Saturday, February 04, 2023 // (IG): BB // BSidesCharm// Coffee for Bob
PixPirate: New Android Banking Trojan Targeting Brazilian Financial Institutions
FROM THE MEDIA: A new Android banking trojan called PixPirate has been discovered targeting Brazilian financial institutions. It is equipped with ATS (Automatic Transfer System) capabilities and uses code obfuscation and encryption to resist reverse engineering efforts. Additionally, a pig butchering scam using fraudulent investment apps that bypassed the Apple App Store and Google Play vetting process was recently uncovered by cybersecurity firm Sophos. The malicious apps featured a "review evasion technique" to get past the vetting process. The U.S. Department of Justice has taken down seven domain names in connection to the scam and the criminal actors were found to have obtained over $10 million from five victims.
READ THE STORY: THN
China’s Spy Device Over America is No Party Balloon
FROM THE MEDIA: Pentagon officials have detected a Chinese “surveillance balloon” flying over the central U.S., prompting Secretary of State Antony Blinken to cancel a planned trip to China. The balloon is unusually maneuverable and much larger than a typical weather balloon, which typically remain in the air for only a couple of hours. According to John Villasenor, director of the Institute for Technology, Law and Policy and a professor at University of California, Los Angeles, it is possible to launch a balloon with the goal of having it end up in a specific location, although not within one mile. The Pentagon can tell if it is a spy balloon or a civilian project for meteorology research by examining what is on it, and a balloon has an advantage over a satellite in terms of imaging resolution due to its proximity to the Earth. The Pentagon has stated it does not currently plan to shoot the balloon down.
READ THE STORY: International Policy Digest // Scientific American
Iranian OilRig Hackers Using New Backdoor to Exfiltrate Data from Govt. Organizations
Analyst Comment: OilRig is an Iranian hacker group (also known as APT34, ITG13 and Helix Kitten) that is believed to be sponsored by the Iranian government. The group has been active since at least 2014 and is known to target government organizations, financial institutions, energy companies, and various other industries in the Middle East.
FROM THE MEDIA: The Iranian nation-state hacking group known as OilRig has continued to target government organizations in the Middle East as part of a cyber espionage campaign that leverages a new backdoor to exfiltrate data. The threat actor is using a .NET-based dropper to deliver four different files, including the main implant ("DevicesSrv.exe") responsible for stealing specific files of interest. The malicious code is also capable of harvesting credentials from domain users and local accounts, which are then used to send electronic missives to actor-controlled email Gmail and Proton Mail addresses. This indicates the flexibility of the threat actor to come up with new malware based on the targeted environments and the privileges possessed at a given stage of the attack.
READ THE STORY: THN
Warning: Hackers Actively Exploiting Zero-Day in Fortra's GoAnywhere MFT
Analyst Comment: GoAnywhere MFT is a secure, managed file transfer (MFT) solution from HelpSystems that helps organizations automate and streamline secure file transfer processes and data exchanges with trading partners, customers, and other systems. It supports multiple protocols, including FTP, FTPS, SFTP, HTTP, and HTTPS, and provides a secure, browser-based administrative console for easy management.
FROM THE MEDIA: A zero-day vulnerability in Fortra's GoAnywhere MFT managed file transfer application is being actively exploited in the wild. The flaw requires access to the administrative console of the application and there are over 1,000 publicly accessible on-premise instances in the U.S. There is no patch currently available for the vulnerability, although Fortra has released workarounds to remove the "License Response Servlet" configuration from the web.xml file. Vulnerabilities in file transfer solutions have become appealing targets for threat actors and must be secured with strong credentials to protect against exploitation.
READ THE STORY: THN
Customizable new DDoS service already appears to have fans among pro-Russia hacking groups
Analyst Comment: Passion group, affiliated with Killnet and Anonymous Russia, recently began offering DDoS-as-a-Service to proRussian hacktivists. The Passion Botnet was leveraged during the attacks on January 27th, targeting medical institutions in the USA, Portugal, Spain, Germany, Poland, Finland, Norway, Netherlands, and the United Kingdom as retaliation for sending tanks in support of Ukraine.
FROM THE MEDIA: A pro-Russian hacking group has created a new tool for launching DDoS attacks against Ukraine and its allies. The Passion botnet can be rented for $120 per month and has already been used by two well-known hacktivist collectives. It offers customization options and the ability to switch attack vectors, making it harder to detect and mitigate. Healthcare organizations have seen an increase in attacks, possibly indicating the involvement of multiple threat actors. The hackers offer three subscription options and only accept payments in Bitcoin or Tether virtual currencies. DDoS tools are popular among hacktivists as they allow low-skill attackers to launch larger and more powerful attacks.
READ THE STORY: The Record
Iran-Backed Actor Behind 'Holy Souls' Cyberattack on Charlie Hebdo, Microsoft Says
Analyst Comment: Neptunium a.ka Emenne Pasargad (DoJ) is an Iranian cyber actor who is affiliated with the Iran-linked Advanced Persistent Threat (APT) group known as Charming Kitten or APT35. they are believed to be involved in several cyber espionage and other malicious activities targeting foreign governments and entities. Emenne Pasargad is involved in operations against the United States, Israel, Iraq, and other countries, and has also been linked to the notorious Shamoon attacks against Saudi Arabia in 2012. They has been active since at least 2011, and is known to have used a variety of malware, such as Poison Ivy and PlugX, to conduct their operations.
FROM THE MEDIA: Microsoft recently identified Iranian state-actor Neptunium as responsible for an attack on the database of satirical French magazine Charlie Hebdo, where they threatened to dox over 200,000 subscribers. It appears to have been a response to the magazine's invitation to submit caricatures "ridiculing" Iran's Supreme Leader Ali Khamenei in December. Neptunium used tactics such as claiming credit with a hacktivist identity and using fake social media personas to amplify news of the attack. The group is associated with multiple cyber-enabled influence operations, including attempting to influence the US 2020 general elections, and more traditional cyberattacks. Their tactics include first-stage reconnaissance on potential targets via Web searches, identifying vulnerable software, and trying to exploit websites running PHP code or MySQL databases.
READ THE STORY: DARKReading // The Register
EchoStar Begins Construction of Global S-band Network
Analyst Comment: EchoStar Global S-band Network is a satellite communications network operated by EchoStar Corporation. It is a global network of satellites that provides high-speed data and Internet services, including voice, video, and data transfer. The network offers coverage over North America, Europe, Africa, Asia, and the Middle East. The network is designed to provide high-speed broadband access to users in remote and rural areas.
FROM THE MEDIA: EchoStar Corporation has announced an agreement with Astro Digital to construct a global S-band mobile satellite service network. The network will deliver global Internet of Things (IoT), machine-to-machine (M2M) and other data services beginning in 2024. The constellation of satellites will feature an advanced software-defined radio with onboard storage and processing, as well as 5G non-terrestrial network capabilities. EchoStar's Australian subsidiary, EchoStar Global will operate the constellation, while its European subsidiary, EchoStar Mobile Limited, will operate a geostationary EchoStar XXI satellite which will interoperate with the constellation.
READ THE STORY: SpaceREF
Scores of Redis Servers Infested by Sophisticated Custom-Built Malware
Analyst Comment: Redis servers are becoming increasingly popular for their speed and performance. They are used by many large companies and websites, including GitHub, Pinterest, and Reddit, as well as by many smaller businesses. Redis servers are estimated to be used in more than half of all web applications, with many users unaware that they are using a Redis server. According to recent surveys, the prevalence of open source Redis servers is on the rise.
FROM THE MEDIA: An unknown threat actor has been exploiting open source Redis servers to mine Monero cryptocurrency for several years, using a stealthy malware variant called HeadCrab that is designed specifically for Redis and can perform more than 50 actions without leaving a trace. It takes advantage of misconfiguration and vulnerabilities in Redis servers to gain access, and can steal SSH keys, download additional malicious modules, and even compromise the kernel of an infected system. Organizations using Redis servers should assume a full breach if they detect HeadCrab on their systems and should follow best practices for hardening the environment. Redis expressed its support for the research done by Aqua Nautilus and encouraged Redis users to follow security guidance and best practices.
READ THE STORY: DARKReading // The Register
CISA adds Oracle, SugarCRM bugs to exploited vulnerabilities list
Analyst Comment: SugarCRM is a customer relationship management (CRM) system designed to help businesses manage customer relationships, data, and sales processes. It offers a suite of software tools and applications to automate the sales, marketing, and customer support processes. It is used to capture leads, track customer interactions, automate sales processes, and create detailed reports and insights into customer behavior and preferences.
FROM THE MEDIA: CISA has identified two vulnerabilities that are actively being exploited: CVE-2022-21587 in Oracle's E-Business Suite and CVE-2023-22952 in multiple SugarCRM products. These vulnerabilities pose a significant risk to federal enterprise, so CISA has ordered federal agencies to patch them by February 23rd. The Oracle bug is easily exploitable, while the SugarCRM vulnerability was released with an exploit on December 30th which was used to install cryptomining malware. Both vulnerabilities represent different market segments, illustrating how nation-states and cybercriminals now have access to many targets.
READ THE STORY: The Record
The Time to Future-Proof Satellites is Now
Analyst Comment: PQC is a cryptographic technique that uses the principles of quantum mechanics to provide a higher level of security than traditional cryptographic methods. PQC offers a way to securely encrypt data while QKD is a method of securely distributing cryptographic keys using the principles of quantum mechanics.
FROM THE MEDIA: Satellites are essential to many of our day-to-day activities and protecting their data exchange is a critical priority. As quantum computing advancements increase, we must transition to Post Quantum Cryptography (PQC) and/or Quantum Key Distribution (QKD) in order to future-proof these satellites. This transition should include crypto-diversification, which involves mixing current and post-quantum encryption methods as well as out-of-band key delivery. Ignoring the threat of quantum computing could lead to devastating financial losses and negative impacts on our national security. It is imperative that satellite designers begin taking steps now to secure their infrastructure against the specter of Q-Day.
READ THE STORY: VS
TruthFinder, Instant Checkmate confirm data breach affecting 20M customers
FROM THE MEDIA: PeopleConnect, the owners of the TruthFinder and Instant Checkmate background check services, suffered a data breach after hackers leaked a 2019 backup database containing info of millions of customers. The data includes email addresses, hashed passwords, first and last names, and phone numbers. PeopleConnect is still investigating the incident and has engaged with a third-party cybersecurity firm to investigate the incident. They have found no evidence of their network being breached and warn to be on the lookout for targeted phishing attacks. Hunt will be adding the leaked data to Have I Been Pwned and users will be able to use the service to confirm if their account information was exposed.
READ THE STORY: BleepingComputer
Microsoft Visual Studio add-ins could be used to deliver malware
FROM THE MEDIA: Cybersecurity researchers have noticed an increase in the use of Microsoft Visual Studio Tools for Office (VSTO) among cybercriminals as they build malicious Office add-ins which help them achieve persistence and run malicious code on target endpoints. This method bypasses antivirus programs and other malware protection services, making it dangerous. The attackers still need to get victims to download and run an Office file and the add-in in order for it to work, so phishing will still play a major role. Researchers expect the number of VSTO-built attacks to continue rising, with nation-states and other high caliber actors adopting the practice as well.
READ THE STORY: TechRadar
Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide
FROM THE MEDIA: Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) are warning about a two-year-old remote code execution vulnerability in VMware ESXi servers that attackers are actively exploiting to deploy ransomware. The security flaw is tracked as CVE-2021-21974 and affects ESXi versions 7.x prior to ESXi70U1c-17325551, 6.7.x prior to ESXi670-202102401-SG, and 6.5.x prior to ESXi650-202102101-SG. To block incoming attacks, admins have to disable the vulnerable Service Location Protocol (SLP) service on unpatched systems and apply the patch as soon as possible. At least 120 VMware ESXi servers worldwide have already been compromised in this ransomware campaign, according to a Shodan search. The ransomware appears to be from a new family and encrypts files with the .vmxf, .vmx, .vmdk, .vmsd, and .nvram extensions. Victims have reported finding ransom notes named "ransom.html" and "How to Restore Your Files.html" on locked systems.
READ THE STORY: BleepingComputer
Infrastructure sectors hit hardest by ransomware
FROM THE MEDIA: The FBI’s Internet Crime Complaint Center reported 649 ransomware incidents targeting critical infrastructure in 2021, with the health care, financial services, and information technology sectors experiencing the most recorded attacks. Government entities were also targeted, leading the National Association of State Chief Information Officers to name ransomware its top cybersecurity concern in 2021. The FBI recommends updating operating systems and software, implementing training on phishing, securing remote access points, and making an offline backup of all data to protect against ransomware attacks. Energy, transportation, food and agriculture, commercial facilities, government facilities, and critical manufacturing were also at risk of attack.
READ THE STORY: InsideNova
Metro Detroit police departments targeted in ransomware attacks
FROM THE MEDIA: Several Wayne County police agencies were targeted in a ransomware attack on Friday, but were able to prevent a data breach thanks to quick action. It is still unclear which departments were impacted, but records management systems supporting downriver police agencies were hit with malware. The IT team quickly identified the attack and took care of the problem before it became a bigger issue. Cybersecurity experts suggest being vigilant before clicking or tapping on email attachments as methods of attack are constantly evolving.
READ THE STORY: FOX2 Detroit
Indian Official Highlights Djvu Ransomware as Threat
Analyst Comment: Djvu Ransomware is a form of malicious software that encrypts files on affected computers. It is part of the STOP/Djvu ransomware family and typically spreads via malicious software downloads and phishing scams. When the ransomware is installed, it encrypts files on the computer and then displays a ransom note with instructions for paying a fee to unlock the files. Victims may be asked to pay via cryptocurrency, such as Bitcoin.
FROM THE MEDIA: Ransomware attacks in India are on the rise, largely due to malicious software that masquerades as legitimate programs. Djvu ransomware is one of the most common varieties seen in India, and it typically gains entry by disguising itself as a supposedly illegal software with an activated key. It's believed that the coders behind Djvu are located somewhere in the former Soviet Union, and the malware will terminate its infections if it determines a machine is based in certain countries including Russia, Belarus and Syria.
READ THE STORY: BankInfoSec
Pro-Russian hacktivist group is only getting started, experts warn
Analyst Comment: Killnet APT is a cyber espionage group that is believed to be operating out of Russia. The group is believed to be affiliated with the Russian government and is thought to target organizations for political and economic espionage.
FROM THE MEDIA: Health care and security officials warned this week that pro-Russian hacktivist group Killnet's low-level distributed denial-of-service attacks on U.S. critical infrastructure could be a precursor to more serious cyberattacks. The American Hospital Association said the impact appears to have been minimal and temporary, but security experts are warning that Killnet's members have more capabilities than their less-skilled attacks let on. Hospitals and other critical infrastructure should cut off as much internal access as possible to personal websites to mitigate phishing threats that could lead to more serious incidents such as ransomware and malware wipers.
READ THE STORY: AXIOS
Hack of ION Derivatives System Prompts Caution in Other Markets
FROM THE MEDIA: Wall Street's biggest trading desks are taking cautionary measures following a cyberattack in the derivatives market. Banks including Citigroup, Bank of America and Morgan Stanley are carefully reviewing trades sent through systems operated by ION Trading UK, which was attacked by the Russian ransomware gang LockBit. The CFTC has begun to reach out to Wall Street’s biggest trading desks as they probe the incident, and ION held a call with banks to reassure them Fidessa, one of their major platforms, was not impacted in the hack. Despite not using ION’s systems for clearing derivatives, traders have been ordered to be cautious when using their other systems. As ION’s Fidessa platform is used by nearly every major bank, it handles a large portion of trades in equities markets.
READ THE STORY: Bloomberg
Something for the weekend: Understanding AI
FROM THE MEDIA: Microsoft has invested $10 billion in OpenAI, a San Francisco-based research company that has launched ChatGPT, a super-sophisticated chatbot. This AI model is capable of generating text, code, images, audio and video, leading to venture capital firms pouring billions into related start-ups. There are concerns about the theft of copyright, disinformation, and deepfakes that may result from this widespread adoption of generative AI. However, there are also productive uses of machine learning models, such as diagnosing cancers, modelling protein structures, etc. The age of AI is upon us, but not in the way people are currently talking about.
READ THE STORY: FT
US and China Engage in 'Tech War' as Biden Administration Takes Action on Technology Leadership
FROM THE MEDIA: The US and China are in a full-fledged tech conflict due to US President Joe Biden's pursuit of it. The US is the world’s technological leader, but China is challenging that by investing billions of dollars in state support to overtake the US. The conflict began as a trade conflict but quickly turned into a competition for supremacy in 5G, AI, and semiconductors. The US has responded with strict export laws, prohibitions on green card holders working for Chinese firms, and increased investment and R&D spending. China has complained to the WTO about the restrictions and worries about being isolated from other chip-producing nations. Ultimately, China's dream of becoming self-sufficient in the semiconductor sector is still only a pipe dream.
READ THE STORY: Inventiva
Microsoft swears it's not coming for your data with scan for old Office versions
FROM THE MEDIA: Microsoft is reassuring users that its KB5021751 update, which scans Windows systems for out-of-date versions of Office software, will not invade their privacy or install anything on their computers. The data collected from the update only includes registry entries and APIs and does not access any licensing details, customer content, or data about non-Microsoft products. Microsoft encourages users to read its privacy page for more information and provides a link to the Show or Hide Updates troubleshooter for those who are uncomfortable with the update.
READ THE STORY: The Register
Dark Web Developer Wanted: Malicious Actors Join IT Talent Hunt
FROM THE MEDIA: In 2020, Kaspersky Lab analyzed 155 dark web forums and found that there is a strong job market for those interested in working with cybercriminals. Web developers, reverse engineers, analysts, and attackers are in high demand and can command salaries ranging from $1,300 to $4,000 per month. However, these jobs come with significant risks and often lack the same protections afforded to legitimate IT professionals. As technology develops, the underground job market will continue to evolve and may start to look more like the legal job market.
READ THE STORY: ITPRO Today
UScellular confirms customer data posted on dark web is from recent breach
FROM THE MEDIA: UScellular confirmed the customer data a hacker posted on the dark web earlier this week is from an actual breach that took place in January. The company stated the number of customers affected is 52K, and the data did not include Social Security Numbers, credit card numbers, or other sensitive data. The breach may not be connected with the T-Mobile and Google Fi breaches, but UScellular has not revealed the name of the third-party vendor where the breach occurred. Our team was able to filter out the duplicate emails and found just over 30 thousand unique emails in the stolen database.
READ THE STORY: Cybernews
Hackers Posing as Ukrainian Ministry Deploy Info Stealers
FROM THE MEDIA: Ukrainian and Polish cyber defenders are warning of a phishing campaign by a hacking group likely comprised of Russian speakers. The group is using pages that mimic official sites, such as the Ministry of Foreign Affairs of Ukraine, to trick users into downloading malware that can take screenshots, exfiltrate data and establish persistence. The US has announced additional $2 billion in security assistance for Ukraine to counter this activity.
READ THE STORY: BankInfoSec
Supply Chain Security: What is the SLSA? (Part I)
FROM THE MEDIA: SLSA (Supply Chain Levels for Software Artifacts) is a security framework that helps to protect against software supply chain attacks. It provides industry standards and controls to prevent tampering, improve the integrity, and secure packages and infrastructure in your projects, businesses, or enterprises. SLSA defines four incremental security levels ranging from basic documentation of build process to two-person review of all changes, hermetic builds and reproducible builds. This way, software producers and consumers can make risk-based decisions on the security posture of a software package.
READ THE STORY: Security Boulevard
NSA wooing thousands of laid-off Big Tech workers for spy agency’s hiring spree
FROM THE MEDIA: The National Security Agency is aggressively hiring tech workers who were laid off from Big Tech companies such as Meta and Amazon, as well as other large tech firms. With nearly 30,000 people clicking on the NSA's overtures and about 2,000 people applying, the agency is hoping to fill 3,000 positions across the country. The NSA is also changing its image from "No Such Agency" to a more permissive environment, using the slogan of "you do you" in Twitter posts encouraging people to apply for work. Russia's hackers are also looking for tech workers, despite economic sanctions. The NSA is competing for Big Tech talent with midsize employers offering hybrid work.
READ THE STORY: The Washington Times
Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack
FROM THE MEDIA: Tallahassee Memorial HealthCare, a 772-bed hospital in north Florida and south Georgia, was hit by a cyberattack on Thursday night and has had to take its IT systems offline. The attack has forced the hospital to divert patients to other facilities, cancel all non-emergency surgical procedures, and reschedule non-emergency patient appointments. Though the nature of the attack is unknown, sources have said it is likely a ransomware attack. This follows other DDoS and ransomware attacks against hospitals across 25 U.S. states this week, prompting the U.S. Department of Health and Human Services to warn healthcare institutions of further threats.
READ THE STORY: The Record
Widely used stealthy malware packer uncovered
FROM THE MEDIA: The shellcode-based packer TrickGate has been operating unnoticed for over six years, allowing threat actors to deploy a wide range of malware such as TrickBot, Emotet, AZORult, Agent Tesla, FormBook, Cerber, Maze, and REvil. This packer is offered as a service to other malicious actors, which helps them hide their payloads behind wrapper code in an attempt to bypass security solutions installed on a host. Data shows that manufacturing is the sector most targeted by TrickGate, followed by education, healthcare, government, and finance sectors. Phishing emails with malicious attachments or links lead to the download of a shellcode loader responsible for decrypting and launching the payload into memory.
READ THE STORY: THN
Lack of Emerging Tech Framework is 'Weakening' US Stance Against China, Lawmakers Warn
FROM THE MEDIA: In a House Energy and Commerce Subcommittee hearing on Wednesday, lawmakers and experts stressed the need for Congress to pass comprehensive federal privacy legislation and develop a national framework for autonomous vehicles in order to counter China's growing tech dominance. The subcommittee's chairman called for "foundational frameworks for developing emerging technologies," while ranking member Rep. Frank Pallone mentioned the American Data Privacy and Protection Act, which seeks to provide Americans with meaningful control over their personal information. Additionally, members of the committee have introduced the SELF DRIVE Act multiple times since 2017, which seeks to create a federal regulatory framework to speed up the production and development of driverless vehicles.
READ THE STORY: NextGov
Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered
FROM THE MEDIA: Two security weaknesses have been identified in the Open Charge Point Protocol (OCPP) version 1.6J which uses WebSockets for communication between EV charging stations and the Charging Station Management System (CSMS). The vulnerabilities can be exploited to remotely shut down charging stations, leading to a denial-of-service attack, or to access a driver's personal data, credit card details, and CSMS credentials. Mitigations for when there are more than one connection from a single charging point should involve validating the connections by sending a ping or a heartbeat request, as well as eliminating any malicious connections directly or via an integrated cybersecurity module.
READ THE STORY: THN
New mobile network system can control drones even over long distances
FROM THE MEDIA: Researchers from Fraunhofer HHI have developed a new mobile network system that can be used to control drones over long distances and difficult terrain. The technology is already being implemented for deliveries in Malawi, and Wingcopter is now testing the potential of on-demand transport of consumer goods to improve local supply in rural communities with funding from the German Federal Ministry of Digital and Transport. The project is expected to result in economic and environmental benefits if it runs successfully.
READ THE STORY: InceptiveMind
Chinese Internet of Things allow surveillance of cities, becomes threat to the world
FROM THE MEDIA: Chinese Internet of Things (IoT) modules pose a major threat to the world, as they can be used for espionage and sabotage in critical national infrastructure and key industries. They could be used to collect data, such as government systems and individuals' interactions with IoT devices, and be used to target key government workers or dissidents. To combat this, countries should take steps to ban Chinese IoT modules from their supply chains, audit where these modules are embedded, and replace existing products by the end of 2025. Three Chinese companies have 54 percent of the global market in devices and 75 percent by connectivity, so customers need to be aware of the potential risks of using the modules.
READ THE STORY: TIMESNOW
Items of interest
Russian War Report: Satellite imagery indicates a build-up of air defense missile systems in southern Russia
FROM THE MEDIA: The DFRLab has been monitoring Russia’s movements across the military, cyber, and information domains in Ukraine. Satellite imagery suggests a build-up of air defense missile systems in southern Russia, Ukraine’s defense minister has warned of a possible spring offensive, and new Russian fortifications indicate that an attack may be imminent. Russia is spreading false narratives alleging US bioweapons created COVID and targeting Ukrainians, and pro-Russia Telegram channels have targeted Israel following an Iranian strike. Italy is also being targeted by Russian accusations as Rome prepares a new weapons package for Ukraine.
READ THE STORY: Atlantic Council
Let's build GPT: from scratch, in code, spelled out (Video)
FROM THE MEDIA: This video introduces the GPT algorithm and explains how to build it from scratch using code. It covers tokenization, batch dimensioning, loss functions, optimizers, self-attention, matrix multiplication, vectorization, and more. Finally, it demonstrates how to calculate the logits for a GPT model using a linear layer between the token embeddings and the vocabulary size.
GPT-3 Writes a Chatbot AI (Video)
FROM THE MEDIA: ChatGPT is a chatbot AI that uses a 125 million parameter model to generate code, communicate with humans using natural language, and suggest fixes when errors are reported. It is still lacking in certain areas, but is powerful for learning about neural networks and software development.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.