Trend Micro, September 27, 2022
The prediction of researchers about the use and abuse of deepfake technologies by cybercriminals, described in a joint paper with Europol and the United Nations Interregional Crime and Justice Research Institute (UNICRI) in 2020, is already coming true.
The threat landscape is changing with a significant increase in the presence of deepfake attacks, which are taking business email compromise (BEC) and identity verification bypassing to a new level.
Such attacks become successful for many reasons, for example, the public availability of the source code, thus anyone can use it. In addition, there are many images available in the public domain, and they give attackers an excellent opportunity to create millions of fake identities. Undoubtedly, criminal groups are ahead of the curve. They were the first to switch to those technologies, constantly discussing their use, developing new ones, and improving the effectiveness of existing schemes for money laundering and monetization.
Read the full article with examples of development and existing attacks in the wild at the link.
TechCrunch, September 28, 2022
A hacker violated the content management system (CMS) of US business publication Fast Company to send “obscene and racist” push notifications to Apple News users, the publication itself confirmed. Moreover, this issue occurred a couple of days after FastCompany.com was hacked with the appearance of similar wording on the home page and other pages of their website. Fast Company itself did not share details about the way it was hacked.
“Thrax”, as the attacker responsible for the hack dubbed himself, published an article detailing how the publication was violated. According to him, he was able to access a lot of sensitive information with a simple password that was used for several accounts.
In a separate post on a popular hacking forum, which previously was at the center of the recent Optus breach, he also announced that he was releasing a database of records of several thousand employees, including email addresses and password hashes.
Read more at the link to the full article.
Nextgov, September 29, 2022
Due to the global popularity of artificial intelligence systems, attention is being paid to issues of trust and bias reduction in AI systems at various levels up to the government. Therefore, the steps necessary to ensure the continued leadership of the United States and the credibility of artificial intelligence systems were considered at the House hearing.
Elham Tabassi, the lead of the National Institute of Standards and Technology’s (NIST) Trustworthy and Responsible AI Program, spoke about the agency’s forthcoming AI Risk Management Framework, for various entities, be it an individual, society, or organization, in one way or another connected with AI. It is developed through a collaborative open and transparent process. And our team, Adversa AI, has also contributed to this. Tabassi also focus the fact that NIST seeks to develop standards with international cooperation among other initiatives.
The need to raise the international level of leadership in artificial intelligence technologies, taking into account the needs of the United States, was also highlighted by Jordan Crenshaw, vice president of the Chamber Technology Engagement Center at the Chamber of Commerce. In his speech, he emphasized that competing foreign technology companies were already working hard to become more involved in the development of AI technical and operational standards abroad.
Read the full article via the link.
Stay up to date with what is happening! Get a first look at news, noteworthy research and worst attacks on AI delivered right in your inbox.
The Adversa team makes for you a selection of the best research in the field of artificial intelligence and machine learning security for August 2022. Subscribe for the latest AI ...
