat actor abusing a vulnerability in the Laravel Framework, tracked as CVE-2021-3129. This flaw allowed them to access the network and scan it for Amazon Web Services (AWS) credentials for LLM services.

New methods of abuse

“Once initial access was obtained, they exfiltrated cloud credentials and gained access to the cloud environment, where they attempted to access local LLM models hosted by cloud providers,” the researchers explained in the report. “In this instance, a local Claude (v2/v3) LLM model from Anthropic was targeted.”

The researchers were able to discover the tools that the attackers used to generate the requests which invoked the models. Among them was a Python script that checked credentials for ten AI services, analyzing which one was useful. The services include AI21 Labs, Anthropic, AWS Bedrock, Azure, ElevenLabs, MakerSuite, Mistral, OpenAI, OpenRouter, and GCP Vertex AI.

They also discovered that the attackers didn’t run any legitimate LLM queries in the verification stage, but were rather doing “just enough” to find out what the credentials were capable of, and any quotas.

In its news report, The Hacker News says the findings are evidence that hackers are finding new ways to weaponize LLMs, besides the usual prompt injections and model poisoning, by monetizing access to LLMs, while the bill gets mailed to the victim.

The bill, the researchers stressed, could be quite a big one, going up to $46,000 a day for LLM use.

“The use of LLM services can be expensive, depending on the model and the amount of tokens being fed to it,” the researchers added. “By maximizing the quota limits, attackers can also block the compromised organization from using models legitimately, disrupting business operations.”

Proton Mail’s paid users will now get alerts if their info has been posted on the dark web

Post author By lisa nichols
Post date April 22, 2024
No Comments on Proton Mail’s paid users will now get alerts if their info has been posted on the dark web

[ad_1]

Proton Mail has introduced Dark Web Monitoring for its paid users, which will keep them informed of breaches or leaks they may have been affected by. If anything’s been spotted on the dark web, the feature will send out alerts that include information like what service was compromised, what personal details the attackers got (e.g. passwords, name, etc.) and recommended next steps. At launch, you’ll have to visit the Proton Mail Security Center on the web or desktop to access these alerts, but the company says email and in-app notifications are on the way.

An example of a breach alert from Proton Mail — Proton

Dark Web Monitoring is intended to be a proactive security measure. If you’ve used your Proton Mail email address to sign up for a third-party service, like a social media site, and then hackers steal user data from that service, it would let you know in a timely manner if your credentials have been compromised so you can take action (hopefully) before any harm is done. It seems a fitting move for the service, which already offers end-to-end encryption and has made privacy its main stance since the beginning. Dark Web Monitoring won’t be available to free users, though.

“While data breaches of third-party sites leading to the leak of personal information (such as your email address) can never be entirely avoided, automated early warning can help users stay vigilant and mitigate worse side effects such as identity theft,” said Eamonn Maguire, Head of Anti-Abuse and Account Security at Proton.

[ad_2]

Source Article Link

Tags alerts, Dark, info, Mails, Paid, posted, Proton, users, Web

Business Industry

Galaxy Z Flip 6’s first benchmark reveals juicy info

Post author By miranda cosgrove
Post date April 19, 2024
No Comments on Galaxy Z Flip 6’s first benchmark reveals juicy info

[ad_1]

In February this year, we reported that Samsung is going to launch its next set of foldable smartphones, which will have two devices, the Galaxy Z Fold 6 and the Galaxy Z Flip 6, in July this year, which is earlier than usual. As such, it has started working on the production of these devices in full swing. Well, the company has now started benchmarking those phones. That’s right. Samsung has just benchmarked the Galaxy Z Flip 6 on Geekbench, which confirms key features of the upcoming device.

Geekbench has listed a smartphone from Samsung that the company hasn’t announced yet. It comes bearing the model number SM-F741U. According to a previous report, this device is none other than the Galaxy Z Flip 6. According to the benchmarking platform, Samsung’s upcoming clamshell foldable smartphone features the Qualcomm Snapdragon 8 Gen 3 chipset, one of the variants of the device has 8GB of RAM, and the phone runs on the Android 14 operating system, most likely with One UI 6.1.

Galaxy Z Flip 6 spotted on Geekbench

The Galaxy Z Flip 6 managed to score 15,050 points on the GPU test, which is similar to what the Galaxy S24 Ultra managed to achieve. The Galaxy Z Flip 6 is more compact than the Galaxy S24 Ultra. As such, it has less space for a cooling system. Despite that, it managed to achieve the same level of performance as the brand’s flagship phone, which is quite impressive. However, we suspect that the Galaxy Z Flip 6 might not be able to maintain that level of performance for as long as the Galaxy S24 Ultra.

According to a previous report, the Galaxy Z Flip 6 will feature a larger cover display than that on the Galaxy Z Flip 5. Reportedly, the cover display on the upcoming phone will a 120Hz refresh rate instead of a 60Hz refresh rate on its predecessor. Samsung is expected to offer the foldable with an Exynos chipset in some regions, and the it will be available with up to 12GB RAM. We already got to see the phone’s design, thanks to a previous leak, and according to another report, it will come in a new set of colors.

[ad_2]

Source Article Link

Tags benchmark, Flip, Galaxy, info, juicy, reveals