White House, Big Tech Ink Commitments to Secure AI
With Big Tech companies pledging voluntary safeguards, industry-watchers assume that smaller AI purveyors will follow in their wake to make AI safer for all.
Explore the intersection of AI and cybersecurity. Stay informed on AI-driven security trends, tools, and threats in the ever-evolving digital landscape.
Search across headline titles and summaries.
Background for this topic.
Artificial intelligence (AI) describes computer systems that perform tasks such as recognizing patterns, making predictions, understanding language, or generating content. In security reporting, the term commonly includes machine-learning models used for detection and analysis, as well as generative AI applications that produce text, code, images, or other outputs.
AI can help analyze security telemetry, prioritize vulnerabilities, and support investigations, but its outputs can be wrong or manipulated. Important attack surfaces include prompt injection that steers an application into unintended actions, sensitive data being exposed through prompts or model outputs, and excessive permissions granted to AI systems that use external tools. Models can also be degraded by poisoned training data or evaded with carefully crafted inputs. Practitioners should protect training and operational data, limit model access and tool permissions, test for adversarial behavior, and require appropriate human validation before high-impact decisions.
With Big Tech companies pledging voluntary safeguards, industry-watchers assume that smaller AI purveyors will follow in their wake to make AI safer for all.
PromptGuard is a new cloud access security broker (CASB) that supports employee AI use while ensuring that sensitive data is not released to AI systems
Sophisticated fraudsters are exploiting ChatGPT and CAPTCHAs to evade enterprise security defenses.
A new malware strain known as BundleBot has been stealthily operating under the radar by taking advantage of .NET single-file deployment techniques, enabling threat actors to capture sensitive information from compromised hosts
Researchers found that the private keys and secrets they discovered being exposed within the Docker framework are already being used in the wild.
Two more security flaws have been disclosed in AMI MegaRAC Baseboard Management Controller (BMC) software that, if successfully exploited, could allow threat actors to remotely commandeer vulnerable servers and deploy malware
Two new critical severity vulnerabilities have been discovered in the MegaRAC Baseboard Management Controller (BMC) software made by hardware and software company American Megatrends International. [...]
The SaaS product is available under the Company's early access program as a closed, invitation-only beta experience, as part of the Plurilock AI platform.
The models powering generative AI like ChatGPT are open to several common attack vectors that organizations need to understand and get ready for, according to Google's dedicated AI Red Team.
Study also finds LLMs are poor at detecting malicious code
Hint: Organizations are already using a range of AI tools, with ChatGPT and Jasper.ai leading the way.
Strengthens threat detection and incident response portfolio to address growing API threats.
Checkmarx's industry-first AI AppSec plugin works within the ChatGPT interface to protect against new attack types targeting GenAI-generated code.
Bing Chat continues to enrich its user experience by rolling out a new feature - Visual Search in Chat. This function combines the power of OpenAI's GPT-4 model with image search abilities to offer a more interactive way of browsing the web. [...]
Threat actors are showing an increased interest in generative artificial intelligence tools, with hundreds of thousands of OpenAI credentials for sale on the dark web and access to a malicious alternative for ChatGPT. [...]
As companies navigate how to protect themselves from the onslaught of increasingly sophisticated fraud threats, artificial intelligence will be a critical piece of next-gen authentication.
The Salt Security report also notes a 244% surge in unique attackers between H1 and H2 2022
The Cyber Threat Intelligence Summit discussed how automation and generative AI could help CTI practitioners tackle the overload of data they have to process
By combining these leading-edge tools, security professionals can amplify the impact of their security strategies.
The company's AI for security operations centers is now available for technology integrations, as the industry looks to large language models.