Saoud Khalifah’s Post

Short on cash? Google has prizes. A 'bug bounty" even. As Google races (like everyone else) to improve and expand its AI capabilities, it's amping up its "Trust and Safety" corps to better engage the cybersecurity world at large in efforts to predict and address the "novel vulnerabilities" raised by generative AI. “Now, since we are expanding the bug bounty programme and releasing additional guidelines for what we’d like security researchers to hunt, we’re sharing those guidelines so that anyone can see what’s ‘in scope.’ We expect this will spur security researchers to submit more bugs and accelerate the goal of a safer and more secure generative AI." #apocalypse #candlepinsforcash #generativeai #aisecurity

Google Project Zero introduces 'Naptime,' an LLM-powered framework for #vulnerability research. It boosts LLMs' CyberSecEval 2 performance, using advanced tools to better identify and exploit software flaws. Read: https://lnkd.in/gGwfwBgQ #cybersecurity #technology

🚀 Exciting News from Google! 🚀 Google has just unveiled Project Naptime, an innovative AI-powered initiative aimed at bolstering vulnerability research. This project represents a significant leap forward in cybersecurity, leveraging advanced AI to identify and mitigate vulnerabilities more effectively than ever before. As cyber threats continue to evolve, initiatives like Project Naptime are crucial for staying ahead and ensuring robust security infrastructures. Stay tuned for more updates on how this project will revolutionize the field of cybersecurity! #google #security #AI #research https://lnkd.in/eNATbKk9

Microsoft's new AI bug bounty program offers rewards up to $15,000 for finding vulnerabilities in Bing's AI features. The post Microsoft’s New AI Bug Bounty Program Has Rewards Up To $15K appeared first on Search Engine Journal.

NEW: Researchers were able to successfully hack into more than half their test websites using autonomous teams of GPT-4 bots, coordinating their efforts and spawning new bots at will. And this was using previously unknown, real-world 'zero day' exploits. A couple of months ago, a team of researchers released a paper saying they'd been able to use GPT-4 to autonomously hack one-day (or N-day) vulnerabilities – these are security flaws that are already known, but for which a fix hasn't yet been released. If given the CVE list, GPT-4 was able to exploit 87% of critical-severity CVEs on its own. Skip forward to this past week and the same group of researchers released a follow-up paper saying they've been able to hack zero-day vulnerabilities – vulnerabilities that aren't yet known – with a team of autonomous, self-propagating Large Language Model (LLM) agents using a Hierarchical Planning with Task-Specific Agents method. Blackhat or whitehat? There is legitimate concern that these models will allow users to maliciously attack websites and networks. https://lnkd.in/gHwCw3ba #auguryit #cysec #ai

Today's tech roundup delves into the latest innovations and updates shaping the technology landscape. From groundbreaking AI tools and crucial cybersecurity alerts to impactful industry movements and global tech influences, our digest is essential for professionals looking to stay updated in a rapidly evolving field. Join us to explore how these developments are defining the future of technology. #Technology #Innovation #Cybersecurity #AI https://lnkd.in/dNsNbVJb

Google Introduces Project Naptime for AI-Powered Vulnerability Research. #cibersegurança #lgpd #infraestruturadeti #iec62443 #industrialcybersecurity #ti #defesacibernética #cyberrisk #computersecurity #ciso #cto #informationsecurity #cio #security #cybersecurity #vulnerabilidade #ANPD #vazamentodedados #vazamento #incidente #cloudsecurity #cyber #datasecurity #privacy #cybercrime #infosec #cyberattack #dataprotection #ANPPD #phishing #AWS #cloudsolutions #MSP #Azure #sapbrasil #microsoft #APDADOS #IAM #IAG #Identidade #OCI #oracle

📝 𝑫𝒂𝒓𝒌𝑮𝑷𝑻 is a interesting new tool that harnesses the power of ChatGPT-4 to detect leaked databases. 🌐 (https://lnkd.in/dGyemMWS) 𝑲𝒆𝒚 𝒉𝒊𝒈𝒉𝒍𝒊𝒈𝒉𝒕𝒔: ➡ DarkGPT was created by Tomas Marko, a cybersecurity researcher and pentester 🔒 ➡ It leverages ChatGPT-4's advanced language understanding to search for and identify exposed databases 🔍 ➡ DarkGPT can be a game-changer for organizations looking to proactively monitor for data breaches 🛡️ love this case. #DarkGPT #ChatGPT4 #OSINT #CyberSecurity #DataBreach #IntelligenceGathering #GitHub #ResponsibleAI

https://lnkd.in/ef_ZEuD5 A Sobering Look at the Hacking Capabilities of GPT-4 Recent research has shed light on the remarkable yet concerning ability of advanced language models like GPT-4 to autonomously exploit software vulnerabilities. The study found that GPT-4 could successfully exploit 87% of 15 real-world "one-day" vulnerabilities when given their descriptions from sources like CVE databases. Even more alarmingly, GPT-4 demonstrated an ability to create exploit code from scratch for some vulnerabilities published after its training data cutoff date. This suggests an "emergent capability" for hacking that goes beyond simply regurgitating known information. While models like GPT-3.5 and open-source LLMs failed at the vulnerability exploitation task, GPT-4's performance was enabled by leveraging tools like web browsing, terminal access, and code execution environments guided by detailed prompts. A cost analysis estimated GPT-4 was already 2.8x cheaper than human labor for this task. The researchers emphasize the importance of responsibly investigating these issues from an academic perspective while taking precautions against potential misuse. As highly capable language models become more widely deployed, their hacking abilities raise significant cybersecurity concerns that must be addressed proactively. This study serves as a wake-up call regarding the dual-use nature of advanced AI systems. It underscores the urgency of developing robust security paradigms and ethical guidelines to mitigate the risks posed by such powerful and cost-effective autonomous hacking capabilities. #AI #CyberSecurity #GPT4Hacking #AISecurity #VulnerabilityExploitation #AutonomousHacking #EmergingTechThreats #DualUseAI #AIEthics #InfoSec #CuttingEdgeCyberThreats #LanguageModelRisks #TechTrends #CostEffectiveHacking #NextGenCyberAttacks

Hackers Can Now use GPT-4 to Exploit Vulnerabilities Listed in “Security Advisories” https://lnkd.in/gw3JYx9C We would like to thank arXiv for publishing this. #llm #gpt4 #gpt #chatgpt #ai #cybersecuritynews #hackingnews #securityadvisory #exploit #hackers #infosecnews #automation