Tag Archive for: services

How AI and large language models can help cybersecurity firms improve their services

/in


Just about every cybersecurity provider has an artificial intelligence-related story to tell these days.

There are many security products and services that now come with built-in AI features, offering better ways to seek out and neutralize malware. Or they have new “co-pilot” add-ons that allow human operators to work hand-in-mouse with an AI-driven assistant to screen security alerts. Or they use AI add-on tools for better phishing detection, new threat discovery or troubleshooting of network and application problems or misconfigurations.

SiliconANGLE analyzed both the good and bad sides of AI-based cybersecurity. Now, let’s examine some of the products that offer the most promise.

The spread of AI-infused security cuts across startup and established companies alike. For example, Palo Alto Networks Inc. is developing its own large language model or LLM that will use AI to improve its operational efficiencies. SentinelOne Inc. will have an LLM so that security analysts can query potential threats with a simple search box without the need to learn complex jargon or syntax. Cloudflare Inc. is using machine learning to help more quickly find and neutralize botnets. And both Blink Ops and Trend Micro Inc. will integrate AI into their tools with copilot-like features.

That’s not all. Darktrace Holdings Ltd. has already used AI to identify several cyberattacks, such as one targeting a power grid that its AI found within a few hours. BreachLock Inc.’s penetration testing as a service has been tapping AI to improve its efficiency in handling security audits and analysis services. Cybersixgill has its IQ service that amplifies its dark web scanning tools, as SiliconANGLE wrote about recently.

Then there’s Sentra Inc., which has a browser extension that will anonymize chatbot queries and block inadvertent private data transmissions. Guardz has enhanced its phishing protection with AI. Earlier this year, HiddenLayer Inc. won the RSA Conference Innovation Sandbox for best new product, a tool that can help defend against adversarial AI-based attacks. And those are by no means exhaustive.

Even companies not selling security services want to call attention to their AI…

Source…

Criminals publish ads for hacking services on US government websites

/in


Hacker Dark Web

Hacker Dark Web

Cybersecurity researchers from Citizen Lab recently spotted PDF files advertising hacking services, on websites belonging to numerous U.S. government agencies and educational institutions.

As reported by TechCrunch late last week, the PDFs were found on .gov websites belonging to California, North Carolina, New Hampshire, and at least three more states, as well as at least five counties and administrative centers.

Universities such as UC Berkeley, Stanford, Yale, UC San Diego, and countless others, are also said to have had their websites compromised. Spain’s Red Cross, defense contractor Rockwell Collins, as well as an unnamed Irish tourism company, were also affected.

SEO poisoning

In the PDFs, the threat actors advertise various services, including the ability to hack into social media accounts such as Instagram, Facebook, or Snapchat. They also advertise computer game cheats and fake follower generation. Interested parties are invited to open websites listed in the PDFs.

Discussing his findings, researcher John Scott-Railton suggested that these are not the result of a hack, but rather of a threat actor abusing misconfigured servers and content management systems (CMS): “SEO PDF uploads are like opportunistic infections that flourish when your immune system is suppressed. They show up when you have misconfigured services, unpatched CMS bugs, and other security problems,” said Scott-Railton.

Read more

> US government wants to learn more from recent major hacks

> Government bodies are at risk online

> US government legal firm Casepoint investigating data breach

TechCrunch visited some of the websites listed in the PDFs and claim that the hacks are most likely fake, and that the entire scheme is just to get people to visit the websites. These sites, the publication claims, come with a fake CAPTCHA which only buys time for the website to generate money in the background.

While the damage of this campaign seems to be almost non-existent, it begs the question of how it was possible for so many government and educational institutions to become compromised; the aftermath could have been much, much worse.

At press time, it is claimed that most of the PDF files have been…

Source…

Going into the Darknet: How Cynet Lighthouse Services Keep Cybersecurity Teams One Step Ahead of Hackers

/in


By monitoring the darknet, as well as underground forums, Cynet is able to identify and prepare for the latest cybersecurity threats before they reach deafening levels.

By Eyal Gruner, Co-Founder and CEO of Cynet

Data breaches are far from new, but the scale of attacks and sophistication of the attackers has reached all new levels in recent years. Since the pandemic, with the rise in remote work environments and work from home setups, compromised credentials became the most common initial access vector for data breaches in 2022 according to IBM – leading to rampant cybersecurity attacks. Because of the anonymity it offers, the darknet is fertile ground for bad actors looking to buy, sell, and trade large datasets of credential that can be used to access compromised accounts and systems left unchecked.

The alarming rise in compromised credentials led Cynet to launch its Lighthouse Service which monitors underground forums, private groups, and malicious servers for evidence of compromised credentials within the environment – taking its MDR team (CyOps) into the darknet and underground forums to search for potential cybersecurity threats before they become full-on attacks. Unlike traditional darknet monitoring services, Cynet focuses primarily on credential theft monitoring because of the swift rise in leaked credentials.

A Primer on the Darknet and Underground Forums  

Unlike the internet we all use to work, shop, and connect online, users must download a special Tor browser or browser add-ons to navigate the darknet. Because there is no link between a user and the user’s IP, the darknet requires specific access (software, configurations, authorization) – thus making it a prime location for illegal activity. Industry analysts estimate that the darknet accounts for 4% to 6% of internet content, with as many as three million users per day.

But the darknet is not the only gathering spot for cybercriminals. The internet we use on a daily basis (Clearnet) also houses underground forums that fuel and empower threat actors. The now seized “RaidForums” and its predecessor, “Breached,” are two popular sites that can be accessed via common web browsers. While the two are…

Source…

China to Mandate Security Reviews for ChatGPT-Like Services

/in


(Bloomberg) — China plans to require a security review of generative AI services before they’re allowed to operate, casting uncertainty over ChatGPT-like bots unveiled by the country’s largest tech companies including Baidu Inc.

Most Read from Bloomberg

Providers of services must ensure content is accurate and respects intellectual property, and neither discriminates nor endangers security, the Cyberspace Administration of China said in draft guidelines seeking public feedback. AI operators must also clearly label AI-generated content, the country’s internet overseer said in a statement posted on its website.

The CAC’s requirements add to Beijing’s growing attempts to regulate the explosive growth of generative AI since OpenAI’s ChatGPT fired up the industry in November. Companies from Alibaba Group Holding Ltd. to SenseTime Group Inc. and Baidu all aim to build the definitive next-generation AI platform for the world’s largest internet market. That mirrors a growing wave of development abroad with Alphabet Inc.’s Google and Microsoft Corp. among the many tech companies exploring generative AI, which can create original content from poetry to art just with simple user prompts.

Alibaba shares gave up much of their initial gains on Tuesday after the CAC announcement, while SenseTime was down slightly. The larger e-commerce company on Tuesday described how it planned to build generative AI into its Slack-like work app and Amazon Echo-like smart speakers, before expanding that portfolio to its other services. A day before, SenseTime demonstrated the large AI model SenseNova and a user-facing chatbot called SenseChat.

That followed Baidu Inc.’s Ernie bot, which was released for selective testing about a month ago. The company — considered the current domestic leader — was down 7% in Hong Kong.

Read more: Alibaba Enters ChatGPT Fray With AI Speaker, Slack-Like App

In addition, the powerful regulator stressed that AI services must be transparent about the data and algorithms used in training their large-scale models, reinforcing Beijing’s focus on maintaining control over sensitive and valuable information.

“Service providers should provide certain…

Source…