Microsoft and OpenAI have identified five Advanced Persistent Threat (APT) groups that are actively using large language models (LLMs) for malicious purposes. These threat groups, originating from North Korea, China, Iran, and Russia, are using LLMs to automate malicious operations, generate believable phishing content, and gain vulnerability knowledge. While the APT groups were not directly using LLMs to create malware, the discovery highlights the use of generative AI by both white hat and black hat actors for operational efficiency. Microsoft has also identified nine LLM-themed techniques and procedures being used by these threat groups. Experts advise organizations to remain vigilant and adopt application-specific models tailored for specific tasks to defend against generative AI or LLM-based attacks.
Surprising: State-Sponsored APT Groups Utilize Gen AI LLMs
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-37.jpg)
Latest from News
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-123-720x480.png)
UK Firms Unite for Cybersecurity Success
TLDR: Yahoo is part of the Yahoo brand family, which includes Yahoo and AOL. When using Yahoo sites and applications, Cookies are used for
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-14-720x480.jpg)
PKfail vulnerability lets hackers install UEFI malware on 200+ devices
TLDR: PKfail vulnerability affects over 200 device models, compromising Secure Boot. Exploiting the vulnerability allows attackers to install UEFI malware. Article Summary: The PKfail
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-121-720x480.png)
OpenStack Nova flaw lets hackers infiltrate cloud servers without permission
TLDR: A vulnerability in OpenStack’s Nova component, tracked as CVE-2024-40767, allows hackers to gain unauthorized access to cloud servers. The vulnerability affects multiple versions
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-40-720x480.jpg)
CrowdStrike alert: New phishing scam targets German customers
TLDR: – CrowdStrike warns of a new phishing scam targeting German customers. – Malicious installers distributed via a fake website impersonating a German entity.
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-36-720x480.jpg)
Beware: NKorea Cyber Op Targets Military, Nuclear Secrets in UK, US, SKorea
Article Summary TLDR: UK, US, and S. Korea issued a warning about a North Korea-backed cyber espionage campaign The group Andariel has been targeting