Security news aggregator

Latest coverage for Artificial Intelligence

Explore the intersection of AI and cybersecurity. Stay informed on AI-driven security trends, tools, and threats in the ever-evolving digital landscape.

27 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Artificial intelligence (AI) describes computer systems that perform tasks such as recognizing patterns, making predictions, understanding language, or generating content. In security reporting, the term commonly includes machine-learning models used for detection and analysis, as well as generative AI applications that produce text, code, images, or other outputs.

AI can help analyze security telemetry, prioritize vulnerabilities, and support investigations, but its outputs can be wrong or manipulated. Important attack surfaces include prompt injection that steers an application into unintended actions, sensitive data being exposed through prompts or model outputs, and excessive permissions granted to AI systems that use external tools. Models can also be degraded by poisoned training data or evaded with carefully crafted inputs. Practitioners should protect training and operational data, limit model access and tool permissions, test for adversarial behavior, and require appropriate human validation before high-impact decisions.

Showing 20 most recent headlines of 27 Filtered view
Bank Info Security 2 years, 3 months ago

ShadowRay Attack Strikes AI Workloads

Thousands of AI Workloads Compromised Amid CVE Vulnerability DisputeAn active attack campaign dubbed ShadowRay is targeting the widely used Ray open-source artificial intelligence scaling framework. It stems from a vulnerability that researchers say is a flaw but that Ray's developers say is a deliberate design choice.

Bank Info Security 2 years, 3 months ago

ISMG Editors: Apple's Antitrust Showdown With the Feds

Legal Expert Jonathan Armstrong Unpacks Issues in Big Tech, Ransomware, AI and MoreIn the latest weekly update, legal expert Jonathan Armstrong joined three ISMG editors to discuss the Department of Justice's antitrust lawsuit against Apple, ransomware payment dilemmas and AI copyright infringement fears - highlighting the intricate legal issues shaping big tech and cybersecurity.

Bank Info Security 2 years, 3 months ago

Federal Elections Commission Considers Regulating AI

FEC Commissioner Says Group Is Exploring How to Regulate Campaign DeepfakesThe U.S. Federal Elections Commission is determining whether its existing statutory authorities allow it to regulate the use of artificial intelligence in campaign advertisements after receiving thousands of comments from the public about the use of AI in political ads.

Bank Info Security 2 years, 3 months ago

How AI Is Shaping an Inclusive and Diverse Future

AI's Transformative Impact and Challenges in Developing RegionsAI presents enormous opportunities for reducing inequalities and promoting inclusivity in developing regions, but its deployment must be guided by ethical practices and a conscious effort to integrate diversity and inclusion at every stage. We must leverage AI responsibly.

Flaws enable privilege escalation and remote code execution Nvidia's AI-powered ChatRTX app launched just six week ago but already has received patches for two security vulnerabilities that enabled attack vectors, including privilege escalation and remote code execution.…

Bank Info Security 2 years, 3 months ago

OMB Issues First Governmentwide AI Risk Mitigation Rules

Guidance Calls for Agencies to Appoint Chief AI Officers, Set Up Governance BoardsThe Office of Management and Budget issued the first-ever governmentwide guidance for mitigating risks associated with the federal use of artificial intelligence, including specific actions agencies must complete within a year to help ensure the responsible use of emerging tools and technologies.

Simply look out for libraries imagined by ML and make them real, with actual malicious code. No wait, don't do that In-depth Several big businesses have published source code that incorporates a software package previously hallucinated by generative AI.…

Bank Info Security 2 years, 3 months ago

Hackers Developing Malicious LLMs After WormGPT Falls Flat

Crooks Are Recruiting AI Experts to Jailbreak Existing LLM GuardrailsCybercrooks are exploring ways to develop custom, malicious large language models after existing tools such as WormGPT failed to cater to their demands for advanced intrusion capabilities, security researchers say. Undergrounds forums teem with hackers' discussions about how to exploit guardrails.

Anyscale claims issue is 'long-standing design decision' – as users are raided by intruders Thousands of companies remain vulnerable to a remote-code-execution bug in Ray, an open-source AI framework used by Amazon, OpenAI, and others, that is being abused by miscreants in the wild to steal sensitive data and illicitly mine for cryptocurrency.…

Bank Info Security 2 years, 3 months ago

AI Opens Fraud Detection Gap, Says US Treasury

Department Says It May Contribute Its Own Data for Training ModelsThe widespread advent of artificial intelligence is opening a fraud detection capability gap between large and small financial institutions, the U.S. Department of the Treasury warns, suggesting that it may use its own historical data to narrow the divide.

A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users' systems and carry out malicious actions.  "This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user's knowledge," Guardio

Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence (AI) platform called Anyscale Ray to hijack computing power for illicit cryptocurrency mining

Bank Info Security 2 years, 3 months ago

NTIA Pushes for Independent Audits of AI Systems

Accountability Needed to Unleah Full Potential of AI, Says NTIA AdministratorThe U.S. National Telecommunications and Information Administration released a report Wednesday calling for improved transparency into high-risk artificial intelligence systems, as well as independent audits that can help hold AI developers accountable.

Bank Info Security 2 years, 3 months ago

On Point: The New Impersonation-Social Engineering Attacks

How AI and Deepfakes Make Impersonation Attacks Stronger - and How to Stop ThemIndustrious attackers are using cutting-edge deepfake and AI technologies to blend impersonation and social engineering attacks. Robust processes that include checks and balances and improved proving awareness of staff and customers are the keys to preventing them.

Loading more headlines...