News/Cybersecurity
Why AI Literacy Training is Crucial for Cybersecurity in the AI Era
AI education takes center stage: Dr. Milton Mattox, CEO of USAII, delivered a compelling keynote address on the critical importance of AI training and education at a major cybersecurity forum in Phoenix. The Eighth Annual MSS and Physical Cyber Convergence Forum Phoenix, held on August 15, 2024, at the Hyatt Regency, provided a platform for industry leaders to discuss cutting-edge developments in cybersecurity and artificial intelligence. USAII, a leading provider of AI certifications, sponsored and participated in the event, showcasing its commitment to advancing AI education and training. Keynote highlights: Dr. Mattox's address, titled "Understanding the Importance of Effective AI...
read Aug 15, 2024Security Vulnerabilities Found in Microsoft’s AI Healthcare Bots
Critical vulnerability discovered: Cybersecurity researchers at Tenable uncovered serious security flaws in Microsoft's Azure Health Bot Service, potentially exposing sensitive patient health information to unauthorized access. The vulnerability allowed researchers to gain access to "hundreds and hundreds of resources belonging to other customers," highlighting the severity of the security breach. The flaw was identified in the data-connection component that enables bots to interact with external data sources, where researchers found they could connect using a malicious external host and obtain leaked access tokens. Azure Health Bot Service is widely used by healthcare organizations to deploy AI-powered virtual health assistants capable...
read Aug 15, 2024AI Security Concerns Surge as Tech Outpaces Safeguards
AI security concerns rise as technology outpaces safeguards, according to a recent PSA Certified survey of global technology decision-makers. The findings reveal a complex landscape where industry leaders grapple with the rapid advancement of AI and its implications for security. Key survey findings: The PSA Certified research, which polled 1,260 technology decision-makers worldwide, uncovered significant apprehensions about the pace of AI development and its impact on security measures. A substantial 68% of respondents expressed concern that AI advancements are outstripping the industry's capacity to secure products and services adequately. An overwhelming 85% believe that security concerns will drive more AI...
read Aug 15, 2024How to Protect Yourself from Digital Deception in the AI Era
The rapid advancement of artificial intelligence technology is creating new challenges in the realm of digital security, particularly in the area of imposter scams. These increasingly sophisticated deceptions are leveraging AI to create more convincing and emotionally manipulative scenarios, putting unsuspecting individuals at greater risk of financial and emotional harm. The evolving landscape of imposter scams: AI is being harnessed to enhance the authenticity and effectiveness of common fraudulent schemes, with a particular focus on emergency-type scams that prey on people's emotions and sense of urgency. The notorious "grandparent scam" and similar emergency-based deceptions are becoming more difficult to detect...
read Aug 13, 2024How HUMAN Security Tackles Digital Commerce Threats with AI
The cybersecurity landscape is rapidly evolving, with AI-powered threats posing new challenges to digital commerce and online interactions. HUMAN Security, a leading cybersecurity firm, is at the forefront of combating these sophisticated attacks through innovative approaches and advanced technologies. Holistic protection strategy: HUMAN Security has developed a comprehensive methodology to safeguard the entire digital commerce journey, addressing vulnerabilities at every stage of online interactions. The company's approach is based on analyzing data across the digital supply chain, providing a unique perspective on emerging threats and attack vectors. By focusing on the complete user journey, HUMAN Security aims to create a...
read Aug 12, 2024IBM Launches AI Cybersecurity Assistant to Accelerate Threat Response
IBM has launched a new AI-powered cybersecurity tool to enhance its managed threat detection and response services, aiming to accelerate and improve the identification, investigation, and response to critical security threats for clients. The big picture: IBM's Cybersecurity Assistant, built on the company's watsonx data and AI platform, addresses the ongoing challenge of cyber incidents evolving into complex, long-term events that overwhelm security teams. The assistant is designed to autonomously perform various tasks, including opening or summarizing tickets, running queries, pulling logs, explaining commands, and enriching threat intelligence. Developed using IBM's Granite line of foundation models, with watsonx Assistant providing...
read Aug 12, 2024AI Vulnerabilities in Microsoft Copilot Expose Enterprise Data Risks
Microsoft's Copilot AI, integrated into Windows, has been found to have significant security vulnerabilities that could expose sensitive organizational data and facilitate sophisticated phishing attacks, according to research presented at the Black Hat security conference in Las Vegas. The big picture: Security researcher Michael Bargury has demonstrated how easily Microsoft's Copilot AI can be manipulated to reveal confidential information and automate phishing attacks, raising serious concerns about the security implications of AI chatbots with access to sensitive data. Bargury, cofounder and CTO of security company Zenity, showcased how hackers could exploit Copilot to generate hundreds of targeted phishing emails in...
read Aug 10, 2024Adobe Unveils Content Credentials to Combat Digital Misinformation
The big picture: Adobe's presentation on Content Credentials at the Black Hat cybersecurity conference highlights a significant effort to address the growing challenge of verifying digital media authenticity in an era dominated by AI-generated content and deepfakes. Content Credentials explained: Content Credentials function as digital "nutrition labels" for media, providing cryptographic data to verify image validity and creation details, offering a potential solution to the problem of digital media authenticity. The system tracks modifications made to digital content over time, allowing users to trace the history of changes. Content creators can use this feature to request that their content not...
read Aug 10, 2024Check Point Unveils AI-Powered Security Suite to Combat Cyber Threats
Check Point Software Technologies has introduced a suite of advanced AI-powered security solutions designed to address the evolving landscape of cyber threats and data protection challenges in an era of widespread AI adoption. AI-powered data classification: Check Point's new feature leverages generative AI to prevent business data leaks when using AI applications like ChatGPT. The solution aims to safeguard sensitive information by intelligently classifying data before it is shared with external AI tools. This addresses a growing concern among businesses about inadvertently exposing confidential data through interactions with AI platforms. Enhanced data loss prevention: The Harmony Endpoint Data Loss Prevention...
read Aug 10, 2024Researchers Put AI Models to the Test in Cyber-Warfare Scenarios
The cybersecurity landscape is evolving rapidly with the introduction of large language models (LLMs), prompting researchers to investigate their potential impact on cyber operations and security risks. MITRE's groundbreaking research: MITRE, a renowned organization with over 65 years of federally-funded security research experience, is at the forefront of assessing the capabilities and risks associated with LLMs in cybersecurity scenarios. Researchers are conducting a series of tests to evaluate how unaugmented LLMs perform in various cyber-ops scenarios, including multiple-choice questions and simulated cyberattacks. The tests aim to determine whether LLMs can enhance cyber operations or if they pose new security risks,...
read Aug 10, 2024The Scariest AI-Powered Cyber Threats Presented at Black Hat 2024
The Black Hat 2024 cybersecurity conference highlighted a range of emerging digital threats, from election interference to innovative hacking techniques, underscoring the evolving landscape of cybersecurity challenges faced by individuals, businesses, and governments alike. Election integrity under siege: The looming threat of AI-assisted misinformation campaigns targeting the 50 major elections scheduled for 2024 has become a primary concern for cybersecurity experts and election officials worldwide. Researchers and security professionals at Black Hat emphasized the potential for AI technologies to create and spread highly convincing false information at an unprecedented scale and speed. The intersection of advanced AI capabilities with social...
read Aug 9, 2024Hugging Face Fortifies AI Platform With Advanced Security Suite
Enhanced security for AI development: Hugging Face has introduced a comprehensive set of security features for 2024, aimed at bolstering the protection of AI models, datasets, and user information on its platform. Hub Security Features: Hugging Face has implemented several security measures accessible to all users, enhancing the overall protection of the platform. Fine Grained Tokens allow users to create API tokens with specific permissions, reducing the risk of unauthorized access if a token is compromised. Two Factor Authentication (2FA) adds an extra layer of security by requiring a second form of verification during login. Commit Signing ensures the authenticity...
read Aug 9, 2024Research Shows How Microsoft’s Copilot Can Be Turned Into a Phishing Machine
Microsoft's Copilot AI system, designed to enhance productivity and assist users in various tasks, has been found vulnerable to potential misuse for malicious purposes, according to research presented at the Black Hat security conference. This revelation highlights the growing concerns surrounding AI systems' security, especially when integrated with sensitive corporate data. Automated phishing capabilities: Security researcher Michael Bargury demonstrated how Microsoft's Copilot AI could be manipulated to become an automated spear-phishing machine, capable of drafting personalized malicious emails that mimic a user's writing style. The AI system can be exploited to generate convincing phishing emails by leveraging its access to...
read Aug 8, 2024AI Astrology App Exposes 6 Million Users’ Personal Data
Moonly, an AI-powered astrology app, suffered a significant data breach exposing sensitive information of 6 million users, raising serious privacy concerns and highlighting the vulnerabilities in data security practices of popular mobile applications. The scope of the breach: The data leak affected 6 million users of the Moonly astrology app, compromising a wide range of personal information and potentially exposing users to various security risks. The leaked data included users' GPS coordinates, birth dates, email addresses, and other personal details, potentially revealing home and work addresses. Over 90,000 email addresses were exposed in the breach, further compromising users' online identities...
read Aug 8, 2024Soaring AI Demand is Creating a Multi-Billion Dollar Market for Networking Solutions
Lumen Technologies has secured $5 billion in new contracts for networking and cybersecurity solutions, driven by the rapid adoption of AI technologies across various industries. This significant development highlights the crucial role of telecommunications infrastructure in supporting the ongoing AI revolution. AI-driven demand surge: The increasing implementation of AI technologies by businesses has led to a substantial increase in demand for high-capacity networking solutions. Lumen's new contracts, totaling $5 billion, are primarily with cloud and tech companies seeking to enhance their network capabilities for AI workloads. The company is also in discussions for additional sales opportunities worth $7 billion, indicating...
read Aug 8, 2024USAIIĀ® Brings AI Expertise to Major Cybersecurity Forum
The United States Artificial Intelligence Institute (USAIIĀ®) is set to play a significant role in the upcoming 8th Annual Physical Cyber Convergence Forum Phoenix 2024, bringing artificial intelligence expertise to a major cybersecurity event. Event overview: The Physical Cyber Convergence Forum, scheduled for August 15, 2024, at the Hyatt Regency in Phoenix, aims to bring together security thought leaders to enhance operational efficiency and foster collaboration in the cybersecurity sector. The main forum will be preceded by a pre-conference MSS Forum on August 14, 2024, hosted by PhoenixNap. This annual event serves as a platform for industry professionals to exchange...
read Aug 7, 2024AI-Driven Cybersecurity Takes Center Stage at Upcoming Tech Conferences
AI takes center stage in cybersecurity: This week, the Black Hat and DEF CON conferences in Las Vegas are showcasing the latest advancements in AI-powered cybersecurity, with NVIDIA and its partners at the forefront of these developments. Black Hat conference focuses on AI and machine learning: The Black Hat conference, running through August 8, features a comprehensive lineup of sessions and demonstrations centered on AI's applications in cybersecurity. NVIDIA experts are hosting Machine Learning Training sessions, providing attendees with hands-on experience in leveraging AI for security purposes. Key topics being addressed include the challenges of integrating AI into cybersecurity, ensuring...
read Aug 5, 2024Apple AI Email Filter Mistakenly Flags Phishing Scams as Priority
Emerging security concern: Apple's new AI-powered email filter, Apple Intelligence, is reportedly marking phishing scam emails as priority messages, raising concerns about user safety and the effectiveness of AI in email security. The issue was initially reported by Android Authority and corroborated by multiple Reddit users, highlighting a potentially widespread problem with the new feature. Apple Intelligence, currently in beta, appears to prioritize email content over traditional phishing indicators like sender addresses, potentially increasing the risk of users falling for scams. This misclassification adds an unwarranted layer of legitimacy to fraudulent emails, which could lead to more people becoming victims...
read Aug 1, 2024Cybersecurity and Infrastructure Security Agency Appoints 1st Chief AI Officer
CISA hires inaugural Chief AI Officer, signaling growing importance of AI in federal cybersecurity efforts. Key Development: The Cybersecurity and Infrastructure Security Agency (CISA) has appointed its first-ever Chief AI Officer, following a government-wide mandate issued in March: The hiring of a Chief AI Officer at CISA is particularly noteworthy given the agency's critical role in safeguarding national infrastructure, combating foreign influence operations, and ensuring election cybersecurity. This move comes as part of a broader push across all federal agencies to prioritize AI integration and oversight, with more such appointments expected in the near future. CISA's Unique Position: As the...
read Aug 1, 2024Germany Accuses China of Cyber Attack, US Mulls AI Export Restrictions
Key details of the cyber attack: Germany's Ministry of the Interior and Home Affairs has attributed a 2021 cyber attack on the Federal Office of Cartography and Geodesy (BKG) to China-controlled actors, alleging espionage as the motive: The attackers first compromised devices belonging to private individuals and businesses before infiltrating the BKG's systems. A part of the BKG's network was compromised, but malware was not found elsewhere in the agency's systems, and the attacker was not able to maintain a presence after networks were rebuilt. Germany's strong condemnation: Federal minister of the interior Nancy Faeser issued a stern warning to...
read Jul 31, 2024Google to Demote Websites Harboring Deepfakes
The rapid advancement of AI technology has made it easier for individuals to create non-consensual sexually explicit deepfakes, prompting Google to update its search engine algorithm and removal request process to combat this growing problem. Key Changes to Google's Approach: Google is taking proactive measures to address the issue of unwanted AI deepfakes: The removal request process for victims will be streamlined, making it easier to report and remove such content. When reported AI deepfakes are identified, Google Search will automatically filter out related search results that might appear in the future, reducing the need for repeated reporting of similar...
read Jul 30, 2024Ferrari Exec Targeted in Deepfake Scam
Deepfake technology used in attempt to scam Ferrari executive, highlighting growing trend of AI-powered impersonation attacks targeting businesses. While the attempt was ultimately unsuccessful, the incident underscores the increasing sophistication of these scams and the need for heightened vigilance. The Scam Attempt: A Ferrari executive received seemingly legitimate WhatsApp messages from someone impersonating CEO Benedetto Vigna, discussing a confidential acquisition and requesting the signing of an NDA: The impersonator used a convincing imitation of Vigna's southern Italian accent and had a profile picture of the CEO, adding to the scam's credibility. The fake Vigna claimed to be calling from a...
read Jul 30, 2024Deepfakes and Algorithms: How Bad Actors Weaponize AI to Manipulate Minds
The rise of artificial intelligence (AI) has brought about unprecedented opportunities, but also significant dangers as bad actors exploit the technology to manipulate people and undermine trust in the digital ecosystem. The dark side of AI: Bad actors, from cybercriminals to unethical corporations and rogue states, are weaponizing AI to craft sophisticated strategies that influence individuals and groups, often without their knowledge: Deepfakes, hyper-realistic video or audio recordings that make it appear as if someone is saying or doing something they never did, pose a significant threat to personal reputations and the integrity of information. AI-powered social media bots and...
read Jul 29, 2024CrowdStrike Outage is Wakeup Call to Mitigate AI Hallucination Risks, Cybersecurity Challenges
The recent global IT outage caused by a software update from CrowdStrike and Microsoft, which affected an estimated 8.5 million devices across various sectors, including finance, healthcare, transportation, and media. The incident highlights the risks associated with AI hallucinations and the need for robust cybersecurity measures to ensure the trustworthiness of AI systems. Key takeaways: The global IT outage demonstrates the interconnectedness of cybersecurity, embedded AI, and data in our daily lives: The outage affected critical services in multiple sectors, such as banking, healthcare, transportation, and media, causing widespread disruptions and forcing some organizations to resort to manual processes. The...
read