Cybersecurity and AI: The Good

The power of AI has been in the news with the release of Chat GPT and similar AI programs. Security researchers tested Chat GPT to see if the program could write malicious code—and it came very close. With every technological advance, there are always added risks. But there can be benefits as well. AI can be used to help improve cybersecurity. Let’s look at how.

1. Fighting back against phishing

ScamRanger, a new AI tool is designed to help you identify phishing messages sent via email, text, and other messaging apps. You can simply copy and paste the message into the tool and will verify the text to determine if it is a scam. Of course, the technology may not be perfect but it can help you determine if a message is malicious. If the tool reports it is a scam, you can then report it to help the tool protect others.

2. Determining patterns

AI software can also help cybersecurity teams determine patterns in cyberattacks. For example, AI tools can help teams identify patterns in attacks such as timing, method, and how hackers move inside a network. Most companies are not outsourcing cybersecurity to AI but the tools can help security professionals keep networks safe from attacks.

3. Identifying new threats

New malware threats are thrown at us every day. It can be hard for any professional to keep up with all the malicious software. AI technology can help identify new strains of malware and determine solutions to keep users safe.

Of course, hackers can and do use AI for bad—creating new malware, testing passwords, and more. While we can’t rely on AI software to keep us completely safe, new programs can help boost our cybersecurity.

Cybersecurity update

LastPass breach: LastPass recently announced that a threat actor was able to steal corporate and customer data by hacking an employee’s personal computer and installing keylogger malware, which then allowed them to gain access to the company’s cloud storage. In addition to the announcement, LastPass also published a thorough list of the data that was compromised across both security breaches.

Cybersecurity shorts

D.C. Health Link hack exposes personal information of Congress members and aides. The health care insurance exchange for government employees and DC residents was breached earlier this month. The hacker supposedly has posted the full set of data stolen—including information on 21 current members of Congress. Overall, the file contained information on over 60,000 people.

The biggest cybersecurity risk could come from inside your organization. Malware and ransomware are hitting everything from our personal electronics to mission-critical infrastructure and supply chains. In a world where everyone is a target, companies, and businesses need to understand that risks can also come from internally within your business. To succeed at the highest level, organizations and businesses should lead with their employees as an effort and supplement their programs with advanced tools that are able to detect and mitigate insider risks whenever possible. Here are four lessons Bret Arsenault, CISO of Microsoft, has learned throughout his time managing their insider risk program.

Hackers claim to breach T-Mobile more than 100 times. Three cybersecurity groups claim to have hacked T-Mobile’s internal network at least 100 times during 2022. The goal of these hacks was to access internal tools to divert any T-Mobile user’s messages to another device. You can read more about the hacks here.

CISA publishes Cybersecurity Advisory (CSA). The Cybersecurity and Infrastructure Security Agency (CISA) recently published a Cybersecurity Advisory (CSA) that detailed tactics, techniques, procedures, and key findings from a 2022 assessment whose purpose was to provide proactive steps to reduce the threat from malicious cyber actors. Here, you can read key findings from this advisory that talks about excessive permission to standard users, establishing a security baseline, and more.

Biden-Harris Administration announces National Security Strategy. At the beginning of the month, the Biden-Harris Administration released the National Cybersecurity Strategy that will secure the full benefits of a safe and secure digital ecosystem. The press release explains that the United States will “reimagine cyberspace as a tool to achieve our goals in a way that reflects our values: economic security and prosperity; respect for human rights and fundamental freedoms; rust in our democracy and democratic institutions; and an equitable and diverse society.” The release also explains the fundamental shifts that must be made and how they will allocate roles, responsibilities, and resources in cyberspace. You can read more here.

Six Firefox add-ons to help you stay safe and secure. With the increase in cyberattacks and data breaches, it is crucial for you to protect your online security and privacy. One way you can do so is by utilizing add-ons for your web browser that can help enhance these things. Firefox offers a variety of add-ons that can help you stay safe while online. This article talks about six add-ons that Firefox users can use to help them stay safe.

Software updates

Adobe: Adobe released updates closing over 100 security issues in its programs—Photoshop, Illustrator, and others. Read more about the updates here.

Microsoft: Over 70 security bugs are addressed in the March Microsoft update. Two of these issues are actively being exploited—including one that impacts Outlook users. The Outlook flaw is severe and can allow a hacker access to your machine with a malicious email before you even view it. Your device will prompt you to update automatically. Read more here.

Source: Horsesmouth