The latest Cyberview episode is out! Join cybersecurity experts Gerald Kasulis, Frida Kreitzer, and Carlos Salas as they explore the most talked-about news in the digital world, from WormGPT, ChatGPT’s evil twin, to OpenAI’s FTC investigation and the controversial 4-day breach disclosure rule. Dive into their discussion bellow to discover what’s new in tech and cybersecurity world.
In this episode, we dive into:
ChatGPT’s evil twin WormGPT
The Federal Trade Commission (FTC) investigation into OpenAI data leak and ChatGPT’s inaccuracy
A new 4-day rule for disclosing cyberattacks set by the US Securities and Exchange Commission (SEC)
ChatGPT’s evil twin WormGPT
The new tool, WormGPT, is advertised on underground forums as a blackhat alternative to ChatGPT for launching phishing and business email compromise (BEC) attacks. Although, ChatGPT’s natural language abilities can already help hackers write convincing emails, resulting in the obvious signs of malicious emails disappearing.
Tools like ChatGPT and Google’s Bard have some safeguards in place that try to ensure that AI-generated content does not cause harm. However, WormGPT is specifically designed to be fully unrestricted and facilitate criminal activities, so it raises even more questions about the ethical limits of AI.
FTC investigates OpenAI over data leak and ChatGPT’s inaccuracy
Has ChatGPT broken consumer protection laws by risking personal reputations and data? The FTC has opened an investigation into OpenAI, requiring details on how OpenAI gathers and protects data and vets information.
The FTC wants to know how information was used to train its model and how it prevents false claims from being shown to users. Additionally, they are interested in how APIs connect to OpenAI’s systems and how user data is protected, all while the FTC issued multiple warnings that existing consumer protection laws apply to AI.
The 4-day deadline for public companies to report breaches
US companies hit by cyberattacks will face a 4-day deadline for publicly disclosing hacks, under new rules approved by the US Securities and Exchange Commission (SEC). There are mixed feelings about this new requirement. On the one hand, it is praised for encouraging transparency about cybersecurity breaches, as they are considered as important to investors as any other significant operational disruption.
On the other hand, the new rule is being labeled as a controversially short deadline that may not allow companies enough time to put an action plan in place or fix vulnerabilities. Although regulations state that if the SEC is informed in writing of a national security or public safety risk, a delay in breach disclosure of up to 60 days is allowed.
Stay tuned for the next episode of Cyberview.
About Version 2
Version 2 is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About NordLayer
NordLayer is an adaptive network access security solution for modern businesses – from the world’s most trusted cybersecurity brand, Nord Security.
The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.
