Agents of Chaos

We report an exploratory red-teaming study of autonomous language-model-powered agents deployed in a live laboratory environment with persistent memory, email accounts, Discord access, file systems, and shell execution. Over a two-week period, twenty AI researchers interacted with the agents unde...

Google TAG Warns of North Korean-linked ARCHIPELAGO Cyberattacks

A North Korean government-backed threat actor has been linked to attacks targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea and the U.S. Google's Threat Analysis Group TAG is tracking the cluster under the name ARCHIPELAGO , which it...

What Will It Take?

What will it take for policy makers to take cybersecurity seriously? Not minimal-change seriously. Not here-and-there seriously. But really seriously. What will it take for policy makers to take cybersecurity seriously enough to enact substantive legislative changes that would address the problem...

Repurposing Neural Networks to Generate Synthetic Media for Information Operations

FireEye’s Data Science and Information Operations Analysis teams released this blog post to coincide with our Black Hat USA 2020 Briefing, which details how open source, pre-trained neural networks can be leveraged to generate synthetic media for malicious purposes. To summarize our presentation,...

Bruce Schneier Proposes 'Hacking Society' for a Better Tomorrow

SAN FRANCISCO – Cybersecurity experts have long stayed in their problem-solving lane when it comes to finding vulnerabilities, patching bugs and keeping networks safe. But maybe it is time they applied their defensive skillsets and adversarial understanding of cyberthreats to help solve some of...

Paper Spells Out Tech, Legal Options for Encryption Workarounds

FBI Director James Comey’s dogged attachment to the argument that strong encryption hinders criminal investigations by law enforcement is heading into its third year with little signs of abatement. That insistence comes despite three years of arguments to the contrary from security experts, who...

EU Struggles to Determine Growing Cost of Cyberattacks

After painstakingly calculating the true cost of cybercrime in the European Union researchers conclude it’s nearly impossible to come up with hard numbers. In a study released this week by the European Union Agency For Network And Information Security ENISA researchers assert that it’s vitally...

APT1-Themed Spear Phishing Campaign Linked to China

Researchers at Seculert have discovered a link between spear phishing campaigns targeting Japanese and Chinese journalists, post-Mandiant’s APT1 report, and domains connected to the Aurora attacks on Google and the Shady RAT campaign. In particular, in the attacks against the Japanese, the malwar...

Microsoft Reaches Settlement with Site Linked to Nitol Botnet

Microsoft announced today it’s reached a settlement with the operator of a Chinese Web site whose domain and sub-domains hosted more than 500 kinds of malware, including the Nitol botnet found on brand new computers. In a lawsuit filed two weeks ago by the software giant, Microsoft alleged the...

Reality Based Cyber Crime Novella Explores Aftermath of Stuxnet Attack On Iran

Reality Based Cyber Crime Novella Explores Aftermath of Stuxnet Attack On Iran GRAND RAPIDS – Cyber Styletto is a new novella by a journalist, a writer, and a security expert who have pooled their talents to create an enthralling good read that is future forward and predictive. The facts are base...

U.S. Needs Cybersecurity Skunk Works, Expert Says

ARLINGTON, VA–In order to address the fundamental questions surrounding the concept of cyberwar and what it might mean for both the government and the enterprise, the United States should develop a skunk works-type think tank comprising highly skilled private-sector security experts as well as...