Google: Malware abusing API is standard token theft, not an API issue
Google is downplaying reports of malware abusing an undocumented Google Chrome API to generate new authentication cookies when previously stolen ones have expired. [...]
Explore the intersection of AI and cybersecurity. Stay informed on AI-driven security trends, tools, and threats in the ever-evolving digital landscape.
Search across headline titles and summaries.
Background for this topic.
Artificial intelligence (AI) describes computer systems that perform tasks such as recognizing patterns, making predictions, understanding language, or generating content. In security reporting, the term commonly includes machine-learning models used for detection and analysis, as well as generative AI applications that produce text, code, images, or other outputs.
AI can help analyze security telemetry, prioritize vulnerabilities, and support investigations, but its outputs can be wrong or manipulated. Important attack surfaces include prompt injection that steers an application into unintended actions, sensitive data being exposed through prompts or model outputs, and excessive permissions granted to AI systems that use external tools. Models can also be degraded by poisoned training data or evaded with carefully crafted inputs. Practitioners should protect training and operational data, limit model access and tool permissions, test for adversarial behavior, and require appropriate human validation before high-impact decisions.
Google is downplaying reports of malware abusing an undocumented Google Chrome API to generate new authentication cookies when previously stolen ones have expired. [...]
Data-Poisoning Attacks Are Critical Threat to Machine Learning Security, NIST WarnsMachine learning systems continue are vulnerable to cyberattacks that could allow hackers to evade security and prompt data leaks, scientists at the National Institute of Standards and Technology warned. There is "no foolproof defense" against some of these attacks, researchers said.
If AI Voice Cloning Can't Be Stopped, That Would Serve as Red Flag for PolicymakersDo you have what it takes to build defenses that can easily and reliably spot voice cloning that is generated using artificial intelligence tools? If so, the U.S. Federal Trade Commission wants you to apply to its Voice Cloning Challenge, which promises a top prize of $25,000.
If AI Voice Cloning Can't Be Stopped, That Would Serve as Red Flag for PolicymakersDo you have what it takes to build defenses that can easily and reliably spot voice cloning generated using artificial intelligence tools? If so, the U.S. Federal Trade Commission wants you to apply to its Voice Cloning Challenge, which promises a top prize of $25,000.
This effort is the first step in NIST’s broader mission to support the development of trustworthy AI
Healthcare CISOs must recognize the real and imminent threat of AI-fueled cyberattacks and take proactive steps, including the deployment of AI-based security tools, to protect patient data and critical healthcare services, said Troy Hawes, managing director at consulting firm Moss Adams.
AI, machine learning and large language models are not new, but they are coming to fruition with the mass adoption of generative AI. For cybersecurity professionals, these are "exciting times we live in," said Dan Grosu, CTO and CISO at Information Security Media Group.
HealthEC Hack Also Compromised More Than a Dozen US Healthcare SystemsA hacking incident at a New Jersey-based vendor of artificial intelligence-enabled population health management services that involved a network server has affected more than a dozen of its healthcare clients across the country and nearly 4.5 million of their patients.
Genpact VP of Payments Kristine Demareski on Harnessing Generative AIThere are many potential uses for generative AI at financial services firms, but few are more promising than those in the areas of risk and fraud, said Kristine Demareski, vice president of payments at Genpact, which is already harnessing AI to increase efficiencies in analysts' decision-making.
The U.S. Federal Trade Commission (FTC) has started accepting submissions for its Voice Cloning Challenge, a public competition with a $25,000 top prize for ideas that protect consumers from the danger of AI-enabled voice cloning for fraudulent activity. [...]
Artificial intelligence (AI) is constantly evolving. How can security executives plan for something so unpredictable?
With more than three-quarters of countries adopting some form of data localization and, soon, three-quarters of people worldwide protected by privacy rules, companies need to take care.
AI may be inherently insecure, but only a handful of startups have put forward real visions to mitigate AI's threats and keep data private.