In last month’s Threat Pulse, we introduced the topic of AI as the inaugural theme for the Intelligence Insights section of the report; an umbrella topic we will explore various aspects of throughout the quarter. We introduced the topic and scraped the surface on some issues surrounding malicious uses of AI, as well as how it can be used as a legitimate tool to assist defensive measures.
INTELLIGENCE INSIGHTS: MALICIOUS USE CASES OF AI SECTION 02
One freely available tool for this, though not one designed with explicitly malicious purposes in mind, is burpgpt. Burpgpt is a tool which uses AI to “detect security vulnerabilities that traditional scanners might miss,” and lists some potential use cases as: • Analysing request and response data for potential vulnerabilities specific to a Single-Page Application (SPA) framework • Analysing request and response data exchanged between serverless functions for potential security vulnerabilities One way which security researchers can get ahead of malicious uses of AI is by*
In this month’s Threat Pulse, we will be examining how some specific malicious use cases of AI can be defended against. The criminological angle, as well as some more detail on the malicious use cases themselves, will be examined in the Spotlight section prepared by the Tactical Intelligence team. As alluded to in April’s Threat Pulse, one way which AI can be used to assist bad actors is through vulnerability scanners. Attackers use port and network scanners to try and identify any weak points or vulnerabilities in an organisation’s network. By querying a port, attackers can determine if it is open or closed and use this information to determine if there are any known weaknesses which can be exploited.
*The full version of Intelligence Insights is covered in our Premium Threat Pulse. This is available to Managed Service clients and those that purchase our Intelligence Subscription Service. NCC Group offer Threat Intelligence services including that of bespoke reporting on topics surrounding your organisation. Why not speak to a member of the team to see how we can support your business with the ever-evolving threat landscape.
6
7
Made with FlippingBook flipbook maker