New Android malware uses AI to click on hidden browser ads
A new family of Android click-fraud trojans leverages TensorFlow machine learning models to automatically detect and interact with specific advertisement elements. [...]
Machine learning supports malware detection and threat analysis, but attackers can also exploit biased data, model weaknesses, or poisoned training.
Search across headline titles and summaries.
Background for this topic.
Machine learning is a way to build software that learns patterns from data and uses them to classify, predict, or make decisions, rather than relying solely on hand-written rules. Models may support malware and phishing detection, user- or entity-behavior analysis, vulnerability prioritization, and automated security triage. Their outputs are probabilistic, so unusual activity can be missed or incorrectly flagged; changing normal behavior can also cause model drift and reduce accuracy.
Security teams must protect both the model and its training data. An attacker may manipulate training examples (data poisoning), craft inputs designed to evade detection (adversarial examples), or extract sensitive information from a model or its data. Controls include trusted data provenance, access restrictions, testing against realistic evasive inputs, monitoring for drift, and human review of high-impact decisions. Where models process personal, proprietary, or security telemetry, collection, retention, and reuse require appropriate privacy and governance controls.
Weekly headline count for the current query.
A new family of Android click-fraud trojans leverages TensorFlow machine learning models to automatically detect and interact with specific advertisement elements. [...]
Microsoft has resolved an issue with a machine learning model that mistakenly flagged emails from Gmail accounts as spam in Exchange Online. [...]
Microsoft says it mitigated a known issue in one of its machine learning (ML) models that mistakenly flagged Adobe emails in Exchange Online as spam. [...]
Microsoft has started testing a new "scareware blocker" feature for the Edge web browser on Windows PCs, which uses machine learning (ML) to detect tech support scams. [...]
GitHub projects have been targeted with malicious commits and pull requests, in an attempt to inject backdoors into these projects. Most recently, the GitHub repository of Exo Labs, an AI and machine learning startup, was targeted in the attack, which has left many wondering about the attacker's true intentions. [...]
Google is testing a new API that uses machine learning models to offer real-time language translation for inputted text and to make it easier to translate web pages. [...]
Attackers only have to be right once while defenders need to be right 100% of the time. To help combat this asymmetric disadvantage, InQuest provides an open research portal that combines crowdsourced efforts with machine learning to combat the likes of Bumblebee and other BEC related threats. [...]
Code hosting platform GitHub today launched new machine learning-based code scanning analysis features that will automatically discover more common security vulnerabilities before they end up in production. [...]
Microsoft says its cloud-native SIEM (Security Information and Event Management) platform now allows to detect potential ransomware activity using the Fusion machine learning model. [...]