cR0wAPT28 is apparently using LLMs now and that should have literally no impact on your org's security posture.
https://www.picussecurity.com/resource/blog/lamehug-the-first-publicly-documented-case-of-a-malware-integrating-a-llm
Epic Null@cR0w@infosec.exchange as in actually no impact (threats are the same as always) or as in this has an impact and I am not understanding what you are implying?
cR0w@Epic_Null@infosec.exchange The use of LLMs by a threat actor should not impact an org's security posture. Access to LLMs do not improve the potential capabilities by said threat actor any more than simply having Internet access. It would be like saying that they now have access to Google to research their attacks and we need to be concerned.
Epic Null@cR0w@infosec.exchange Thank you for clarifying. I thought that's what you meant, but it wouldn't be the first time I misinterpreted something important.
cR0w@Epic_Null@infosec.exchange No problem. Interpretation is hard for everyone, especially over basic text and when it's people we don't know in person.