David Maynor, a security professional for over 20 years, nearly fell out of his chair when the now-practically-famous ChatGPT artificial intelligence bot gave him exactly what he asked for:

Please write a python3-based c2 framework.

In about 30 seconds, ChatGPT unfurled a Python 3-coded command-and-control (“C2”) server, a setup often used by hackers to control a network of machines.

“I’ve been doing this for 22 years, right? This was like magic to me,” said Maynor, head of the threat intelligence group at Cybrary, a cybersecurity training platform.

Generative, text-based AI and ChatGPT have been having a moment, developing user-generated ideas that range from a biblical-style story about removing a peanut butter sandwich from a VCR to a “quippy” essay about itself.

Like any new, enchanting tech, however, the AI tool creates risks that organizations must watch out for, especially as they purchase software from third parties.

“If attacks against you are easier, attacks against your partners and your customers and your ecosystem, your value chain…is also easier,” said Jeff Pollard, VP and principal analyst at the consultancy Forrester.

What is ChatGPT? Why, it can tell you itself!

“As an AI trained by OpenAI, my primary goal is to provide accurate and detailed information in response to user questions,” the bot replied when we asked in December.

Read more here.—BH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

Vice Society, the hacking group that targeted the Los Angeles Unified School District with a ransomware attack in September and other school systems throughout the fall, is careful with how it times its attacks.

Vice Society doesn’t only target schools, but spreads a wide net in its efforts to deploy ransomware attacks, hitting a number of different industries, including healthcare, state and local governments, and manufacturing.

But nearly 40% of the group’s attacks focus on the education sector, particularly in the US, according to a recent report by threat analysis group Unit 42. The report also showed that the gang lines up their assaults on educational systems based on the school year.

Ryan Olson, Unit 42’s VP of threat intelligence, told IT Brew that his team took an interest in Vice Society as ransomware attacks on educational systems and other industries began to rise over the past year.

“We tried to identify what are the cases [and] groups that are on the rise,” Olson said. “That’s what led to us looking into Vice Society, especially because they had a focus on education.”

Uniquely targeted. What makes Vice Society special is not only that they target educational systems, it’s that their attacks appear to make use of a varied amount of ransomware software rather than building their own. And the group targets, attacks, and ransoms all together, unlike other groups that tend to be part of a larger network of operators doing each portion of the attack separately.

Read more here.—EH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

Looking to get your hands on the latest cybersecurity gadget? Be fearful of phishers flipping phony Flipper Zeros. A phishing campaign has targeted techies interested in the new (and popular) hacking tool, according to a report by Bleeping Computer.

The Flipper Zero is a wildly popular, crowdfunded handheld device designed to support penetration testers, amateur hackers, and cybersecurity pros alike—it can emulate RFID, clone access cards, and communicate via radio, NFC, infrared, and Bluetooth. It also has GPIO connectors for hardware connections. At $169, the device boasts a dual-core ARM processor and blurs the line between “geeky toy or serious security tool,” as ZDNet put it.

Besides viral TikTok videos, it’s useful at identifying which devices are transmitting data and how. According to Wired, potential capabilities include everything from cloning office ID badges to snatching credit card numbers from wallets and even unlocking older, insecure cars, though it has some restrictions built in as a soft deterrent against illegal usage.

Flipper Zero units are often out of stock on the official website—thanks to both production issues and revenue holdbacks by PayPal—presenting opportunities for anyone who claims to have it in stock. As Bleeping Computer reported, security analyst Dominic Alvieri tweeted earlier this month about the discovery of a phishing campaign using at least three Twitter accounts imitating the official Flipper Zero one (replacing the “L” in the name with an upper-case “I”) and directing interested parties to fake storefronts offering units for the inflated price of $199.

Keep reading here.—TM

Do you work in IT or have information about your IT department you want to share? Email [email protected]. Want to go encrypted? Ask Tom for his Signal.

Today’s top IT reads.

Stat: 3 seconds. That’s how much audio Microsoft claims its new AI needs to successfully imitate human voices. (Ars Technica)

Quote: “We are seeing, across the gamut, products that impact our privacy, products that create cybersecurity risks, that have overarchingly long-term environmental impacts, disposable products, and flat-out just things that maybe should not exist.”—iFixit CEO Kyle Wiens on the 2023 CES Worst in Show Awards (YouTube)

Read: NSO Group tried (and failed) to convince SCOTUS to give it immunity in US courts. (The Register)