Cyber Security Professionals May Need Worry Beads. Good Worry Beads
November 1, 2023
This essay is the work of a dumb humanoid. No smart software required.
I read “SEC Charges SolarWinds and Its CISO With Fraud and Cybersecurity Failures.” Let’s assume the write up is accurate or — to hit today’s target for excellence — the article is close enough for horseshoes. Armed with this assumption, will cyber security professionals find that their employers or customers will be taking a closer look at the actual efficacy of the digital fences and news flows that keep bad actors outside the barn?
A very happy bad actor laughs after penetrating a corporate security system cackles in a Starbucks: “Hey, that was easy. When will these people wake up that you should not have fired me.” Thanks, MidJourney, not exactly what I wanted but good enough, the new standard of excellence.
The write up suggests that the answer may be a less than quiet yes. I noted this statement in the write up:
According to the complaint filed by the SEC, Austin, Texas-based SolarWinds and Brown [top cyber dog at SolarWinds] are accused of deceiving investors by overstating the company’s cybersecurity practices while understating or failing to disclose known risks. The SEC alleges that SolarWinds misled investors by disclosing only vague and hypothetical risks while internally acknowledging specific cybersecurity deficiencies and escalating threats.
The shoe hit the floor, if the write up is on the money:
A key piece of evidence cited in the complaint is a 2018 internal presentation prepared by a SolarWinds engineer [an employee who stated something senior management does not enjoy knowing] that was shared internally, including with Brown. The presentation stated that SolarWinds’ remote access setup was “not very secure” and that exploiting the vulnerability could lead to “major reputation and financial loss” for the company. Similarly, presentations by Brown in 2018 and 2019 indicated concerns about the company’s cybersecurity posture.
From my point of view, there are several items to jot down on a 4×6 inch notecard and tape on the wall:
- The “truth” is often at odds with what senior managers want to believe, think they know, or want to learn. Ignorance is bliss, just not a good excuse after a modest misstep.
- There are more companies involved in the foul up than the news sources have identified. Far be it from me to suggest that highly regarded big-time software companies do a C minus job engineering their security. Keep in mind that most senior managers — even at high tech firms — are out of the technology loop no matter what the LinkedIn biography says or employees believe. Accountants and MBA are good at some things, bad at others. Cyber security is in the “bad” ledger.
- The marketing collateral for most cyber security, threat intelligence services, and predictive alerting services talks about a sci-fi world, not the here and now of computer science students given penetration assignments from nifty places like Estonia and Romania, among others. There are disaffected employees who want to leave their former employers a digital hickey. There are developers, hired via a respected gig matcher, who will do whatever an anonymous customer requires for hard cash or a crypto payment. Most companies have no idea how or where the problem originates.
- Think about insider threats, particularly when insiders include contractors, interns, employees who are unloved, or consulting firm with a sketchy wizard gathering data inside of a commercial operation.
Sure, cyber security just works. Yeah, right. Maybe this alleged action toward a security professional will create some discomfort and a few troubled dreams. Will there be immediate and direct change? Nope. But the PowerPoint decks will be edited. The software will not be fixed up as quickly. That’s expensive and may not be possible with a cyber security firm’s current technical staff and financial resources.
Stephen E Arnold, November 1, 2023
Quantum Security? Yep, Someday
October 24, 2023
![Vea4_thumb_thumb_thumb_thumb_thumb_t[2]](https://arnoldit.com/wordpress/wp-content/uploads/2023/10/Vea4_thumb_thumb_thumb_thumb_thumb_t2-27.gif "Vea4_thumb_thumb_thumb_thumb_thumb_t[2]")
Note: This essay is the work of a real and still-alive dinobaby. No smart software involved, just a dumb humanoid.
How is this for a brilliant statistical item: “61% of Firms Worry They Are Unprepared for Security Risks in Quantum Era.”
The write up reports with apparent seriousness:
Some 61% have expressed concern their organization is not and will not be prepared to handle security implications that may surface in a post-quantum computing future, according to a survey conducted by Ponemon Institute. Commissioned by DigiCert, the study polled 1,426 IT and cybersecurity professionals who have knowledge of their company’s approach to post-quantum cryptography. Among them were 605 from the US, 428 in EMEA, and 393 across Asia-Pacific.
Apparently some people missed one of the largest security lapses since 9/11. Israel’s high profile smart cyber security capabilities was on leave. The result is what is labeled as the Israel Hamas war. If the most sophisticated cyber security outfits in Tel Aviv cannot effectively monitor social media, the Web, and intercepted signals for information about an attack more than a year in planning, what about the average commercial operation? What about government agencies? What about NGOs?
Boo, I am the quantum bully. Are you afraid yet? Thanks, MidJourney. Terrible cartoon but close enough for horse shoes.
Yet I am to accept that 61 percent of the survey sample is concerned about quantum compromises? My hunch is that the survey sample respondent checked a box. The other survey questions did not ferret out data about false belief that current technology makes these folks vulnerable.
I don’t know where the error has spread. Was it the survey design? The sample selection? The interpretation of the data? The lax vetting of the survey results by ZDNet? Or, maybe a Fiverr.com contractor doing the work for a couple of hundred dollars?
Quantum when today’s vanilla services fail? Wow, some people are thinking about the future, assuming today is peachy keen in the cyber security department. Marketers are amazing when the statement, “Let’s do a survey,” and off to the races and lunch the folks go.
Stephen E Arnold, October 24, 2023
AI Cybersecurity: Good News and, of Course, Bad News
October 23, 2023
This essay is the work of a dumb humanoid. No smart software required.
Life, like a sine wave, is filled with ups and downs. Nothing strikes me like the ups and downs of AI: Great promise but profits, not yet. Smart cyber security methods? Same thing. Ups and downs. Good news then bad news. Let’s look at two examples.
First, the good news. “New Cyber Algorithm Shuts Down Malicious Robotic Attack” reports:
Researchers have designed an algorithm that can intercept a man-in-the-middle (MitM) cyberattack on an unmanned military robot and shut it down in seconds. The algorithm, tested in real time, achieved a 99% success rate.
Is this a home run. 99 percent success rate. Take that percentage, some AI, and head to a casino or a facial recognition system. I assume I will have to wait until the marketers explain this limited test.
“Hello, we are the team responsible for infusing AI into cyber security safeguards. We are confident that our technology will have an immediate, direct impact on protecting your organization from threats and bad actors,” says Mary, a lawyer and MBA. I believe everything lawyers and MBAs say, even more than Tom, the head of marketing, or Ben, the lead developer who loves rock climbing and working remotely. Thanks, Bing Dall-e. You understand the look and feel of modern cyber security teams.
Okay, the bad news. A cyber security outfit named Okta was unable to secure itself. You can the allegedly real details from “Okta’s Stock Slumps after Security Company Says It Was Hacked.” The write up asserts:
Okta, a major provider of security technology for businesses, government agencies and other organizations, said Friday that one of its customer service tools had been hacked. The hacker used stolen credentials to access the company’s support case management system and view files uploaded by some customers, Okta Chief Security Officer David Bradbury disclosed in a securities filing. Okta said that system is separate from its main client platform, which was not penetrated.
Yep, the “main client platform” is or was secure.
Several observations:
- After Israel’s sophisticated cyber systems failed to detect planning and preparing for a reasonably large scale attack, what should I conclude about sophisticated cyber security systems? My initial conclusion is that writing marketing collateral is cheaper and easier then building secure systems.
- Are other cyber security firms’ systems vulnerable? I think the answer may be, “Yes, but lawyer and MBA presidents are not sure how and where?”
- Are cost cutting and business objectives more important than developing high reliability cyber security systems? I would suggest, “Yes. What companies say about their products and services is often different from that which is licensed to customers?
Net net: Cyber security may be a phrase similar to US telecommunications’ meaning of “unlimited.”
Stephen E Arnold, October 27, 2023
Video Analysis: Do Some Advanced Systems Have Better Marketing Than Technology?
October 16, 2023
![Vea4_thumb_thumb_thumb_thumb_thumb_t[2]](https://arnoldit.com/wordpress/wp-content/uploads/2023/10/Vea4_thumb_thumb_thumb_thumb_thumb_t2-19.gif "Vea4_thumb_thumb_thumb_thumb_thumb_t[2]")
Note: This essay is the work of a real and still-alive dinobaby. No smart software involved, just a dumb humanoid.
I am tempted to list some of the policeware and intelware companies which tout video analysis capabilities. If we narrow our focus to Israel, there are a number of companies which offer software and systems that can make sense of video data. Years ago, I attended a briefing and the company (which I will not name) showed that its system could zip through a 90 minute video of a soccer (football) match and identify the fouls and the goals. Like most demonstrations, the system worked perfectly. In actual real world situations, the system did not work. Video footage is a problem, but there are companies which assert their developers’ confection.
Aggressive bunnies get through the farmer’s fence. The smart surveillance cameras emit a faint beep. The bunnies are having a great time. The farmer? Not so much. Thank you, MidJourney. You do a nice bunny.
Here’s the results of the query “video analysis Israel.” Notice that I am not including the name of a company nor a specific country. Google returned ads and video thumbnails and this result:
The cited article is from Israel21c 2013 write up “Israel’s Top 12 Video Surveillance Advances.” The cited article reports as actual factual:
Combing such vast amounts of material [from the Boston Marathon bombing in 2013] would have taken months, or even years in the past, but with new video analytics technologies developed by Israel’s BriefCam, according to the publication IsraelDefense, it took authorities just a few days to identify and track Tamerlan and Dzhokhar Tsarneav, the two main suspects in the attack which killed three, and wounded 183. Within five days one of the terrorists was dead, the other arrested after a 22-hour manhunt.
BriefCam is now owned by Canon, the Japanese camera maker. Imagine the technical advances in the last 10 years.
I don’t know if Israel had a BriefCam system at its disposal in the last six months. My understanding is that the Israel Defense Force and related entities have facial recognition systems. These can work on still pictures as well as digital video.
Why is this important?
The information in the San Francisco Chronicle article “Hamas Practiced in Plain Sight, Posting Video of Mock Attack Weeks Before Border Breach” asserts:
A slickly produced two-minute propaganda video posted to social media by Hamas on Sept. 12 shows fighters using explosives to blast through a replica of the border gate, sweep in on pickup trucks and then move building by building through a full-scale reconstruction of an Israeli town, firing automatic weapons at human-silhouetted paper targets. The Islamic militant group’s live-fire exercise dubbed operation “Strong Pillar” also had militants in body armor and combat fatigues carrying out operations that included the destruction of mock-ups of the wall’s concrete towers and a communications antenna, just as they would do for real in the deadly attack last Saturday.
If social media monitoring systems worked, the video should have been flagged and routed to the IDF. If the video analysis and facial recognition systems worked, an alert to a human analyst could have sparked a closer look. It appears that neither of these software-intermediated actions took place and found their way to a human analyst skilled in figuring out what the message payload of the video was. Who found the video? Based on the tag line to the cited article, the information was located by reporters for the Associated Press.
What magical research powers did the AP have? None as it turns out. The article reports:
The Associated Press reviewed more than 100 videos Hamas released over the last year, primarily through the social media app Telegram. Using satellite imagery, the AP was able to verify key details, as well as identify five sites Hamas used to practice shooting and blowing holes in Israel’s border defenses. The AP matched the location of the mocked-up settlement from the Sept 12 video to a patch of desert outside Al-Mawasi, a Palestinian town on the southern coast of the Gaza Strip. A large sign in Hebrew and Arabic at the gate says “Horesh Yaron,” the name of a controversial Israeli settlement in the occupied Palestinian West Bank.
I don’t want to be overly critical of tools like BriefCam or any other company. I do want to offer several observations from my underground office in rural Kentucky:
- The Hamas attack was discernable via humans who were paying attention. Were people in the IDF and related agencies paying attention? Apparently something threw a wrench in a highly-visible, aggressively marketed intelligence capability, right?
- What about home grown video and facial recognition systems? Yes, what about them. My hunch is that the marketing collateral asserts some impressive capabilities. What is tough to overlook is that for whatever reason (human or digital), the bunny got through the fence and did damage to some precious, fragile organic material.
- Are other policeware and intelware vendors putting emphasis on marketing instead of technical capabilities? My experience over the last half century says, “When sales slow down and the competition heats up, marketing takes precedence over the actual product.”
Net net: Is it time for certification of cyber security technology? Is it time for an external audit of intelligence operations? The answer to both questions, I think, is, “Are you crazy?”
Stephen E Arnold, October 16, 2023
xx
xx
xx
Need Free Data? Two Thousand Terabytes Are Available
October 2, 2023
Note: This essay is the work of a real and still-alive dinobaby. No smart software involved, just a dumb humanoid.
I read “Censys Reveals Open Directories Share More Than 2,000 TB of Unprotected Data.” What’s an open directory? According to the champion of redactions the term refers to lists of direct links to files. True?
The article reports:
These open directories could leak sensitive data, intellectual property or technical data and let an attacker compromise the entire system.
Why do these “lists” exist? Laziness, lack of staff who know what to do, and forgetting how an intern configured a server years ago?
The article states:
Why don’t search engines prohibit people from seeing those open directories? Censys researchers told TechRepublic that “while this may initially sound like a reasonable approach, it’s a bandage on the underlying issue of open directories being exposed on the internet in the first place.
Are open directories a good thing? I think it depends on one’s point of view. Why are bad actors generally cheerful these days? Attack surfaces are abundant and management floats above such hard-to-grasp details about online systems and services. Hey, what time is lunch?
Stephen E Arnold, October 2, 2023
Malware: The NSO Group and a Timeline
September 8, 2023
Note: This essay is the work of a real and still-alive dinobaby. No smart software involved, just a dumb humanoid.
A flurry of NSO Group news appeared in my newsfeeds this morning. Citizen Labs issued an advisory. You can find that short item in “BLASTPASSNSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild.” Recorded Future, a cyber security company, published “Apple Discloses Zero-Days Linked.” Variants of these stories are percolating, including British tabloid newspapers like The Metro. One message comes through: Update your iPhones.
The information makes clear that a vulnerability “path” appears to be blocked. That’s good news. The firm which allegedly discovered the way into user mobile devices is the NSO Group. The important fact, at least for me, is that this organization opened its doors for business in 2010. The origin story, if one believes the information once can find using a free Web search engine, is that the company evolved from a mobile phone repair business. After repairing and tinkering, the founder set up a company to assist government agencies in obtaining information from mobile devices believed to be used by bad actors. Agree or disagree, the origin story is interesting.
What’s important for me is that the time between the company’s start up and the “good news” about addressing a vulnerability in certain devices has been a decade, maybe more. I don’t have an opinion about whether the time window could have been closed more quickly. What’s important to me is that the information is diffusing quickly. On one hand, that’s beneficial to those concerned about the security of their devices. On the other hand, that’s the starter’s gun for bad actors to deploy another hard-to-spot exploit.
I have several observation about this vulnerability:
- The challenge to those who create hardware and software is to realize that security issues are likely to exist. Those who discover these and exploit them, blindside the company. The developers have to reverse engineer the exploit and then figure out what their colleagues missed. Obviously this is a time consuming and difficult process. Perhaps 10 years is speedy or slow. I don’t know. But an error made many years ago can persist and affect millions of device owners.
- The bad actor acts and the company responsible for chasing down the flaw reacts. This is a cat-and-mouse game. As a result, the hardware and software developers are playing defense. The idea that a good defense is better than a good offense may not be accurate. Those initial errors are, by definition, unknown. The gap between the error and the exploit allows bad actors to do what they want. Playing defense allows the offense time to gear up something new. The “good guys” are behind the curve in this situation.
- The fact that the digital ecosystem is large means that the opportunity for mischief increases. In my lectures, I like to point out that technology yields benefits, but it also is an enabler of those who want to do mischief.
Net net: The steady increase in cyber crime and the boundary between systems and methods which are positive and negative becomes blurred. Have we entered a stage in technical development in which the blurred space between good and bad has become so large that one cannot tell what is right or wrong, correct or incorrect, appropriate or inappropriate? Are we living in a “ghost Web” or a “shadow land?”
Stephen E Arnold, September 8, 2023
Surprised? Microsoft Drags Feet on Azure Security Flaw
September 5, 2023
Note: This essay is the work of a real and still-alive dinobaby. No smart software involved, just a dumb humanoid.
Microsoft has addressed a serious security flaw in Azure, but only after being called out by the cybersecurity firm that found the issue. It only took several months. Oh, and according to that firm, the “fix” only applies to new applications despite Microsoft’s assurances to the contrary. “Microsoft Fixes Flaw After Being Called Irresponsible by Tenable CEO,” Bleeping Computer reports. Writer Sergiu Gatlan describes the problem Tenable found within the Power Platform Custom Connectors feature:
“Although customer interaction with custom connectors usually happens via authenticated APIs, the API endpoints facilitated requests to the Azure Function without enforcing authentication. This created an opportunity for attackers to exploit unsecured Azure Function hosts and intercept OAuth client IDs and secrets. ‘It should be noted that this is not exclusively an issue of information disclosure, as being able to access and interact with the unsecured Function hosts, and trigger behavior defined by custom connector code, could have further impact,’ says cybersecurity firm Tenable which discovered the flaw and reported it on March 30th. ‘However, because of the nature of the service, the impact would vary for each individual connector, and would be difficult to quantify without exhaustive testing.’ ‘To give you an idea of how bad this is, our team very quickly discovered authentication secrets to a bank. They were so concerned about the seriousness and the ethics of the issue that we immediately notified Microsoft,’ Tenable CEO Amit Yoran added.”
Yes, that would seem to be worth a sense of urgency. But even after the eventual fix, this bank and any other organizations already affected were still vulnerable, according to Yoran. As far as he can tell, they weren’t even notified of the problem so they could mitigate their risk. If accurate, can Microsoft be trusted to keep its users secure going forward? We may have to wait for another crop of interns to arrive in Redmond to handle the work “real” engineers do not want to do.
Cynthia Murrell, September 5, 2023
A Hacker Recommends Hacking Books
August 11, 2023
Note: This essay is the work of a real and still-alive dinobaby. No smart software involved, just a dumb humanoid.
Hacxx, a self-identified posting freak, has published a list of “20 Best Free Hacking Books 2023.” I checked the post on Sinister.ly and noted that the list of books did not include links to the “free” versions. I asked one of my research team to do a quick check to see if these books were free. Not surprisingly most were available for sale. O’Reilly titles were free if one signed up for that publisher’s services. A couple were posted on a PDF download site. We think the list is helpful. For those interested in the list and where the books Hacxx says are “the best”, we have arranged them in alphabetical order. Authors should be compensated for their work even if the subject is one that some might view as controversial. Right, Hacxx?
- Advanced Penetration Testing https://www.amazon.com/Advanced-Penetration-Testing-Hacking-Networks/dp/1119367689 [Less than $30US]
- Basics of Hacking and Penetration Testing https://www.amazon.com/Basics-Hacking-Penetration-Testing-Ethical/dp/0124116442?tag=50kft00-20
- Black Hat Python: Python Programming for Hackers and Pentesters https://www.amazon.com/Black-Hat-Python-Programming-Pentesters/dp/1593275900?tag=50kft00-20 [Less than $33US]
- Blue Team Handbook: Incident Response Edition https://www.amazon.com/Blue-Team-Handbook-condensed-Responder/dp/1500734756?tag=50kft00-20 [Less than $17]
- CISSP All-In-One Exam Guide https://www.amazon.com/CISSP-All-One-Guide-Ninth/dp/1260467376?tag=50kft00-20 [Less than $60US]
- Computer Hacking Beginners Guide https://www.amazon.com/Computer-Hacking-Beginners-Guide-Penetration-ebook/dp/B01N4FFHMW/ref=sr_1_1?crid=2TKYVD64M3NLS&keywords=.+Computer+Hacking+Beginners+Guide&qid=1691702342&sprefix=computer+hacking+beginners+guide%2Caps%2C91&sr=8-1 [$1US for Kindle edition]
- Ghost in the Wires https://www.amazon.com/Ghost-Wires-Adventures-Worlds-Wanted/dp/0316037729?tag=50kft00-20 [Less than $20US]
- Gray Hat Hacking: The Ethical Hacker’s Handbook, Sixth Edition https://www.amazon.com/Gray-Hat-Hacking-Ethical-Handbook/dp/1264268947?tag=50kft00-20 [Less than $46US]
- Hackers Playbook 2 https://www.amazon.com/Hacker-Playbook-Practical-Penetration-Testing/dp/1980901759/ref=sr_1_2?crid=3OWZ8UCLX5ANU&keywords=.+The+Hackers+Playbook+2&qid=1691701682&sprefix=the+hackers+playbook+2%2Caps%2C85&sr=8-2 [Less than $30]
- Hacking: Computer Hacking Beginners Guide https://pdfroom.com/books/hacking-computer-hacking-beginners-guide/p0q2J8GodxE [Free download]
- Hacking: The Art of Exploitation, 2nd Edition https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/ref=sr_1_1?crid=BY25O5JGDY95&keywords=Hacking%3A+The+Art+of+Exploitation%2C+2nd+Edition&qid=1691702542&sprefix=hacking+the+art+of+exploitation%2C+2nd+edition%2Caps%2C116&sr=8-1 [Less than $30US]
- Hash Crack: Password Cracking Manual https://www.amazon.com/Hash-Crack-Password-Cracking-Manual/dp/1793458618?tag=50kft00-20 [Less than $15]
- Kali Linux Revealed: Mastering the Penetration Testing Distribution https://www.amazon.com/Kali-Linux-Revealed-Penetration-Distribution/dp/0997615605?tag=50kft00-20 [Less than $40US]
- Mastering Metasploit https://github.com/PacktPublishing/Mastering-Metasploit-Third-Edition [No charge as of August 10, 2023]
- Nmap Network Scanning at https://nmap.org
- Practical Malware Analysis: The Hands-on Guide https://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901?tag=50kft00-20 [Less than $45US]
- RTFM: Red Team Field Manual https://www.amazon.com/RTFM-Red-Team-Field-Manual/dp/1075091837/ref=sr_1_2?crid=16SFXUJRL3LMR&keywords=RTFM%3A+Red+Team+Field+Manual&qid=1691701596&sprefix=rtfm+red+team+field+manual%2Caps%2C104&sr=8-2 [This version is about $12US]
- Social Engineering: The Science of Human Hacking https://www.amazon.com/Social-Engineering-Science-Human-Hacking-dp-111943338X/dp/111943338X/ref=dp_ob_title_bk [Less than $21US]
- Web Application Hacker’s Handbook https://edu.anarcho-copy.org/Against%20Security%20-%20Self%20Security/Dafydd%20Stuttard,%20Marcus%20Pinto%20-%20The%20web%20application%20hacker’s%20handbook_%20finding%20and%20exploiting%20security%20flaws-Wiley%20(2011).pdf [This is the second edition]
- Web Hacking 101 https://pdfroom.com/books/web-hacking-101/E1d4DO6ydOb [Allegedly free]
Stephen E Arnold, August 11, 2023
Cyber Security Firms Gear Up: Does More Jargon Mean More Sales? Yes, Yes, Yes
July 31, 2023
I read a story which will make stakeholders in cyber security firms turn cartwheels. Imagine not one, not two, not three, but 10 uncertainty inducing, sleepless night making fears.
The young CEO says, “I can’t relax. I just see endless strings of letters floating before my eyes: EDR EPP XDR ITDR, MTD, M, SASE, SSE, UES, and ZTNA. My heavens, ZTNA. Horrible. Who can help me?” MidJourney has a preference for certain types of feminine CEOs. I wonder if there is bias in the depths of the machine.
Navigate to “The Top 10 Technologies Defining the Future of Cybersecurity.” Read the list. Now think about how vulnerable your organization is. You will be compromised. The only question is, “When?”
What are these fear inducers? I will provide the acronyms. You will have to go to the cited article and learn what they mean. Think of this as a two-punch FUD moment. I provide the acronyms which are unfamiliar and mildly disconcerting. Then read the explanations and ask, “Will I have to buy bigger, better, and more cyber security services?” I shall answer your question this way, “Does an electric vehicle require special handling when the power drops to a goose egg?”
Here are the FUD-ronyms:
- EDR
- EPP
- XDR
- ITDR
- MTD
- M
- SASE
- SSE
- UES
- ZTNA.
Scared yet?
Stephen E Arnold, July 31, 2023
AI and Malware: An Interesting Speed Dating Opportunity?
July 27, 2023
Note: Dinobaby here: This essay is the work of a real and still-alive dinobaby. No smart software involved, just a dumb humanoid. Services are now ejecting my cute little dinosaur gif. (´?_?`) Like my posts related to the Dark Web, the MidJourney art appears to offend someone’s sensibilities in the datasphere. If I were not 78, I might look into these interesting actions. But I am and I don’t really care.
AI and malware. An odd couple? One of those on my research team explained at lunch yesterday that an enterprising bad actor could use one of the code-savvy generative AI systems and the information in the list of resources compiled by 0xsyr0 and available on GitHub here. The idea is that one could grab one or more of the malware development resources and do some experimenting with an AI system. My team member said the AmsiHook looked interesting as well as Freeze. Is my team member correct? Allegedly next week he will provide an update at our weekly meeting. My question is, “Do the recent assertions about smart software cover this variant of speed dating?”
Stephen E Arnold, July 27, 2023
-
- Subscribe to Beyond Search
Feature archive
News archive
-
