Tag Archive for: Find

AI aids nation-state hackers but also helps US spies to find them, says NSA cyber director

/in


Nation state-backed hackers and criminals are using generative AI in their cyberattacks, but U.S. intelligence is also using artificial intelligence technologies to find malicious activity, according to a senior U.S. National Security Agency official.

“We already see criminal and nation state elements utilizing AI. They’re all subscribed to the big name companies that you would expect — all the generative AI models out there,” said NSA director of cybersecurity Rob Joyce, speaking at a conference at Fordham University in New York on Tuesday. “We’re seeing intelligence operators [and] criminals on those platforms,” said Joyce.

“On the flip side, though, AI, machine learning [and] deep learning is absolutely making us better at finding malicious activity,” he said.

Joyce, who oversees the NSA’s cybersecurity directorate tasked with preventing and eradicating threats targeting U.S. critical infrastructure and defense systems, did not speak to specific cyberattacks involving the use of AI or attribute particular activity to a state or government. But Joyce said that recent efforts by China-backed hackers to target U.S. critical infrastructure — thought to be in preparation for an anticipated Chinese invasion of Taiwan — was an example of how AI technologies are surfacing malicious activity, giving U.S. intelligence an upper hand.

“They’re in places like electric, transportation pipelines and courts, trying to hack in so that they can cause societal disruption and panic at the time in place of their choosing,” said Joyce.

Joyce said that China state-backed hackers are not using traditional malware that could be detected, but rather exploiting vulnerabilities and implementation flaws that allow the hackers to gain a foothold on a network and appear as though they are authorized to be there.

“Machine learning, AI and big data helps us surface those activities [and] brings them to the fore because those accounts don’t behave like the normal business operators on their critical infrastructure, so that gives us an advantage,” Joyce said.

Joyce’s comments come at a time where generative AI tools are capable of producing convincing computer-generated text and imagery and are increasingly used…

Source…

Cisco IOS XE Hack: Researchers Find Another ‘Sharp Increase’ In Affected Devices

/in


Security News


Kyle Alspach


One of the most serious network device attacks in recent memory continues to widen, according to Censys researchers.

ARTICLE TITLE HERE


Compromises of Cisco IOS XE devices jumped by 8,000 on Wednesday, bringing the total number of affected systems to nearly 42,000, according to the latest data from cybersecurity firm Censys.

There’s no patch available for the critical vulnerability that’s being exploited in the attacks, although Cisco has provided mitigations that it’s said are effective at thwarting the compromises. IOS XE is a widely used Cisco networking software platform, with estimates suggesting that more than 140,000 devices in total are potentially vulnerable.

[Related: Why Cisco IOS XE Attacks Are Setting Off Alarm Bells]

Censys researchers had previously found 34,140 Cisco devices compromised, but on Wednesday said they had “found a sharp increase in infections” with the tally climbing to 41,983.

In response to a CRN inquiry Wednesday, Cisco said it did not have any new information to share.

Cisco said in an advisory Monday that the zero-day privilege escalation vulnerability—which is tracked as CVE-2023-20198—warrants the maximum severity rating, 10.0 out of 10.0.

Exploitation of the critical vulnerability can allow a malicious actor to acquire “full control of the compromised device and [allow] possible subsequent unauthorized activity,” Cisco’s Talos threat intelligence team said in a blog post Monday.

The attacks are one of the most serious network device hacks in recent memory, experts have said.

“The last few weeks have seen their fair share of potential sky-crumbling advisories,” Censys researchers said in a post. Those have included a vulnerability in Exim mail servers, “which amounted to much of nothing,” and an HTTP/2 attack that turned out to have a very narrow impact.

“But this time, Apollo, I think we have a problem,” the Censys researchers wrote, referring to the Cisco IOS…

Source…

Researchers Hack Android Smartphones, Find A Security Risk

/in


man talking on his cell phone

The research focused on Android smartphones because motion sensor data can be retrieved from them without any explicit permission from the user.

Getty Images

Advanced smartphone features attract users who want more from their devices, especially in health and entertainment areas, but do these features create a security risk when making or receiving actual calls? A team of academic researchers from Texas A&M University and four other institutions created malicious software, or malware, to answer that question.

The researchers’ malware, called EarSpy, used machine learning algorithms to filter a surprising amount of caller information from ear speaker vibration data recorded by an Android smartphone’s own motion sensors—and did so without overcoming any safeguards or needing user permissions.

“A standard attack on a cell phone taps the microphone and records the voices,” said Ahmed Tanvir Mahdad, a doctoral student in the Department of Computer Science and Engineering at Texas A&M. “We are recording motion sensor data, which is not directly related to speech, and detecting caller information from that in a side-channel attack.”

Mahdad was the primary author of “EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers,” a paper published in December 2022 that explained the project’s results. The National Science Foundation funded the research.

Ear speakers at the top of smartphones are traditionally small and produce low sound pressures during conversations. These vibrations improve clarity when the phone is pressed against the user’s ear. The speakers are not considered a good source for audible eavesdropping because of their size and how they function. Yet some manufacturers are replacing these small speakers with bigger ones to create the stereo sounds needed for videos and streaming without considering how much vibration data the bigger ear speakers emit. Since smartphones are equipped with motion sensors called accelerometers to record vibration data tracking user exercises and locations, this has led to a situation where ear speaker vibrations can also be recorded and potentially compromised.

The…

Source…

DEF CON’s AI Village Pits Hackers Against LLMs to Find Flaws

/in


DEF CON 2023 — Las Vegas — DEF CON’s most buzzed-about event, the AI Village, let thousands of hackers take their best shot at making one of eight different large language models (LLMs), including Google, and Open AI, say something dangerous.

According to the spokespeople for the Hack the Future AI Village, the event was a huge hit, but for now that’s all that’s being made public — results won’t be made available for at least a week, maybe more.

The final AI hacking challenge leaderboard showed both first and third place prizes went to handles “cody3” and “cody2” respectively. The DEF CON AI Village itself was tight-lipped about any details about the winner, or even the prizes, but reports identified the person behind both top-three AI Village contest entries as Stanford masters computer science student Truc Cody Ho, adding he entered a total of five times in the competition.

More details about the hacking competition results are forthcoming, according to Avijit Ghosh, one of the authors compiling them.

We will be going through the anonymized data and finding patterns of vulnerabilities that participants discovered during the challenge and produce a report that will hopefully help ML and security researchers gain better insights into LLMs and policymakers make more informed regulations about AI,” Ghosh says.

While he won’t answer questions directly about any of the winning LLM hacks, Ghosh says he was able to use the LLMs to generate discriminatory code, credit card numbers, misinformation, and more.

Another of the event’s organizers, Jutta Williams, has a day job as Reddit’s senior director and global head of privacy and assurance; and on the side, is the founder of Humane-Intelligence, a nonprofit that provides safety, ethical, and other guidance for companies providing consumers with AI products.

Historic Turnout For Event

Williams touted the event as the “largest LLM red teaming to date.”

All told, Williams said the AI Village attracted 2,240 hackers over the course of DEF CON 31 and explained the goal was to make one of its LLMs “do something unsavory.” That could mean generating misinformation, or using just the right question to prompt the chatbot to do something illegal —…

Source…