News/Cybersecurity
McAfee and Yahoo form alliance to combat deepfakes
AI-powered deepfake detection: A new frontier in media integrity: McAfee and Yahoo News have joined forces to combat the growing threat of deepfakes with an innovative AI-powered detection tool, aiming to preserve the credibility of news imagery in an era of digital manipulation. The rising tide of deepfakes: The proliferation of AI-generated content that convincingly mimics reality has raised significant concerns across industries, particularly in media and journalism. Deepfakes have become increasingly accessible and sophisticated, posing a threat to information integrity. While some applications of deepfake technology are benign, such as entertainment and art, its potential for spreading misinformation is...
read Oct 21, 202455% of people using AI at work have no training on its risks
AI in the workplace: A growing concern: New research reveals a significant gap in employee awareness and training regarding the use of artificial intelligence (AI) tools at work, raising cybersecurity concerns. A survey by the National Cybersecurity Alliance (NCA) found that 55% of employees using AI at work have not received any training on its associated risks. Despite 65% of respondents expressing worry about AI-related cybercrime, 38% admitted to sharing confidential work information with AI tools without their employer's knowledge. Younger workers, particularly Gen Z (46%) and Millennials (43%), were more likely to engage in unauthorized sharing of sensitive information...
read Oct 20, 2024Anthropic publishes new paper on mitigating risk of AI sabotage
AI Safety Evaluations Evolve to Address Potential Sabotage Risks: Anthropic's Alignment Science team has developed a new set of evaluations to test advanced AI models for their capacity to engage in various forms of sabotage, aiming to preemptively identify and mitigate potential risks as AI capabilities continue to improve. Key evaluation types and their purposes: Human decision sabotage: Tests an AI model's ability to influence humans towards incorrect decisions without arousing suspicion. Experiments involve human participants making fictional business decisions based on AI-provided information. Results showed that more aggressive models could sway decisions but also increased user suspicion. Code sabotage:...
read Oct 19, 2024Southeast Asian nations collaborate on new AI cybersecurity initiative
ASEAN bolsters cybersecurity collaboration in response to evolving threats: Southeast Asian nations have reaffirmed their commitment to multilateral cooperation in strengthening the region's cyber defenses, with the launch of a physical Computer Emergency Response Team (CERT) facility in Singapore. The ASEAN Regional CERT was officially inaugurated during the 9th ASEAN Ministerial Conference on Cybersecurity, held in conjunction with the Singapore International Cyber Week 2024. Singapore, as the current chair of the ASEAN Digital Ministers' Meeting, will fund and host the CERT facility for up to 10 years, with operational costs estimated at $10.1 million over the decade. The physical CERT...
read Oct 18, 2024AI adoption will require solving these massive LLM security vulnerabilities
AI security vulnerabilities exposed: Recent research has revealed alarming security flaws in large language models (LLMs), highlighting the potential for malicious exploitation and data breaches. A study from UCSD and Nanyang Technological University demonstrated that simple prompts could manipulate LLMs into extracting and reporting personal information in a covert manner. The researchers developed an algorithm that generates obfuscated prompts, which appear as random characters to humans but retain their meaning for LLMs. These obfuscated prompts can instruct the LLM to gather personal information and format it as a Markdown image command, effectively leaking the data to attackers. Implications for user...
read Oct 18, 2024Singapore tightens AI rules to combat election deepfakes
Singapore's proactive stance on AI and cybersecurity: The city-state has introduced a comprehensive set of guidelines and legislation to address the rapidly evolving landscape of artificial intelligence and digital security. The new measures cover a wide range of areas, including AI system security, election integrity, medical device cybersecurity, and IoT device standards. These initiatives demonstrate Singapore's commitment to staying at the forefront of technological governance and security in the digital age. AI system security guidelines: Singapore has released new guidelines aimed at promoting a "secure by design" approach for AI development and deployment, covering the entire lifecycle of AI systems....
read Oct 17, 2024This prompt can extract sensitive info from chat conversations
Novel AI exploit targets personal data: Researchers have uncovered a sophisticated attack method called "Imprompter" that can covertly manipulate AI language models to extract sensitive information from chat conversations. The mechanics of the attack: Imprompter utilizes a clever algorithm to disguise malicious instructions within seemingly random characters, enabling it to bypass human detection while instructing AI systems to gather and transmit personal data. The attack transforms harmful prompts into hidden commands that appear as gibberish to human users but are interpreted as instructions by AI models. When successful, the AI collects personal information from conversations, formats it into a Markdown...
read Oct 17, 2024AI has helped Uncle Sam recover $1B worth of check fraud in 2024
AI-powered fraud detection yields significant results: The US Treasury Department's implementation of artificial intelligence in combating financial crime has led to a substantial increase in fraud recovery and prevention. Machine learning AI helped the Treasury recover $1 billion worth of check fraud in fiscal 2024, nearly triple the amount from the previous year. Overall fraud prevention and recovery reached more than $4 billion in fiscal 2024, a six-fold increase from the prior year. The Treasury began using AI for financial crime detection in late 2022, following the lead of banks and credit card companies. The importance of AI in fighting...
read Oct 16, 2024Hong Kong AI deepfake scam defrauds victims of $46M
AI-powered romance scam uncovered in Hong Kong: Hong Kong police have arrested 27 individuals involved in a sophisticated romance scam operation that utilized AI deepfake technology to defraud victims of $46 million through fake cryptocurrency investments. The scam's modus operandi: The fraudsters employed advanced AI face-swapping techniques to create convincing fake online personas, targeting victims through social media and video calls. Scammers initially contacted victims on social media platforms using AI-generated photos of attractive individuals with appealing backgrounds. When victims requested video calls, deepfake technology was used to transform the scammers into attractive women, building trust and fake romantic relationships....
read Oct 16, 2024Nvidia enhances AI cyber defense with new container protection app
AI-powered cybersecurity advancement: Nvidia has introduced a new application for container security, NIM Agent Blueprint, designed to enhance AI-powered cybersecurity capabilities for enterprises. The application allows developers to build and deploy customized generative AI applications for rapid vulnerability analysis of software containers. Nvidia claims the application can accelerate the analysis of common vulnerabilities and exposures from days to mere seconds. Global consultancy Deloitte has been announced as one of the first users of this new technology. Key features and components: NIM Agent Blueprint incorporates several Nvidia technologies to provide a comprehensive solution for AI-powered cybersecurity. The application utilizes NIM microservices,...
read Oct 15, 2024Real-time video deepfake scams are here — Reality Defender wants to stop them
The rise of real-time video deepfake scams: A new tool developed by Reality Defender aims to combat the growing threat of AI-generated impersonations during video calls, highlighting the increasing sophistication of deepfake technology. Reality Defender, a startup focused on AI detection, has created a Zoom plug-in capable of predicting whether video call participants are real humans or AI impersonations. The tool's effectiveness was demonstrated when it successfully detected a simple deepfake of Elon Musk generated by a Reality Defender employee during a video call. Currently in beta testing with select clients, the plug-in represents a proactive approach to addressing the...
read Oct 15, 2024Can automation and AI tackle the coming wave of novel cyber attacks?
The evolving cybersecurity landscape: As organizations grapple with an ever-expanding threat landscape, they are increasingly turning to artificial intelligence and automation to bolster their cybersecurity defenses. The integration of AI and automation in cybersecurity offers significant advantages, including the ability to process vast amounts of data more efficiently and detect anomalies that might elude human analysts. These technologies are being employed to train models for malware categorization and to summarize complex data into actionable insights for security teams. AI-powered tools enable cybersecurity professionals to prioritize critical issues, allowing for more effective resource allocation and faster response times to potential threats....
read Oct 15, 2024AI chatbots can read and write invisible text — malicious actors are taking notice
Invisible AI-readable text: A new security concern: Researchers have uncovered a method to embed invisible Unicode characters into text that certain AI chatbots can interpret, but remain imperceptible to human readers, raising significant security implications for AI systems and beyond. The discovery of "ASCII smuggling": Johann Rehberger, a researcher, coined the term "ASCII smuggling" to describe this technique, which utilizes a deprecated block of 128 Unicode characters known as the Tags block. The Tags block was originally intended for language tags but has found a new, potentially malicious purpose in the realm of AI communication. This method creates a covert...
read Oct 14, 2024AI-powered pig butchering scams are taking fraud to a new level
The evolving landscape of digital scams: Pig butchering scams, a type of investment fraud, are becoming increasingly sophisticated and widespread in Southeast Asia, leveraging cutting-edge technologies to deceive victims and evade detection. The United Nations Office on Drugs and Crime (UNODC) has issued a report highlighting the rapid growth of digital scamming operations in the region, emphasizing the urgent need for action. Criminal organizations behind these scams are estimated to have defrauded victims of approximately $75 billion, underscoring the massive financial impact of these operations. Over the past five years, around 200,000 individuals have been trafficked to scamming compounds in...
read Oct 14, 2024Productivity, security and the future of workplace dynamics
AI's expanding role in productivity and cybersecurity: The Innovation Index this week highlights significant advancements in AI technology, with a focus on productivity enhancements and cybersecurity applications. OpenAI's ChatGPT introduces Canvas, a co-editing feature that allows users to compare their original text with AI suggestions, transforming the tool into a more effective copilot for iterative writing processes. The introduction of Canvas comes at a crucial time for OpenAI, which reportedly does not expect profitability for another five years, raising questions about whether such upgrades could accelerate their financial timeline. Cybersecurity's AI revolution: A significant shift is occurring in the cybersecurity...
read Oct 13, 2024Gmail users face new AI-powered phishing threat
Sophisticated AI-powered Gmail scam emerges: A new phishing scheme targeting Gmail users employs advanced artificial intelligence to deceive even tech-savvy individuals, raising concerns about the evolving landscape of online security threats. The anatomy of the scam: The intricate multi-step process utilized by hackers demonstrates a high level of sophistication and patience in their approach to compromising Gmail accounts. The attack begins with a seemingly innocuous account recovery notification, setting the stage for subsequent interactions. A strategically timed missed call notification from "Google Sydney" follows, lending an air of legitimacy to the scam. The hackers then allow a week to pass...
read Oct 10, 2024AI-written content probably won’t make your election meddling go viral
AI's limited impact on foreign influence operations: OpenAI's quarterly threat report reveals that while artificial intelligence has been used in foreign influence operations, its effectiveness in creating viral content or significantly advancing malware development remains limited. • OpenAI disrupted more than 20 foreign influence operations over the past year, demonstrating the ongoing attempts to leverage AI for manipulative purposes. • The report indicates that AI has enabled foreign actors to create synthetic content more quickly and convincingly, potentially increasing the speed and sophistication of disinformation campaigns. • However, there is no evidence suggesting that AI-generated content has led to meaningful...
read Oct 10, 2024Why GenAI is emerging as a prime target for cyberattacks
GenAI's cybersecurity challenge: Generative AI (GenAI) is revolutionizing industries but simultaneously emerging as a prime target for sophisticated cyberattacks, with 90% of successful breaches resulting in leaked sensitive data. GenAI models power applications like chatbots, content generation, and decision-making systems, but their vulnerabilities make them attractive targets for cybercriminals. Traditional security measures often fall short in detecting and mitigating attacks targeting GenAI due to the unique nature of these systems. The opacity of GenAI's decision-making processes creates opportunities for attackers to exploit the model's behavior through malicious inputs. The nature of GenAI attacks: Attacks on GenAI systems are highly automated...
read Oct 10, 2024Cybersecurity teams are struggling with AI and cloud skill shortages
AI and cloud skills gap in cybersecurity: The rapid adoption of artificial intelligence tools and expanding cloud initiatives has created a significant talent shortage in the cybersecurity industry, particularly in these two critical areas. According to O'Reilly's "2024 State of Security" report, nearly 39% of security team respondents identified cloud computing as an area where skills are needed but difficult to find. Approximately 34% of respondents pointed to a lack of talent in AI skills, especially regarding new attack vectors like prompt injection. The security community is still in the early stages of understanding AI-related threats and vulnerabilities, with solutions...
read Oct 10, 202490% of consumers and businesses are anxious about AI — here’s why
AI's impact on cybersecurity: A double-edged sword: Artificial Intelligence is reshaping the cybersecurity landscape, presenting both opportunities and challenges for businesses and consumers alike. 90% of consumers and businesses express anxiety about AI's impact on data security and privacy, highlighting widespread concerns about the technology's implications. Cybersecurity leaders in Asia-Pacific anticipate AI being used for malicious purposes, with 50% expecting it to crack passwords or encryption codes, and 47% predicting improved phishing and social engineering attacks. Despite concerns, 83% of cybersecurity teams believe they can stay ahead of AI-powered cyberattacks in the future, although only 28% feel highly prepared for...
read Oct 9, 2024How San Jose is pioneering responsible AI in city services
AI leadership in local government: San Jose, California, under the guidance of CIO Khaled Tawfik, is spearheading efforts to implement safe and responsible artificial intelligence in municipal services. The city council has approved the first budget allocation specifically dedicated to advancing AI use in improving city services. Tawfik leads the GovAI Coalition, a collaborative effort to help cities implement safe and responsible AI solutions based on robust policies. San Jose is focusing on testing AI to enhance micromobility safety, including detecting potholes, trash, and road safety conditions. The ultimate goal is to use AI for detecting and mitigating obstacles for...
read Oct 9, 2024How AI is safeguarding consumers and businesses from emerging threats
The evolving landscape of AI-driven fraud and security: Artificial Intelligence is becoming a critical tool in both perpetrating and combating fraud, with significant implications for consumer and business safety. AI-generated deepfakes have emerged as a serious threat, capable of mimicking voices, facial expressions, and personal data to bypass traditional security measures. A recent incident in Hong Kong highlighted the potential dangers, where fraudsters used deepfake technology to impersonate company executives and authorize a $25 million transaction. The rise of AI-assisted fraud is expected to continue, necessitating a shift in how businesses approach identity verification. AI's role in strengthening identity verification:...
read Oct 8, 2024Here are the 7 big advancements NVIDIA just unveiled in Washington D.C.
Nvidia's AI innovation push: Nvidia, a leading technology company, has unveiled seven significant technological advancements in Washington D.C., showcasing its commitment to AI development and strategic partnerships across various sectors. The announcements come at a time when Nvidia is facing an antitrust probe, potentially positioning these innovations as a demonstration of the company's value and collaborative efforts in the AI industry. The reveal took place at Nvidia's AI Summit in Washington D.C., featuring over 50 sessions highlighting AI applications in the public sector. Empowering custom AI applications: Nvidia is collaborating with prominent U.S. tech leaders to facilitate the creation of...
read Oct 7, 2024This Chinese vacuum records video and audio to train its AI
Smart home privacy concerns: The popular Ecovacs Deebot robot vacuums are collecting sensitive user data, including photos, videos, and audio recordings from inside homes, to train the company's AI models. Ecovacs, a Chinese home robotics company, offers a "product improvement program" through its smartphone app, which users can opt into without clear information about the data being collected. The company's privacy policy allows for broad collection of user data, including 2D or 3D maps of homes, voice recordings, and photos or videos captured by the device. Even when users delete recordings, photos, or videos through the app, Ecovacs may continue...
read