Contributors: Ortal Keizman, Yair Divinsky In our research, we have discovered that attackers can easily use ChatGPT to help them spread malicious packages into developers’ environments. Given the widespread, rapid proliferation of AI tech for essentially every business use case, the nature of software supply chains, and the broad adoption of open-source code libraries, we… Continue reading Can you trust ChatGPT’s package recommendations?
The ongoing voyages of the Federation Support Ship USS [REDACTED] First Officer’s log, Terrestrial date, 20230424 Officer of the Deck reporting. The captain, showing extraordinary grace and professionalism, rendered assistance to the crippled [REDACTED] ship, towing them out of the debris field and making sure that at least their life support and power systems were… Continue reading CVE-2023-2136 and more: first officer’s blog – week 48
The product is thoroughly pizzled. OpenAI’s release of ChatGPT has gotten a lot of attention lately, and we’ve written about it here at Vulcan Cyber® as well. While it’s certainly a fascinating application of their underlying GPT-3 engine, it’s unlikely to be the major security threat some have made it out to be. At least… Continue reading What the AI revolution means for cyber risk
As the ship maintained standard cruise warp speed to our next destination, the consultant went about the business of doing whatever it was Starfleet had assigned them to do. From our perspective, it meant watching them wander around the ship, striking up random conversations with crew members in the corridors. At least when they weren’t… Continue reading The Royal Mail hack and more: first officer’s blog – week 39
The ongoing voyages of the Federation Support Ship [REDACTED] First Officer’s log, Terrestrial date, 20230123. Officer of the Deck reporting. After our unexpected diversion to Starbase 998, we finally arrived at the planet [REDACTED]. The captain ordered maximum warp to make up for lost time, which put us slightly behind schedule. Fortunately, the intermittent issues… Continue reading The developments in AI that raise security concerns, and more: first officer’s blog – week 35
In our first installment of this series, Vulcan’s Mike Parkin looked at the relative hype versus the current reality of ChatGPT as a serious cybersecurity threat. In this installment, Vulcan’s Gal Gonen dives into ways ChatGPT can be used for cyber risk management. ChatGPT promises an opportunity for managing cyber risk We asked the bot: … Continue reading ChatGPT: An opportunity, or a threat? Part 2
Our new AI overlords? If you ask ChatGPT, the new AI chat, to give you an example of code that will, say, “find <this> kind of file on a system, send those files to a remote system, then encrypt the files” it will deliver. If you ask it to obfuscate that code and give it… Continue reading ChatGPT: An opportunity, or a threat? Part 1