Security News

AI is quickly transforming how individuals create their own apps, copilots, and automations. The first is that production environments are no longer welcoming dozens or hundreds of apps but tens and hundreds of thousands of apps, automations and connections - all from users of varying technical backgrounds.

The C-suite is more familiar with AI technologies than their IT and security staff, according to a report from the Cloud Security Alliance commissioned by Google Cloud. The report, published on April 3, addressed whether IT and security professionals fear AI will replace their jobs, the benefits and challenges of the increase in generative AI and more.

In this Help Net Security video, Sylvia Acevedo, who serves on the Boards of Qualcomm and Credo, discusses why companies should invest in forensic capabilities and why forensics will be such an important topic as AI continues to be integrated into infrastructures and workflows. In an era where AI is becoming increasingly integral to business operations, the lack of comprehensive education and training in AI forensics poses a significant threat.

My research colleague and data scientist Cody Nash met with one such encounter when he pondered "Can AI Create a White Painting?". All Nash wanted from AI was an image of a plain, pure, white background; in color-code lingo, the color #FFFFFF or RGB(255,255,255).

Though generative AI offers financial firms remarkable business and cybersecurity utility, cyberthreats relating to GenAI in financial services are a consistent concern, according to FS-ISAC. Cybercriminals exploit AI for data exfiltration. That said, threat actors can use generative AI to write malware and more skilled cybercriminals could exfiltrate information from or inject contaminated data into the large language models that train GenAI. The use of corrupted GenAI outputs can expose financial institutions to severe legal, reputational, or operational consequences.

According to Bar Lanyado, security researcher at Lasso Security, one of the businesses fooled by AI into incorporating the package is Alibaba, which at the time of writing still includes a pip command to download the Python package huggingface-cli in its GraphTranslator installation instructions. Lanyado did so to explore whether these kinds of hallucinated software packages - package names invented by generative AI models, presumably during project development - persist over time and to test whether invented package names could be co-opted and used to distribute malicious code by writing actual packages that use the names of code dreamed up by AIs.

AI has already become a part of business as usual, as enterprises leverage and integrate new features and tools into their day-to-day workflows, multiplying the volume of transactions and data generated. Despite the mounting security risk and increasing number of data protection incidents, enterprises are adopting AI tools in large numbers.

Threat actors automate attacks with AI. The use of AI to accelerate these attacks is gaining significant attention among major cybercriminal forums with growing interest in weaponizing this technology. AI systems can now replicate a voice using a sample, and video-call deepfakes are aiding threat actors.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Attackers are leveraging a vulnerability in Anyscale's Ray AI software to compromise enterprise servers and saddle them with cryptominers and reverse shells."We observed hundreds of compromised clusters in the past three weeks alone. Each cluster uses a public IP address, and most clusters contain hundreds to thousands of servers. There are hundreds of servers that are still vulnerable and exposed."