Jump to content
ClubAdventist

Cyberattacks & Security


Recommended Posts

  • Members
Posted

cybersecurity

? New cybersecurity risk: Rogue AI agents
 
Animated illustration of bugs made out of binary code separating themselves from a larger block of code and crawling away.
 

Illustration: Brendan Lynch/Axios

 

A new identity crisis faces the cybersecurity industry — not for people, but for AI agents that act autonomously and now need to be managed like employees, Axios' Sam Sabin writes.

  • Why it matters: Without proper guardrails, agents could, at the very least, cause incidental data breaches, misuse login credentials, and leak sensitive information.

Just as companies start to embrace AI agents for critical tasks, security vendors are scrambling to build guardrails around them.

  • Even without AI agents, hackers have already proven to be pretty good at hacking employee accounts through stolen and reused passwords.

Keep reading ...

phkrause

When the righteous are in authority, the people rejoice; But when a wicked man rules, the people groan. Proverbs 29;2
  • 2 weeks later...
  • Members
Posted

phkrause

When the righteous are in authority, the people rejoice; But when a wicked man rules, the people groan. Proverbs 29;2
  • 3 weeks later...
  • Members
Posted
? AI's cybersecurity whiplash
 
Illustration of a scalpel pushing a cursor.
 

Illustration: Lindsey Bailey/Axios

 

Generative AI is evolving so fast that cybersecurity leaders are tossing out the playbooks they wrote just a year or two ago, Axios Future of Cybersecurity author Sam Sabin writes.

  • Why it matters: Defending against AI-driven threats, including autonomous attacks, will require companies to make faster, riskier security bets than they've ever had to before.

Major AI model makers have unveiled several new findings and security frameworks that underscore just how quickly state-of-the-art AI is advancing.

  • Researchers recently found that one of Anthropic's new models, Claude 4 Opus, has the ability to scheme, deceive and potentially blackmail humans when faced with a shutdown.
  • Google DeepMind unveiled a new security framework for protecting models against indirect prompt injection — a threat in which a bad actor manipulates the instructions given to an LLM.

Case in point: A bad actor could trick an AI agent into handing over internal documents simply by embedding a hidden instruction in what looks like a normal email or calendar invite.

phkrause

When the righteous are in authority, the people rejoice; But when a wicked man rules, the people groan. Proverbs 29;2
  • 3 months later...
  • Members
Posted

Cyberattack disrupts check-in systems at major European airports

LONDON (AP) — A cyberattack targeting check-in and boarding systems disrupted air traffic and caused delays at several of Europe’s major airports on Saturday.

https://apnews.com/article/europe-airports-cyberattack-29b6d890baf7ac3a22f0f2b2f169b890?

phkrause

When the righteous are in authority, the people rejoice; But when a wicked man rules, the people groan. Proverbs 29;2
  • 1 month later...
  • Members
Posted
AI-powered cyberattacks are coming
 
Illustration of a bomb made out of a circuitry pattern.
 

Illustration: Aïda Amer/Axios

 

U.S. companies are up against a ticking time bomb: Thanks to AI, hackers are on the verge of launching fully automated cyberattacks that can move faster, smarter and more personally than ever.

  • Why it matters: Those attacks could halt production at factories, knock hospitals offline or control power grids — all before anyone even realizes something's wrong.

?️ The big picture: Advancements in generative AI are giving hackers the ability to boost their own skill sets and automate parts of the attack chain.

  • OpenAI and Anthropic have both already found evidence of nation-state adversaries and cybercriminals using their models to write code and research their attacks.
  • Sandra Joyce, who leads Google's Threat Intelligence Group, tells Axios her team has seen evidence of malicious hackers attempting to use legitimate, AI-powered hacking tools in their schemes.

? Zoom in: AI-powered phishing scams can now mimic how a friend or colleague writes, making it easier to trick employees into clicking malicious links.

  • Voice-cloning tools are already so good that they can impersonate practically anyone you trust — and convince you to hand over sensitive passwords.

Between the lines: Nation-state hackers are going to build tools to automate everything — from spotting vulnerabilities to launching customized attacks on company networks, says Phil Venables, partner at Ballistic Ventures and former security chief at Google Cloud.

  • "It's definitely going to come," Venables tells Axios. "The only question is: Is it three months? Is it six months? Is it 12 months?"

? Threat level: A recent Microsoft report found that AI-automated phishing emails achieved a 54% click-through rate, compared with 12% for phishing lures that didn't use AI.

phkrause

When the righteous are in authority, the people rejoice; But when a wicked man rules, the people groan. Proverbs 29;2
  • Members
Posted
? Facing attacks
 
A bar chart that shows the percentage of cybersecurity professionals facing AI threats across sectors in April 2025. Critical infrastructure leads at 50%, followed by financial services at 45%. Technology and advisories report 44%, manufacturing and retail each 32%, and healthcare/public sector 29%.
Data: Deep Instinct's 2025 Voice of SecOps report. Chart: Axios Visuals

? Zoom in: Hackers are increasingly targeting critical infrastructure and financial services companies, according to a survey of cyber professionals conducted by Deep Instinct, an AI-powered cybersecurity firm.

  • 50% of respondents at critical infrastructure organizations said they had already faced an AI-powered attack in the last year.

phkrause

When the righteous are in authority, the people rejoice; But when a wicked man rules, the people groan. Proverbs 29;2
  • Members
Posted
? U.S. adversaries embrace AI
 
Illustration of two hands made out of glowing binary code typing on a keyboard.
 

Illustration: Aïda Amer/Axios

 

Chinese, Russian, Iranian and North Korean cyber warriors are already embracing their new AI future as they experiment with ways to enhance their spying and hacking operations.

? The big picture: Even before generative AI, they were pretty good at hacking into U.S. systems.

  • China was burrowing deep into critical infrastructure, like ports and water systems. Russia advanced its disinformation operations to mimic legitimate news sites. And North Korea was scoring jobs at nearly every Fortune 500 company.
  • Suspected Chinese hackers broke into a major cybersecurity vendor just last week.

? Threat level: In the last six months, nation-state hackers have expedited their use of AI tools, allowing them to be "more advanced, scalable, and targeted," Microsoft recently warned.

Between the lines: Microsoft researchers laid out three AI trends that have picked up in recent months:

  1. ? AI twinning, where disinformation operators create digital replicas of trusted news anchors to deliver state-backed propaganda.
  2. ? Model poisoning, which focuses on deliberately feeding biased and misleading information into training data to influence AI models.
  3. ?️ Voice cloning, using generative AI tools to impersonate real individuals.

Zoom in: Each foreign adversary is also using AI to inform its hacking operations, but in different ways, incident responders tell Axios.

  • ?? China: Chinese hackers are using AI "as a side saddle" or "a buddy" to enhance their influence operations and other schemes, Google Threat Intelligence vice president Sandra Joyce says.
  • ?? Russia: Hackers have been experimenting with AI-powered malware in their attacks on Ukrainian entities as part of the ongoing war, Joyce says.
  • ?? North Korea: The regime's prolific worker fraud scam — in which North Korean workers steal American identities to get hired at major companies around the world — uses live deepfake videos during interviews, as well as chatbots to create fraudulent IDs and resumes.
  • ?? Iran: Hackers linked to the Islamic Revolutionary Guard Corps have been seen using generative AI to create malicious PDFs that are then attached to phishing emails, Sam Rubin, senior vice president at Palo Alto Networks' Unit 42 threat intelligence team, tells Axios.

phkrause

When the righteous are in authority, the people rejoice; But when a wicked man rules, the people groan. Proverbs 29;2
  • Members
Posted
? The case for optimism
 
A bar chart that shows how 500 senior cybersecurity experts reported changes in AI use in security operations in April 2025. Responses indicate 54% increased use slightly, 32% increased significantly, 12% saw no change, and 2% decreased use slightly.
Data: Deep Instinct's 2025 Voice of SecOps report. Chart: Axios Visuals

To avoid the catastrophic future so many fear, cybersecurity leaders are making the only bet they can: Their robots can beat the others.

?️ The big picture: AI can be used to cause mayhem, but the good guys can also use it to bulk up their own capabilities.

  • Defenders envision a world where they can use AI to instantly comb through hundreds of threat notifications, then proactively respond to the legitimate threats in that pile of alerts.
  • AI models are also proving adept at writing secure code that's free from security flaws and vulnerabilities.

? Zoom in: Defenders are already seeing results, Wendi Whitmore, chief security intelligence officer at Palo Alto Networks, tells Axios.

  • In one case, they were able to use automation to help a major transportation manufacturing company bring its attack response time down from three weeks to 19 minutes.
  • "We've just got so many more layers of defense," Whitmore says. "I can talk myself into being completely optimistic about AI."

? What to watch: Autonomous AI-driven cybersecurity could soon help identify vulnerabilities that no human could ever find on their own, according to Jen Easterly, former head of the federal government's Cybersecurity and Infrastructure Security Agency.

  • It could also spot cyber intrusions before they happen, deploy countermeasures in milliseconds — and then learn from those actions to improve for next time.

? "If we get that right, frankly, we can ensure that the balance tips to the defenders," Easterly says.

phkrause

When the righteous are in authority, the people rejoice; But when a wicked man rules, the people groan. Proverbs 29;2
  • 4 months later...
  • Members
Posted
How deepfakes die
 
Illustration collage of a magnifying glass over a computer revealing a person's smile
 

Illustration: Sarah Grillo/Axios

 

Deepfake detection tools will soon be embedded in internet usage, like passwords and antivirus software are today, Axios cybersecurity reporter Sam Sabin writes.

  • Why it matters: Over the next 250 years of American democracy, the question won't just be who's speaking — but who can prove it.

🧑🏽‍💻 State of play: Policymakers, researchers and executives are racing to build systems that authenticate what's real in a world of AI slop.

phkrause

When the righteous are in authority, the people rejoice; But when a wicked man rules, the people groan. Proverbs 29;2
  • 4 weeks later...
  • Members
Posted
⏱️ New cybersecurity clock: Seconds instead of days
 
mail?url=https%3A%2F%2Fimages.axios.com%
Illustration: Sarah Grillo/Axios

Researchers have already found readily available AI models capable of exploiting many of the decades-old bugs targeted by Anthropic's new Claude Mythos Preview, now available only to select partners, Axios' Sam Sabin writes.

  • Why it matters: Guardians of critical infrastructure — water, electricity, health care, financial services and more — face accelerating risk from coming AI models sure to be exploited by terrorists or rogue states.

⚠️ Security experts warn that the new models are likely good enough to both find and weaponize vulnerabilities in as little as a day.

  • "Dwell time used to be 90 days, then it became six days," Rubrik CEO Bipul Sinha told Axios. "Now it has become zero [days], or seconds."

Correction: Our story in AM yesterday on OpenAI's plans for a new rollout has been corrected to say OpenAI is releasing a cybersecurity product, separate from its new model, to select partners. It's not staggering the release to select companies. This product is different from OpenAI's upcoming model, Spud.

phkrause

When the righteous are in authority, the people rejoice; But when a wicked man rules, the people groan. Proverbs 29;2
  • 1 month later...
  • Members
Posted

ShinyHunters Hit Higher Ed

Company officials from the widely used education app Canvas said service had been restored to the platform Friday following a series of cyberattacks last week. The hack prompted dozens of schools to delay finals and compromised the personal information of as many as 275 million students and employees.  

Canvas serves more than 40% of North American colleges and universities, acting as a digital hub to access and manage curriculum, take exams online, submit and track grades, and more. After resolving initial security incidents by Wednesday, a ransom note appeared Thursday, prompting officials to shut the platform down. The note was signed by ShinyHunters (who are they?), an international cybercrime ring responsible for “pay or leak” extortion schemes against companies such as Google, Workday, Louis Vuitton, and AT&T (which reportedly paid $370K in bitcoin).

See the message from the group that appeared on students’ screens following the hack.

phkrause

When the righteous are in authority, the people rejoice; But when a wicked man rules, the people groan. Proverbs 29;2
  • 3 weeks later...
  • Members
Posted
🤖 Exclusive: IBM targets AI-powered cyber threats
 
Illustration of a robotic hand with a padlock around its finger.
 

Illustration: Allie Carl/Axios

 

IBM is investing $5 billion and deploying more than 20,000 engineers to help secure open-source software, Axios' Maria Curi writes.

  • IBM CEO Arvind Krishna told Axios he expects the government to be very interested in a solution like Project Lightwell: "We believe that at least some people in the government are looking for the private sector to step up with an answer like this."

Why it matters: AI is supercharging cyberattacks, pushing companies to adopt the same technology to defend against threats.

"Project Lightwell" — the new initiative by IBM and Red Hat, its open source software subsidiary — uses frontier AI capabilities to establish a "clearinghouse" to identify and fix vulnerabilities at scale.

  • Krishna said he expects the project to expand beyond the financial sector.

Keep reading.

phkrause

When the righteous are in authority, the people rejoice; But when a wicked man rules, the people groan. Proverbs 29;2

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

If you find some value to this community, please help out with a few dollars per month.



×
×
  • Create New...