SecurityWeek
Critical Vulnerability Found in Ray AI Framework
A critical issue in open source AI framework Ray could provide attackers with operating system access to all nodes.
The Record
AI systems ‘subject to new types of vulnerabilities,’ British and US cyber agencies warn
British and U.S. cybersecurity authorities published guidance on Monday about how to develop artificial intelligence systems in a way that will minimize the risks they face from mischief-makers through to state-sponsored hackers.
Security Affairs
Security Affairs newsletter Round 447 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
CyberNews
X bringing headlines back to news links
X owner Elon Musk has had a change of heart about the platform’s new headline policy after his own recent post didn’t make sense.
CyberNews
Exclusive-OpenAI researchers warned board of AI breakthrough ahead of CEO ouster -sources
Ahead of OpenAI CEO Sam Altman’s firing, staff researchers sent the Board a letter warning of a powerful artificial intelligence discovery that could threaten humanity.
CyberNews
Former OpenAI staffers slam CEO Sam Altman in new tell-all letter
Elon Musk is sent an anonymous letter dissing OpenAI’s Sam Altman - allegedly written by former OpenAI employees - and released hours before Altman is reinstated as CEO.
SecurityWeek
Sam Altman is Back as OpenAI CEO Just Days After Being Removed, Along With a New Board
OpenAI reached an agreement for Sam Altman to return to OpenAI as CEO with a new initial board of directors, after he was fired a week prior.
The Hacker News
AI Solutions Are the New Shadow IT
AI Solutions Are the New Shadow IT - Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security Risks
CyberNews
ChatGPT rolls out voice chat feature for all users
Free ChatGPT users can now chat with OpenAI’s chatbot in voice messages.
CyberNews
OpenAI reinstates Sam Altman as CEO
Sam Altman to return as CEO of OpenAI.
CyberNews
OpenAI board, Altman in talks for return of former CEO
Sam Altman and OpenAI's board have opened up discussions to bring back the former CEO and founder of the AI startup, while investors seek legal action.
Ars Technica
95% of OpenAI employees have threatened to quit in standoff with board
OpenAI's future hangs in the balance as staff says they'll join former CEO at Microsoft.
CyberNews
Salesforce and other rivals want to recruit unhappy OpenAI researchers
The recruitment drive has begun. Marc Benioff, CEO of software company Salesforce, has said that he will match the salary of any researcher who resigns from OpenAI.
Ars Technica
OpenAI employees revolt after board names new CEO and Altman heads to Microsoft
Ilya Sutskever announces regret; 505 OpenAI employees sign letter asking board to resign.
CyberNews
Hundreds of OpenAI staff threaten to resign and join Altman at Microsoft
After OpenAI's board confirmed that Sam Altman would not return as the firm’s CEO, most of its employees said they would resign en masse if the decision wasn't reversed.
CyberNews
Best botnet ad? An attack on OpenAI
Anonymous Sudan attacks on OpenAI and Cloudlfare are meant to show the groups' capabilities.
SecurityWeek
Microsoft Hires Sam Altman and OpenAI’s New CEO Vows to Investigate His Firing
Microsoft hired ex-Open AI chief Sam Altman and another architect of OpenAI for a new venture after their sudden departures.
CyberNews
Tech whiz kid Sam Altman is out of OpenAI for good: what happened?
Sam Altman, the ousted CEO of ChatGPT creator OpenAI, will definitely not return to the company he co-founded. It’s time to ask what happened.
CyberNews
Microsoft hires Sam Altman as OpenAI announces his replacement
OpenAI has appointed ex-Twitch boss Emmett Shear to lead the startup, replacing Sam Altman who will join the company's top backer Microsoft to lead a new advanced AI research team, the CEO of the software giant said.
Security Affairs
Security Affairs newsletter Round 446 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Ars Technica
OpenAI board attempts to hit “Ctrl-Z” in talks with Altman to return as CEO
Cleared of malfeasance, Altman's unpopular firing may be undone—if he's interested.
Ars Technica
Details emerge of surprise board coup that ousted CEO Sam Altman at OpenAI
Microsoft CEO Nadella "furious"; OpenAI President and three senior researchers resign.
SecurityWeek
ChatGPT-Maker OpenAI Fires CEO Sam Altman, the Face of the AI Boom, for Lack of Candor With Company
Open AI fired CEO Sam Altman, Mira Murati, OpenAI’s chief technology officer, will take over as interim CEO effective immediately.
Ars Technica
OpenAI President Greg Brockman quits as nervous employees hold all-hands meeting
After Altman firing, Microsoft has "utmost confidence" in partner OpenAI.
Security Affairs
The board of directors of OpenAI fired Sam Altman
OpenAI fired its CEO Sam Altman, and the Chief technology officer Mira Murati appointed interim CEO to lead the company.
CyberNews
OpenAI CEO Sam Altman asked to step down
OpenAI has announced that its CEO Sam Altman is leaving the company after board members determined he was no longer fit for the role.
Ars Technica
“Hallucinating” AI models help coin Cambridge Dictionary’s word of the year
Cambridge: "When an artificial intelligence hallucinates, it produces false information."
SecurityWeek
Over a Dozen Exploitable Vulnerabilities Found in AI/ML Tools
Bug hunters uncover over a dozen exploitable vulnerabilities in tools used to build chatbots and other types of AI/ML models.
Ars Technica
“Make It Real” AI prototype wows devs by turning drawings into working software
Designer: "I think I need to go lie down."
Ars Technica
Unauthorized “David Attenborough” AI clone narrates developer’s life, goes viral
"We observe the sophisticated Homo sapiens engaging in the ritual of hydration."
Bleeping Computer
How DDoS attacks are taking down even the largest tech companies
DDoS attacks are increasingly taking down even the largest tech companies. Learn more Specops Software on these types of attacks and how you can protect your devices from being recruited into botnets.
Ars Technica
From toy to tool: DALL-E 3 is a wake-up call for visual artists—and the rest of us
AI image synthesis is getting more capable at executing ideas, and it's not slowing down.
Ars Technica
Microsoft launches custom chips to accelerate its plans for AI domination
Amid GPU shortages, Microsoft reaches for custom silicon to run its AI language models.
Ars Technica
Bing Chat is now “Microsoft Copilot” in potentially confusing rebranding move
Microsoft: "Soon there will be a Copilot for everyone and for everything you do."
SecurityWeek
Addressing the State of AI’s Impact on Cyber Disinformation/Misinformation
The rise of AI-powered disinformation presents an immense challenge to society’s ability to discern fact from fiction.
SecurityWeek
Google Suing Cybercriminals Who Delivered Malware via Fake Bard Downloads
Google files a lawsuit against cybercriminals who delivered account-hijacking malware by offering fake Bard AI downloads.
Trend Micro
A Closer Look at ChatGPT's Role in Automated Malware Creation
This blog entry explores the effectiveness of ChatGPT's safety measures, the potential for AI technologies to be misused by criminal actors, and the limitations of current AI models.
Ars Technica
Nvidia introduces the H200, an AI-crunching monster GPU that may speed up ChatGPT
The H200 will likely power the next generation of AI chatbots and art generators.
CyberNews
OpenAI seeks partnerships to get access to publicly unavailable data
The AI company has announced a search for partnerships with organizations to produce public and private datasets for training AI models.
Cyber Security News
ChatGPT-Powered Malware Attacking Cloud Platforms to Steal Login Credentials
Threat actors can ChatGPT to generate convincing phishing emails or deceptive content that encourages users to download malware.
Infosecurity News
OpenAI Reveals ChatGPT Is Being DDoS-ed
OpenAI has admitted DDoS attacks are the cause of intermittent ChatGPT outages since November 8
Bleeping Computer
OpenAI confirms DDoS attacks behind ongoing ChatGPT outages
During the last 24 hours, OpenAI has been addressing what it describes as "periodic outages" linked to DDoS attacks affecting its API and ChatGPT services.
The Record
Biden AI order could lead to reforms in how federal agencies work with data brokers
A little-noticed provision of the Biden administration’s recently issued executive order on artificial intelligence could lead to important reforms of the federal government’s data collection practices, experts say.
Infosecurity News
Predator AI ChatGPT Integration Poses Risk to Cloud Services
This integration reduces reliance on OpenAI’s API while streamlining the tool’s functionality
Bleeping Computer
ChatGPT back online after major OpenAI systems outage
OpenAI's AI-powered ChatGPT large language model-based chatbot is down because of a major ongoing outage that also took down the company's Application Programming Interface (API).
Bleeping Computer
ChatGPT down after major outage impacting OpenAI systems
OpenAI's AI-powered ChatGPT large language model-based chatbot is down because of a major ongoing outage that also took down the company's Application Programming Interface (API).
Bleeping Computer
OpenAI confirms it's not killing off ChatGPT plugins for now
During its inaugural developer conference, OpenAI unveiled GPTs, short for Generative Pre-trained Transformers. These custom versions of ChatGPT are designed to be shaped by and for individual users, whether for recreational or professional use, and can be shared with others.
The Hacker News
Offensive and Defensive AI: Let’s Chat(GPT) About It
Get the full story on the dangers of the rapidly growing consumer application, ChatGPT, and learn how to resist cyber crime.
Ars Technica
OpenAI introduces GPT-4 Turbo: Larger memory, lower cost, new knowledge
Novel-sized context window, DALL-E 3 API, more announced on OpenAI DevDay 2023.
Ars Technica
OpenAI introduces custom AI assistants called “GPTs” that play different roles
Users can build and share custom-defined roles—from math mentor to sticker designer.
Infosecurity News
UK AI Safety Institute: A Blueprint for the Future of AI?
The UK Frontier AI Taskforce is evolving to become the UK AI Safety Institute
Infosecurity News
Forrester: GenAI Will Lead to Breaches and Privacy Fines in 2024
Analyst warns that risks of using the technology will become apparent
Computerworld
Q&A: Cisco CIO sees AI embedded in every product and process
After little more than a year on the job, Cisco CIO Fletcher Previn can already see that AI will create productivity and efficiency gains well worth the money spent on developing domain-specific models to address internal and external business plans.
Ars Technica
“Catastrophic” AI harms among warnings in declaration signed by 28 nations
"Bletchley Declaration" sums up first day of UK's international AI Safety Summit.
SecurityWeek
Countries at a UK Summit Pledge to Tackle AI’s Potentially ‘Catastrophic’ Risks
The AI Safety Summit focused on cutting-edge “frontier” AI that some scientists warn could pose a risk to humanity’s very existence.
Infosecurity News
28 Countries Sign Bletchley Declaration on Responsible AI
The 28 signatories of the Bletchley Declaration agreed on an international network of scientific research on ‘frontier AI’ safety
SecurityWeek
Cutting-Edge AI Raises Fears About Risks to Humanity. Are Tech and Political Leaders Doing Enough?
Many people are raising the alarm about AI’s as-yet-unknown dangers and calling for safeguards to protect people from its existential threats.
Ars Technica
Biden issues sweeping executive order that touches AI risk, deepfakes, privacy
Order details US admin's approach to AI safety, media authenticity, job loss, and more.
SecurityWeek
Biden Wants to Move Fast on AI Safeguards and Will Sign an Executive Order to Address His Concerns
Joe Biden's executive order on artificial intelligence (AI) will require industry to develop safety and security standards, add consumer protections and give federal agencies an extensive to-do list.
Computerworld
‘Data poisoning’ anti-AI theft tools emerge — but are they ethical?
New tools that can corrupt digitized artwork and other copyrighted materials are emerging to thwart generative AI models that scrape the internet to learn and provide content.
Ars Technica
People are speaking with ChatGPT for hours, bringing 2013’s Her closer to reality
Long mobile conversations with the AI assistant using AirPods echo the sci-fi film.
Infosecurity News
Generative AI A Boon for Organizations Despite the Risk
Experts highlighted the ways generative AI tools can help security teams, and how to mitigate the risks they pose
The Hacker News
Google Expands Its Bug Bounty Program to Tackle Artificial Intelligence Threats
Google is expanding its Vulnerability Rewards Program (VRP) to reward researchers for discovering attack scenarios targeting generative artificial int
SecurityWeek
Google Announces Bug Bounty Program and Other Initiatives to Secure AI
Google announces a bug bounty program and other initiatives for increasing the safety and security of artificial intelligence (AI)
Ars Technica
University of Chicago researchers seek to “poison” AI art generators with Nightshade
Altered images could destroy AI model training efforts that scrape art without consent.
Computerworld
White House to issue AI rules for federal employees
President Biden is expected to announce new rules requiring government agencies to more fully assess AI tools to ensure they're safe and don't expose sensitive information. The government is also expected to loosen immigration policies for tech-savvy workers.
Ars Technica
Stanford researchers challenge OpenAI, others on AI transparency in new report
Researchers say "most transparent" AI model scores only 54% on their index.
Ars Technica
Thanks to AI, the future of programming may involve YELLING IN ALL CAPS
Politeness and emphasis play a surprising role in AI-model communications.
SecurityWeek
Philippine Military Ordered to Stop Using Artificial Intelligence Apps Due to Security Risks
Philippine defense chief ordered military personnel to stop using applications that use AI to create portraits, citing security risks.
SecurityWeek
Harmonic Lands $7M Funding to Secure Generative AI Deployments
The British startup is working on software to mitigate against the ‘wild west’ of unregulated AI apps harvesting company data at scale.
CSO
Prevalent introduces Alfred, a generative AI butler for risk management
The AI-based risk assessment tool is the latest in a new wave of AI products sweeping into the security market.
Ars Technica
At TED AI 2023, experts debate whether we’ve created “the new electricity”
Is AI going to replace us all, or is it just humanity's newest tool?
Ars Technica
AI chatbots can infer an alarming amount of info about you from your responses
This troubling ability could be used by scammers or to target ads.
DarkReading
Chatbot Offers Roadmap for How to Conduct a Bio Weapons Attack
Once ethics guardrails are breached, generative AI and LLMs could become nearly unlimited in its capacity to enable evil acts, researchers warn.
CyberNews
"AI would've invented Bitcoin": is BTC and AI a match made in heaven?
AI and Bitcoin are a potentially perfect match as both technologies continue to scale
Ars Technica
Adobe’s AI image generators get beefy updates, including vector graphics
Firefly 2 improves detail, Firefly Vector generates scalable vectors from a prompt.
Cyber Security News
ChatGPT, FraudGPT, and WormGPT Plays A Vital Role in Social Engineering Attacks
In cybersecurity's evolution, generative AI models like ChatGPT, FraudGPT, and WormGPT bring innovation and new challenges.
Ars Technica
Tired of shortages, OpenAI considers making its own AI chips
At an estimated 4 cents per ChatGPT query, OpenAI looks for cheaper AI chip solutions.
Cyber Security News
OpenAI is reportedly developing its Own AI chips
The maker of ChatGPT, OpenAI, is looking at making its own artificial intelligence chips, which are necessary for operating the highly popular chatbot.
Ars Technica
AI firms working on “constitutions” to keep AI from spewing toxic content
Broken guardrails for AI systems lead to push for new safety measures .
Ars Technica
Deepfake celebrities begin shilling products on social media, causing alarm
Hanks and other celebrities have recently become targets of AI-powered ad scams.
Bleeping Computer
ShellTorch flaws expose AI servers to code execution attacks
A set of critical vulnerabilities dubbed 'ShellTorch' in the open-source TorchServe AI model-serving tool impact tens of thousands of internet-exposed servers, some of which belong to large organizations.
Ars Technica
Researchers show how easy it is to defeat AI watermarks
Adding fake watermarks to real images, evading current watermarking methods is not hard.
The Record
Amazon warns of ‘ShellTorch’ issue affecting code related to AI models
Researchers with Israeli firm Oligo published information about three critical issues with TorchServe, a part of the PyTorch project overseen by Amazon and Meta. The code helps companies build AI models into their businesses.
Ars Technica
Dead grandma locket request tricks Bing Chat’s AI into solving security puzzle
"I'm sure it's a special love code that only you and your grandma know."
Ars Technica
Meta launches consumer AI chatbots with celebrity avatars in its social apps
WhatsApp, Instagram add animated AI chat avatars, including Snoop Dogg as dungeon master.
Ars Technica
Jony Ive and OpenAI’s Altman reportedly collaborating on mysterious AI device
Despite total lack of specifics, rumored collaboration has everyone guessing.
Ars Technica
Spotify tests using AI to automatically clone and translate podcast voices
Feature hopes to remove language barriers, but will speakers know if translations are faulty?
Ars Technica
Can you melt eggs? Quora’s AI says “yes,” and Google is sharing the result
Incorrect AI-generated answers are forming a feedback loop of misinformation online.
CyberSecurity Dive
AWS bets on accuracy in generative AI deployment race
The cloud giant is taking a full-stack approach to generative AI, which doubles down on security and reliable results.
Ars Technica
ChatGPT update enables its AI to “see, hear, and speak,“ according to OpenAI
Image recognition and voice features aim to make the AI bot's interface more intuitive.
Ars Technica
Getty Images subscribers to get access to AI image generator
Getty will indemnify customers against lawsuits and pay artists on "recurring basis."
Computerworld
Q&A: How one CSO secured his environment from generative AI risks
Having a plan in place before deploying genAI for software product development and employee assistance tools is critical, says Navan CSO Prabhath Karanth. Otherwise, the threat potential is high.
Computerworld
ServiceNow embeds AI-powered customer-assist features throughout products
ServiceNow's new chatbot works across applications and can summarize customer service interactions and perform case, incident, and agent chat summarizations; act as a virtual agent; and perform search functions.
Ars Technica
OpenAI’s new AI image generator pushes the limits in detail and prompt fidelity
With better response to details and text, DALL-E 3 hopes to make prompt engineering obsolete.
CyberSecurity Dive
AI is entering the enterprise application security tool stack
Reports from Gartner and Rackspace show a broad enterprise appetite to weave AI into the tool stack, especially across application security.
Cyber Security News
ChatGPT-Powered Malware Analysis
An interactive online malware analysis sandbox ANY.RUN has recently introduced a new ChatGPT AI-driven detection approach.
Ars Technica
Google’s AI assistant can now read your emails, plan trips, “double-check” answers
Google admits that Bard isn't always accurate; ropes in Gmail through new Extensions.
SecurityWeek
HiddenLayer Raises Hefty $50M Round for AI Security Tech
Texas startup attracts major investor interest to build an MLMDR (machine learning detection and response) technology.
SecurityWeek
Venafi Leverages Generative AI to Manage Machine Identities
Venafi launched a proprietary generative AI model to help with the mammoth, complex, and expanding problem of managing machine identities.
SecurityWeek
Microsoft AI Researchers Expose 38TB of Data, Including Keys, Passwords and Internal Messages
Exposed data includes backup of employees workstations, secrets, private keys, passwords, and over 30,000 internal Microsoft Teams messages.
SecurityWeek
Distributed Energy Resources Get Cybersecurity Boost with $39M DOE Funding
The US Department of Energy gives $39 million in funding for nine projects to advance the cybersecurity of distributed energy resources.
SecurityWeek
SecurityWeek to Host Cyber AI & Automation Summit
Cyber AI Summit will explore cybersecurity use-cases for artificial intelligence (AI) technology and the race to protect LLM algorithms from adversarial use.
Infosecurity News
Cyber-criminals “Jailbreak” AI Chatbots For Malicious Ends
SlashNext research shows that most of these tools connect to jailbroken versions of public chatbots
Ars Technica
Microsoft offers legal protection for AI copyright infringement challenges
"Some customers are concerned about the risk of IP infringement claims," says Microsoft.
Ars Technica
The AI-assistant wars heat up with Claude Pro, a new ChatGPT Plus rival
For $20 a month, Claude fans can get 5x higher usage limits, early access to new features.
Ars Technica
OpenAI admits that AI writing detectors don’t work
No detectors "reliably distinguish between AI-generated and human-generated content."
Ars Technica
OpenAI’s first-ever dev conference hopes to draw “hundreds of developers” in November
In-person event will have livestreamed keynote, show company's "latest work."
Computerworld
GenAI in productivity apps: What could possibly go wrong?
In addition to controlling the use of ChatGPT and other standalone tools, companies now have to grapple with generative AI being built into the productivity apps their employees use every day.
The Hacker News
Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising
Cybercriminals are exploiting social media ads on Meta-owned Facebook for malware distribution. With fraudulent ads, they're targeting businesses and
Cyber Security News
Threat and Vulnerability Roundup for the week of August 27th to September 2nd
The latest attack techniques, significant weaknesses, and exploits have all been highlighted. We also provide the most latest software upgrades available to keep your devices secure.
Ars Technica
Thorny AI ownership questions have Copyright Office seeking public input
Should AI-created works be copyrighted? US regulators want to know what you think.
Ars Technica
Research builds anti-Russia AI disinformation machine for $400
AI makes it cheap and easy to create propaganda at scale.
The Hacker News
How to Prevent ChatGPT From Stealing Your Content & Traffic
ChatGPT and similar AI models are empowering cybercriminals to launch damaging attacks on online businesses. Learn how they're leveraging these tools
Infosecurity News
OpenAI Promises Enterprise-Grade Security with ChatGPT for Business
OpenAI has launched ChatGPT Enterprise highlighting high-profile customers including Klarna, PwC and The Estee Lauder Companies
Cyber Security News
OpenAI Released ChatGPT Enterprise With SOC 2 Compliant & Data Encryption
ChatGPT has released a new enterprise version which is claimed to be SOC 2 compliant with Enterprise-grade security & higher-speed ChatGPT-4 access.
SecurityWeek
OpenAI Turns to Security to Sell ChatGPT Enterprise
ChatGPT Enterprise promises “enterprise-grade security” and a commitment not to use prompts and company data to train AI models.
Cyber Security News
How Hackers Abusing ChatGPT Features For Their Cybercriminal Activities - Bypass Censorship
Cybersecurity analysts at Trend Micro, Europol, and UNICRI jointly studied criminal AI exploitation, releasing the "Malicious Uses and Abuses of Artificial Intelligence".
Ars Technica
The new spreadsheet? OpenAI introduces ChatGPT Enterprise for businesses
Unlimited GPT-4, encryption, 32K context, and more. Will it become an essential tool?
Ars Technica
10X coders beware: Meta’s new AI model boosts coding and debugging for free
New weights-available coding model is free for research and commercial use.
The Record
Privacy regulators tell social media companies to fear the scrapers
Social media companies and other businesses have an obligation to protect users’ publicly available information from data scrapers that gather it for unintended purposes, an international group of privacy regulators said Thursday.
Ars Technica
You can now train ChatGPT on your own documents via API
Developers can now bring their own data to customize GPT-3.5 Turbo outputs.
Ars Technica
Meta’s “massively multilingual” AI model translates up to 100 languages, speech or text
Meta aims for a universal translator like "Babel Fish" from Hitchhiker’s Guide.
Ars Technica
Crypto botnet on X is powered by ChatGPT
AI can be very easily harnessed to produce and disseminate misinformation.
Computerworld
Why and how to create corporate genAI policies
Adoption of generative AI is happening at a breakneck pace, but potential threats posed by the technology will require organizations to set up guardrails to protect sensitive data and customer privacy — and to avoid running afoul of regulators.
SecurityWeek
Israel, US to Invest $4 Million in Critical Infrastructure Security Projects
Israel and US have announced plans to invest close to $4 million in projects to improve the security of critical infrastructure systems.
Infosecurity News
UK’s AI Safety Summit Scheduled For Early November
Experts welcome efforts to safeguard society from emerging technologies
Ars Technica
Microsoft AI suggests food bank as a “cannot miss” tourist spot in Canada
AI-penned Microsoft Travel article recommends food bank as a must-see destination.
SecurityWeek
Google Brings AI Magic to Fuzz Testing With Eye-Opening Results
Google sprinkles magic of generative-AI into its open source fuzz testing infrastructure and finds immediate success with code coverage.
Ars Technica
An Iowa school district is using ChatGPT to decide which books to ban
Official: "It is simply not feasible to read every book" for depictions of sex.
Ars Technica
AI chatbot scares Snapchat users by posting mysterious video
"I swear I thought that was my wall."
The Record
Senator calls on Google, OpenAI and others to commit to AI safeguards
The chairman of the Senate Select Committee on Technology renewed calls on Wednesday for the world’s leading artificial intelligence companies to prioritize safety and security in their products, saying that voluntary commitments recently agreed to by a range of companies fall short in reducing risks.
Ars Technica
The New York Times prohibits AI vendors from devouring its content
The paper of record pokes holes in the absorb-everything AI business model.
.webp)
Cyber Security News
Threat and Vulnerability Roundup for the week of August 6th to 12th
Join us at Cyber Writes for our weekly Threat and Vulnerability Roundup, where we provide the latest updates on cybersecurity news. Keep yourself informed and stay ahead of potential threats with our comprehensive coverage.
Ars Technica
Sites scramble to block ChatGPT web crawler after instructions emerge
Restrictions don't apply to current OpenAI models, but will affect future versions.
DarkReading
Security Pressures Mount Around AI's Promises & Peril
Both threats to enterprises and career opportunities are being created by the escalation of generative AI and ChatGPT, warns Maria 'Azeria' Markstedter.
Ars Technica
Zoom updates terms of service to clarify that it won’t use your calls to train AI
Vague ToS previously implied that customer data could be used for AI training.
Infosecurity News
Security Risks to Boom in the Era of Widespread Generative AI Adoption
Enterprise usages of generative AI are what is going to turn the threat model of many organizations upside down, Maria Markstedter argued during her speech at Black Hat USA
Ars Technica
AI-powered grocery bot suggests recipe for toxic gas, “poison bread sandwich”
New Zealand grocery chain bot suggests harmful things when given silly ingredients.
Infosecurity News
DARPA Challenges AI Pros to Safeguard US Infrastructure
The AI Cyber Challenge is sponsored by DARPA, Google, Microsoft, OpenAI, Anthropic and the Open Source Security Foundation
Security Affairs
US Govt launches Artificial Intelligence Cyber Challenge
The US Government House this week launched an Artificial Intelligence Cyber Challenge competition for creating a new generation of AI systems. On Wednesday, the United States Government House introduced an Artificial Intelligence Cyber Challenge competition. The two-year competition aims to foster the development of innovative AI systems that can protect critical applications from cyber threats. […]
DarkReading
DARPA Launches 2-Year Contest to Build AI Tools to Fix Vulnerabilities
A challenge will be offered to teams to build tools using AI in order to solve open source's vulnerability challenges.
SecurityWeek
White House Offers Prize Money for Hacker-Thwarting AI
The White House launched a competition for creating new artificial intelligence systems that can defend critical software from hackers.
Cyber Security News
Microsoft Added GPT-4 and GPT-35-Turbo to businesses Azure AI Infrastructure
Azure announced the global expansion of Azure OpenAI Service, including GPT-4 and GPT-35-Turbo, to its customers across the world.
CyberSecurity Dive
White House launches AI cyber competition to fix software vulnerabilities
In partnership with OpenAI, Anthropic, Google and Microsoft, participants will have access to top AI companies’ technology for designing new cybersecurity solutions.
Ars Technica
Google, record labels working on deal covering musical “deepfakes”
Prepare for more cover songs like Johnny Cash singing Barbie Girl.
Ars Technica
Pope warns of AI risks so “violence and discrimination does not take root”
Papal communiqué warns of AI produced "at the expense of the most fragile and excluded."
SecurityWeek
Microsoft Shares Guidance and Resources for AI Red Teams
Microsoft has shared guidance and resources from its AI Red Team program to help organizations and individuals with AI security.
Ars Technica
Open source “AudioCraft” can make dogs bark and symphonies soar from text using AI
Meta's suite of three AI models can create sound effects and music from descriptions.
CyberScoop
Deputy National Security Advisor Anne Neuberger on addressing the security threats of AI
The deputy national security adviser for cyber and emerging technologies discusses how to mitigate AI's disinformation threat.
Ars Technica
Researchers figure out how to make AI misbehave, serve up prohibited content
Adversarial attack involves using text strings and may be unstoppable.
Infosecurity News
Microsoft Accused of Negligence in Recent Email Compromise
In an open letter, Senator Ron Wyden urged federal agencies to investigate Microsoft following a Chinese campaign that compromised US government emails
Infosecurity News
OpenAI, Microsoft, Google and Anthropic Form Body to Regulate AI
Four generative AI pioneers launched the Frontier Model Forum, which will focus on ‘safe and responsible’ creation of new AI models
Ars Technica
OpenAI discontinues its AI writing detector due to “low rate of accuracy”
Research shows that any AI writing detector can be defeated—and false positives abound.
Infosecurity News
Dark Web Markets Offer New FraudGPT AI Tool
The tool can craft phishing emails, create undetectable malware and identify vulnerable sites
Ars Technica
Pocket assistant: ChatGPT comes to Android
OpenAI brings the popular AI language model to an official Android client app.
Ars Technica
Major AI companies form group to research, keep control of AI
Skeptics say Anthropic, Google, Microsoft and OpenAI hope to avoid regulation.
The Hacker News
New AI Tool 'FraudGPT' Emerges, Tailored for Sophisticated Attacks
FraudGPT, the latest cybercrime AI tool, is being sold on dark web marketplaces and Telegram channels.
The Hacker News
Rust-based Realst Infostealer Targeting Apple macOS Users' Cryptocurrency Wallets
A new malware family called Realst is targeting Apple macOS systems, including macOS 14 Sonoma! Written in Rust programming language.
DarkReading
ChatGPT, Other Generative AI Apps Prone to Compromise, Manipulation
Researchers find artificial intelligence applications that use large language models could be compromised by attackers using natural language to dupe users.
DarkReading
'FraudGPT' Malicious Chatbot Now for Sale on Dark Web
The subscription-based, generative AI-driven offering joins a growing trend toward "generative AI jailbreaking" to create ChatGPT copycat tools for cyberattacks.
Bleeping Computer
Over 400,000 corporate credentials stolen by info-stealing malware
The analysis of nearly 20 million information-stealing malware logs sold on the dark web and Telegram channels revealed that they had achieved significant infiltration into business environments.
Ars Technica
ChatGPT’s new personalization feature could save users a lot of time
Beta feature allows ChatGPT to remember key details with less prompt repetition.
Infosecurity News
Biden-Harris Administration Secures AI Commitments For Safety
Amazon, Anthropic, Google, Inflection, Meta, Microsoft and OpenAI all joined the initiative
Bleeping Computer
How is the Dark Web Reacting to the AI Revolution?
Cybercriminals are already utilizing and creating malicious tools based on open source AI language models for phishing and malware development. Learn more from Flare about how threat actors are beginning to use AI.
SecurityWeek
Tech Titans Promise Watermarks to Expose AI Creations
The White House said OpenAI and others in the AI race have committed to making technology safer with features such as watermarks on fabricated images.
CyberSecurity Dive
White House secures safety commitments from 7 AI companies
OpenAI, Microsoft and Google are among the companies committing to robust testing and investments in cybersecurity safeguards to defend AI models prior to release.
Ars Technica
Google demos “unsettling” tool to help journalists write the news
"Genesis" will seek to assist journalists, not replace them—yet.
Infosecurity News
Half of AI Open Source Projects Reference Buggy Packages
Study also finds LLMs are poor at detecting malicious code
Ars Technica
Study claims ChatGPT is losing capability, but some experts aren’t convinced
Either way, experts think OpenAI should be less opaque about its AI model architecture.
CSO
Dependencies in LLM packages open apps to vulnerabilities: Report
Open-source packages with large language model (LLM) capabilities have many dependencies that make calls to security-sensitive APIs, according to a new Endor Labs report.
Bleeping Computer
OpenAI credentials stolen by the thousands for sale on the dark web
Threat actors are showing an increased interest in generative artificial intelligence tools, with hundreds of thousands of OpenAI credentials for sale on the dark web and access to a malicious alternative for ChatGPT.
SecurityWeek
Security Awareness Training Isn’t Working - How Can We Improve It?
Security awareness training doesn’t protect all industries and all people all the time, and social engineering is getting better.
Ars Technica
Report: OpenAI holding back GPT-4 image features on fears of privacy issues
GPT-4's image capabilities can recognize certain individuals, according to NYT.
Ars Technica
Meta launches Llama 2, an open source AI model that allows commercial applications
A family of pretrained and fine-tuned language models in sizes from 7 to 70 billion parameters.
CSO
WormGPT: a generative AI tool to compromise business emails
WormGPT presents itself as a black-hat alternative to GPT models, designed specifically for malicious activities, according to SlashNext.
Cyber Security News
PentestGPT - A ChatGPT Empowered Automated Penetration Testing Tool
This PentestGPT tool is wholly based on ChatGPT, and it helps the penetration testers perform several complicated security testing.
The Hacker News
WormGPT: New AI Tool Allows Cybercriminals to Launch Sophisticated Cyber Attacks
A new generative AI cybercrime tool called WormGPT is making waves in underground forums. It empowers cybercriminals to automate phishing attacks.
Ars Technica
Chasing defamatory hallucinations, FTC opens investigation into OpenAI
FTC sends 20-page info request over fears of "false, misleading, or disparaging" generations.
Ars Technica
Musk announces new AI company that seeks to “understand the universe”
xAI will feature veterans from DeepMind, Google, Microsoft, and Tesla.
Ars Technica
OpenAI’s most powerful chatbot API rolls out for all paying customers
Dropping waitlist, devs can build the GPT-4 language model into their apps.
Ars Technica
Sarah Silverman sues OpenAI, Meta for being “industrial-strength plagiarists”
AI models allegedly trained on books copied from popular pirate e-book sites.
Computerworld
OpenAI launches new alignment division to tackle risks of superintelligent AI
The makers of ChatGPT have announced the company will be dedicating 20% of its compute processing power over the next four years to stop superintelligent AI from “going rogue."
Cyber Security News
ChatGPT to ThreatGPT: Generative AI Impact in Cybersecurity and Privacy
ChatGPT to ThreatGPT - Generative AI Impact in Privacy. The evolution of organizational cybersecurity offers both power and threat.
Trend Micro
ChatGPT Shared Links and Information Protection
Since its initial release in late 2022, the AI-powered text generation tool known as ChatGPT has been experiencing rapid adoption rates from both organizations and individual users. However, its latest feature, known as Shared Links, comes with the potential risk of unintentional disclosure of confidential information.
CyberSecurity Dive
Rubrik, Microsoft partner to leverage generative AI for faster incident response
The collaboration will integrate Rubrik Security Cloud with Microsoft Sentinel and Azure OpenAI Service.
The Hacker News
How Generative AI Can Dupe SaaS Authentication Protocols — And Effective Ways To Prevent Other Key AI Risks in SaaS
Generative AI poses major security risks to enterprises. Threat actors can exploit it to hack weak SaaS authentication protocols, jeopardizing sensiti
Latest Hacking News
100,000 Stolen ChatGPT Account Credentials Found on Dark Web
In the span of a year leading up to May 2023, over 100,000 stolen ChatGPT account credentials have been found on various dark web marketplaces. This alarming trend was discovered by researchers at Group-IB, who
The Hacker News
Over 100,000 Stolen ChatGPT Account Credentials Sold on Dark Web Marketplaces
Over 100,000 OpenAI ChatGPT account credentials have been compromised and sold on the dark web. Cybercriminals are targeting the valuable information.
Ars Technica
EU votes to ban AI in biometric surveillance, require disclosure from AI systems
Nonbinding EU draft AI law gets tougher, but it's still open to negotiation.
Infosecurity News
EU Passes Landmark Artificial Intelligence Act
The European Parliament adopted the latest draft of the legislation with an overwhelming majority
Ars Technica
OpenAI rolls out big chatbot API upgrades for developers
API updates include 4x larger conversation memory for GPT-3.5 and function calling.
Infosecurity News
Hackers Impersonate Hacks to Steal Millions
Pink Drainer group has targeted hundreds of victims so far
Bleeping Computer
Hackers steal $3 million by impersonating crypto news journalists
A hacking group tracked as 'Pink Drainer' is impersonating journalists in phishing attacks to compromise Discord and Twitter accounts for cryptocurrency-stealing attacks.
Ars Technica
UK’s plans for “first global summit” on AI safety draw criticism
Announcement does not include "a single voice from civil society or academia," says critic.
Infosecurity News
Microsoft Brings OpenAI Tech to US Agencies
The capabilities will expedite content generation and enhance decision-making processes
ZDNet
Singapore identifies six generative AI risks, sets up foundation to guide adoption
AI Verify Foundation will develop test toolkits that mitigate the risks of AI.
Cyber Security News
ChatGT May Create Deadly Polymorphic Malware That Evades EDR
From handling simple inquiries to instantly generating written works and even developing original software programs, including malware, ChatGPT proves to be an all-encompassing solution. However, this advancement also introduces the potential for a dangerous new cyber threat. Traditional security solutions such as EDRs harness multi-layered data intelligence systems to combat the highly sophisticated threats prevalent […]
Infosecurity News
New ChatGPT Attack Technique Spreads Malicious Packages
Vulcan Cyber's Voyager18 research team called the technique
Computerworld
Governments worldwide grapple with regulation to rein in AI dangers
As generative AI revolutionizes tech, governments around the world are trying to come up with regulations that encourage its benefits while minimizing risks such as bias and disinformation.