Pierluigi Paganini June 05, 2024
Malware can steal data collected by the Windows Recall tool, experts warn

Cybersecurity researchers demonstrated how malware could potentially steal data collected by the new Windows Recall tool. The Recall feature of Microsoft Copilot+ is an AI-powered tool designed to help users search for past activities on their PC. The data collected by the tool is stored and processed locally. After its presentation, it raised security and […]

Pierluigi Paganini May 24, 2024
Recall feature in Microsoft Copilot+ PCs raises privacy and security concerns

UK data watchdog is investigating Microsoft regarding the new Recall feature in Copilot+ PCs that captures screenshots of the user’s laptop every few seconds. The UK data watchdog, the Information Commissioner’s Office (ICO), is investigating a new feature, called Recall, implemented by Microsoft” Copilot+ PCs that captures screenshots of the user’s laptop every few seconds. […]

Pierluigi Paganini April 30, 2024
CISA guidelines to protect critical infrastructure against AI-based threats

The US government’s cybersecurity agency CISA published a series of guidelines to protect critical infrastructure against AI-based attacks. CISA collaborated with Sector Risk Management Agencies (SRMAs) and regulatory agencies to conduct sector-specific assessments of AI risks to U.S. critical infrastructure, as mandated by Executive Order 14110 Section 4.3(a)(i). The analysis categorized AI risks into three […]

Pierluigi Paganini April 09, 2024
China is using generative AI to carry out influence operations

China-linked threat actors are using AI to carry out influence operations aimed at fueling social disorders in the U.S. and Taiwan. China is using generative artificial intelligence to carry out influence operations against foreign countries, including the U.S. and Taiwan, and fuel social disorders. According to the report published by the Microsoft Threat Analysis Center […]

Pierluigi Paganini February 23, 2024
Microsoft released red teaming tool PyRIT for Generative AI

Microsoft has released an open-access automation framework, called PyRIT, to proactively identify risks in generative artificial intelligence (AI) systems. Microsoft has released a Python Risk Identification Tool for generative AI (PyRIT), it is an open-access automation framework to proactively find risks in generative AI systems. The tool aims at helping red teaming activity of AI systems, Microsoft […]

Pierluigi Paganini November 17, 2023
The board of directors of OpenAI fired Sam Altman

OpenAI fired its CEO Sam Altman, and the Chief technology officer Mira Murati appointed interim CEO to lead the company. Sam Altman has been removed as CEO of OpenAI. The company announced that Mira Murati, the Chief Technology Officer, has been appointed as interim CEO. He was distrusted by the board for his behavior, for […]

Pierluigi Paganini August 07, 2023
Zoom trains its AI model with some user data, without giving them an opt-out option

Zoom changed its terms of service requiring users to allow AI to train on all their data without giving them an opt-out option. Zoom updated its terms of service and informed users that it will train its artificial intelligence models using some of its data. The update will be effective as of July 27, and accepting […]

Pierluigi Paganini May 22, 2023
BatLoader campaign impersonates ChatGPT and Midjourney to deliver Redline Stealer

Researchers identified an ongoing BatLoader campaign relying on Google Search Ads to deliver rogue web pages for ChatGPT and Midjourney. In early May, researchers at eSentire Threat Response Unit (TRU) spotted an ongoing BatLoader campaign using Google Search Ads to redirect victims to imposter web pages for AI-based services like ChatGPT and Midjourney. The rogue […]

Pierluigi Paganini March 29, 2023
OpenAI quickly fixed account takeover bugs in ChatGPT

OpenAI addressed multiple severe vulnerabilities in the popular chatbot ChatGPT that could have been exploited to take over accounts. OpenAI addressed multiple severe vulnerabilities in ChatGPT that could have allowed attackers to take over user accounts and view chat histories. One of the issues was a “Web Cache Deception” vulnerability reported by the bug bounty […]

Pierluigi Paganini March 13, 2023
The risk of pasting confidential company data into ChatGPT

Experts warn that employees are providing sensitive corporate data to the popular artificial intelligence chatbot model ChatGPT. Researchers from Cyberhaven Labs analyzed the use of ChatGPT by 1.6 million workers at companies across industries. They reported that 5.6% of them have used it in the workplace and 4.9% have provided company data to the popular […]