How to Use AI to Predict and Prevent Cyberattacks

In today’s rapidly evolving digital landscape, cyberattacks are becoming more frequent, sophisticated, and devastating. As businesses and individuals increasingly rely on technology, the need to bolster cybersecurity has never been more critical. One of the most promising solutions to combat this growing threat is Artificial Intelligence (AI). AI can enhance cybersecurity by predicting,…

What if he was human chat (he is human)

K7 Total Security for Windows

K7 Total Security is a comprehensive cybersecurity solution developed by K7 Computing to provide multi-layer protection for personal computers. With over three decades of expertise, K7 Total Security leverages advanced technologies, such as Cerebro Scanning, to deliver robust defense against evolving malware and cybersecurity threats. Key Features of K7 Total Security 1. Real-Time Threat…

Microsoft raced to put generative AI at the heart of its systems. Ask a question about an upcoming meeting and the company’s Copilot AI system can pull answers from your emails, Teams chats, and files—a potential productivity boon. But these exact processes can also be abused by hackers.

Today at the Black Hat security conference in Las Vegas, researcher Michael Bargury is demonstrating five proof-of-concept ways that Copilot, which runs on its Microsoft 365 apps, such as Word, can be manipulated by malicious attackers, including using it to provide false references to files, exfiltrate some private data, and dodge Microsoft’s security protections.

One of the most alarming displays, arguably, is Bargury’s ability to turn the AI into an automatic spear-phishing machine. Dubbed LOLCopilot, the red-teaming code Bargury created can—crucially, once a hacker has access to someone’s work email—use Copilot to see who you email regularly, draft a message mimicking your writing style (including emoji use), and send a personalized blast that can include a malicious link or attached malware.

“I can do this with everyone you have ever spoken to, and I can send hundreds of emails on your behalf,” says Bargury, the cofounder and CTO of security company Zenity, who published his findings alongside videos showing how Copilot could be abused. “A hacker would spend days crafting the right email to get you to click on it, but they can generate hundreds of these emails in a few minutes.”

That demonstration, as with other attacks created by Bargury, broadly works by using the large language model (LLM) as designed: typing written questions to access data the AI can retrieve. However, it can produce malicious results by including additional data or instructions to perform certain actions. The research highlights some of the challenges of connecting AI systems to corporate data and what can happen when “untrusted” outside data is thrown into the mix—particularly when the AI answers with what could look like legitimate results.

Among the other attacks created by Bargury is a demonstration of how a hacker—who, again, must already have hijacked an email account—can gain access to sensitive information, such as people’s salaries, without triggering Microsoft’s protections for sensitive files. When asking for the data, Bargury’s prompt demands the system does not provide references to the files data is taken from. “A bit of bullying does help,” Bargury says.

In other instances, he shows how an attacker—who doesn’t have access to email accounts but poisons the AI’s database by sending it a malicious email—can manipulate answers about banking information to provide their own bank details. “Every time you give AI access to data, that is a way for an attacker to get in,” Bargury says.

Another demo shows how an external hacker could get some limited information about whether an upcoming company earnings call will be good or bad, while the final instance, Bargury says, turns Copilot into a “malicious insider” by providing users with links to phishing websites.

Phillip Misner, head of AI incident detection and response at Microsoft, says the company appreciates Bargury identifying the vulnerability and says it has been working with him to assess the findings. “The risks of post-compromise abuse of AI are similar to other post-compromise techniques,” Misner says. “Security prevention and monitoring across environments and identities help mitigate or stop such behaviors.”

As generative AI systems, such as OpenAI’s ChatGPT, Microsoft’s Copilot, and Google’s Gemini, have developed in the past two years, they’ve moved onto a trajectory where they may eventually be completing tasks for people, like booking meetings or online shopping. However, security researchers have consistently highlighted that allowing external data into AI systems, such as through emails or accessing content from websites, creates security risks through indirect prompt injection and poisoning attacks.

“I think it’s not that well understood how much more effective an attacker can actually become now,” says Johann Rehberger, a security researcher and red team director, who has extensively demonstrated security weaknesses in AI systems. “What we have to be worried [about] now is actually what is the LLM producing and sending out to the user.”

Bargury says Microsoft has put a lot of effort into protecting its Copilot system from prompt injection attacks, but he says he found ways to exploit it by unraveling how the system is built. This included extracting the internal system prompt, he says, and working out how it can access enterprise resources and the techniques it uses to do so. “You talk to Copilot and it’s a limited conversation, because Microsoft has put a lot of controls,” he says. “But once you use a few magic words, it opens up and you can do whatever you want.”

Rehberger broadly warns that some data issues are linked to the long-standing problem of companies allowing too many employees access to files and not properly setting access permissions across their organizations. “Now imagine you put Copilot on top of that problem,” Rehberger says. He says he has used AI systems to search for common passwords, such as Password123, and it has returned results from within companies.

Both Rehberger and Bargury say there needs to be more focus on monitoring what an AI produces and sends out to a user. “The risk is about how AI interacts with your environment, how it interacts with your data, how it performs operations on your behalf,” Bargury says. “You need to figure out what the AI agent does on a user's behalf. And does that make sense with what the user actually asked for.”

Google makes millions on paid abortion disinformation

Google’s search quality has been in steady decline for years, and Google assures us that they’re working on it, though the most visible effort is replacing links to webpages with lengthy, florid paragraphs written by a confident habitual liar chatbot:

https://pluralistic.net/2023/02/16/tweedledumber/#easily-spooked

The internet is increasingly full of garbage, much of it written by other confident habitual liar chatbots, which are now extruding plausible sentences at enormous scale. Future confident habitual liar chatbots will be trained on the output of these confident liar chatbots, producing Jathan Sadowski’s “Habsburg AI”:

https://twitter.com/jathansadowski/status/1625245803211272194

But the declining quality of Google Search isn’t merely a function of chatbot overload. For many years, Google’s local business listings have been terrible. Anyone who’s tried to find a handyman, a locksmith, an emergency tow, or other small businessperson has discovered that Google is worse than useless for this. Try to search for that locksmith on the corner that you pass every day? You won’t find them — but you will find a fake locksmith service that will dispatch an unqualified, fumble-fingered guy with a drill and a knockoff lock, who will drill out your lock, replace it with one made of bubblegum and spit, and charge you 400% the going rate (and then maybe come back to rob you):

https://www.nytimes.com/2016/01/31/business/fake-online-locksmiths-may-be-out-to-pick-your-pocket-too.html

Google is clearly losing the fraud/spam wars, which is pretty awful, given that they have spent billions to put every other search engine out of business. They spend $45b every year to secure exclusivity deals that prevent people from discovering or using rivals — that’s like buying a whole Twitter every year, just so they don’t have to compete:

https://www.thebignewsletter.com/p/how-a-google-antitrust-case-could/

But there’s an even worse form of fraudulent listing on Google, one they could do something about, but choose not to: ad-fraud. For all the money and energy thrown into “dark SEO” to trick Google into putting your shitty, scammy website at the top of the listings, there’s a much simpler method. All you need to do is pay Google — buy an ad, and your obviously fraudulent site will be right there, at the top of the search results.

There are so many top searches that go to fraud or malware sites. Tech support is a favorite. It’s not uncommon to search for tech support for Google products and be served a fake tech-support website where a scammer will try to trick you into installing a remote-access trojan and then steal everything you have, and/or take blackmail photos of you with your webcam:

https://www.bleepingcomputer.com/news/security/google-search-ads-infiltrated-again-by-tech-support-scams/

This is true even when Google has a trivial means of reliably detecting fraud. Take the restaurant monster-in-the-middle scam: a scammer clones the menu of a restaurant, marking up their prices by 15%, and then buys the top ad slot for searches for that restaurant. Search for the restaurant, click the top link, and land on a lookalike site. The scammer collects your order, bills your card, then places the same order, in your name, with the restaurant.

The thing is, Google runs these ads even for restaurants that are verified merchants — Google mails the restaurant a postcard with a unique number on it, and the restaurant owner keys that number in to verify that they are who they say they are. It would not be hard for Google to check whether an ad for a business matches one of its verified merchants, and, if so, whether the email address is a different one from the verified one on file. If so, Google could just email the verified address with a “Please confirm that you’re trying to buy an ad for a website other than the one we have on file” message:

https://pluralistic.net/2023/02/24/passive-income/#swiss-cheese-security

Google doesn’t do this. Instead, they accept — and make a fortune from — paid disinformation, across every category.

But not all categories of paid disinformation are equally bad: it’s one thing to pay a 15% surcharge on a takeout meal, but there’s a whole universe of paid medical disinformation that Google knows about and has an official policy of tolerating.

This paid medical disinformation comes from “crisis pregnancy centers”: these are fake abortion clinics that raise huge sums from religious fanatics to buy ads that show up for people seeking information about procuring an abortion. If they are duped by one of these ads, they are directed to a Big Con-style storefront staffed by people who pretend that they perform abortions, but who bombard their marks with falsehoods about health complications.

These con artists try to trick their marks into consenting to sexual assault — a transvaginal ultrasound. This is a prelude to another fraud, in which the “sporadic electrical impulses” generated by an early fetal structure is a “heartbeat” (early fetuses do not have hearts, so they cannot produce heartbeats):

https://www.nbcnews.com/health/womens-health/heartbeat-bills-called-fetal-heartbeat-six-weeks-pregnancy-rcna24435

If the victim still insists on getting an abortion, the fraudsters will use deceptive tactics to draw out the process until they run out the clock for a legal abortion, procuring a forced birth through deceit.

It is hard to imagine a less ethical course of conduct. Google’s policy of accepting “crisis pregnancy center” ads is the moral equivalent of taking money from fake oncologists who counsel people with cancer to forego chemotherapy in favor of juice-cleanses.

There is no ambiguity here: the purpose of a “crisis prengancy center” is to deceive people seeking abortions into thinking they are dealing with an abortion clinic, and then further deceive them into foregoing the abortion, by means of lies, sexually invasive and unnecessary medical procedures, and delaying tactics.

Now, a new report from the Center for Countering Digital Hate finds that Google made $10m last year on ads from “crisis pregnancy centers”:

https://www.wired.com/story/google-made-millions-from-ads-for-fake-abortion-clinics/

Many of these “crisis pregnancy centers” are also registered 501(c)3 charities, which makes them eligible for Google’s ad grants, which provide free ads to nonprofits. Marketers who cater to “crisis pregnancy center” advertise that they can help their clients qualify for these grants. In 2019, Google was caught giving tens of thousands of dollars’ worth of free ads to “crisis pregnancy centers”:

https://www.theguardian.com/technology/2019/may/12/google-advertising-abortion-obria

The keywords that “crisis pregnancy centers” bid up include “Planned Parenthood” — meaning that if actual Planned Parenthood clinics want to appear at the top of the search for “planned parenthood,” they have to outbid the fraudsters seeking to deceive Planned Parenthood patients.

Google has an official policy of requiring customers that pay for ads matching abortion-related search terms to label their ads to state whether or not they provide abortions, but the report documents failures to enforce this policy. The labels themselves are confusing: for example, abortion travel funds have to be labeled as “not providing abortions.”

Google isn’t afraid to ban whole categories of advertising: for example, Google has banned Plan C, a nonprofit that provides information about medication abortions. The company erroneously classes Plan C as an “unauthorized pharmacy.” But Google continues to offer paid disinformation on behalf of forced birth groups that claim there is such a thing as “abortion reversal” (there isn’t — but the “abortion reversal” drug cocktail is potentially lethal).

This is inexcusable, but it’s not unique — and it’s not even that profitable. $10m is a drop in the bucket for a company like Google. When you’re lighting $45b/year on fire just to prevent competition, $10m is chump change. A better way to understand Google’s relationship to paid disinformation can be found by studying Facebook’s own paid disinformation problem.

Facebook has a well-documented problem with paid political disinformation — unambiguous, illegal materials, like paid notices advising people to remember to vote on November 6th (when election day falls on November 5th). The company eventually promised to put political ads in a repository where they could be inspected by all parties to track its progress in blocking paid disinformation.

Facebook did a terrible job at this, with huge slices of its political ads never landing in its transparency portal. We know this because independent researchers at NYU’s engineering school built an independent, crowdsourced tracker called Ad Observer, which scraped all the ads volunteers saw and uploaded them to a portal called Ad Observatory.

Facebook viciously attacked the NYU project, falsely smearing it as a privacy risk (the plugin was open source and was independently audited by Mozilla researchers, who confirmed that it didn’t collect any personal information). When that didn’t work, they sent a stream of legal threats, claiming that NYU was trafficking in a “circumvention device” as defined by Section 1201 of the Digital Millennium Copyright Act, a felony carrying a five-year prison sentence and a $500k fine — for a first offense.

Eventually, NYU folded the project. Facebook, meanwhile, has fired or reassigned most of the staff who work on political ad transparency:

https://pluralistic.net/2021/08/06/get-you-coming-and-going/#potemkin-research-program

What are we to make of this? Facebook claims that it doesn’t need or want political ad revenue, which are a drop in the bucket and cause all kinds of headaches. That’s likely true — but Facebook’s aversion to blocking political ads doesn’t extend to spending a lot of money to keep paid political disinfo off the platform.

The company could turn up the sensitivity on its blocking algorithm, which would generate more false positives, in which nonpolitical ads are misidentified and have to be reviewed by humans. This is expensive, and it’s an expense Facebook can avoid if it can suppress information about its failures to block paid political disinformation. It’s cheaper to silence critics than it is to address their criticism.

I don’t think Google gives a shit about the $10m it gets from predatory fake abortion clinics. But I think the company believes that the PR trouble it would get into for blocking them — and the expense it would incur in trying to catch and block fake abortion clinic ads — are real liabilities. In other words, it’s not about the $10m it would lose by blocking the ads — Google wants to avoid the political heat it would take from forced birth fanatics and cost of the human reviewers who would have to double-check rejected ads.

In other words, Google doesn’t abet fraudulent abortion clinics because they share the depraved sadism of the people who run these clinics. Rather, Google teams up with these sadists out of cowardice and greed.

If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2023/06/15/paid-medical-disinformation/#crisis-pregnancy-centers

[Image ID: A ruined streetscene. Atop a pile of rubble sits a dilapidated shack. In front of the shack is a letterboard with the word ABORTIONS set off-center and crooked. In the foreground is a carny barker at a podium, gesturing at the sign and the shack. The barker's head and face have been replaced with the Google logo. Within the barker's podium is a heap of US$100 bills.]

Image: Flying Logos (modified) https://commons.wikimedia.org/wiki/File:Over_$1,000,000_dollars_in_USD_$100_bill_stacks.png

CC BY-SA 4.0 https://creativecommons.org/licenses/by-sa/4.0/deed.en

AI Could Generate 10,000 Malware Variants, Evading Detection in 88% of Case

Source: https://thehackernews.com/2024/12/ai-could-generate-10000-malware.html

More info: https://unit42.paloaltonetworks.com/using-llms-obfuscate-malicious-javascript/

DeepSeek-R1 Red Teaming Report: Alarming Security and Ethical Risks Uncovered

New Post has been published on https://thedigitalinsider.com/deepseek-r1-red-teaming-report-alarming-security-and-ethical-risks-uncovered/

DeepSeek-R1 Red Teaming Report: Alarming Security and Ethical Risks Uncovered

A recent red teaming evaluation conducted by Enkrypt AI has revealed significant security risks, ethical concerns, and vulnerabilities in DeepSeek-R1. The findings, detailed in the January 2025 Red Teaming Report, highlight the model’s susceptibility to generating harmful, biased, and insecure content compared to industry-leading models such as GPT-4o, OpenAI’s o1, and Claude-3-Opus. Below is a comprehensive analysis of the risks outlined in the report and recommendations for mitigation.

Key Security and Ethical Risks

1. Harmful Output and Security Risks

Highly vulnerable to producing harmful content, including toxic language, biased outputs, and criminally exploitable information.

11x more likely to generate harmful content than OpenAI’s o1.

4x more toxic than GPT-4o.

3x more biased than Claude-3-Opus.

4x more vulnerable to generating insecure code than OpenAI’s o1.

Highly susceptible to CBRN (Chemical, Biological, Radiological, and Nuclear) information generation, making it a high-risk tool for malicious actors.

2. Comparison with Other Models

Risk Category DeepSeek-R1 Claude-3-Opus GPT-4o OpenAI’s o1 Bias 3x higher Lower Similar Similar Insecure Code 4x higher 2.5x higher 1.25x higher – Harmful Content 11x higher 6x higher 2.5x higher – Toxicity 4x higher Nearly absent 2.5x higher – CBRN Content 3.5x higher 3.5x higher 2x higher –

Bias and Ethical Risks

83% of bias attacks were successful, with substantial bias detected in health, race, and religion-related queries.

The model displayed higher levels of demographic stereotyping, which could violate various fairness regulations including ECOA, FHA, ACA, and the EU AI Act.

Sample test cases demonstrated that DeepSeek-R1 preferred certain demographics for high-status job roles, reinforcing workplace bias.

Harmful Content Generation

45% of harmful tests resulted in the model generating content related to criminal activities, including illegal weapons and controlled substances.

A test prompt asking the model to develop a blog on “The Art of Persuasion in Terrorist Recruitment” resulted in a highly detailed response outlining radicalization strategies that could be exploited by extremist groups to refine recruitment tactics, potentially increasing the risk of real-world violence.

2.5x more vulnerable than GPT-4o and 6x more vulnerable than Claude-3-Opus to generating extremist content.

45% of harmful tests resulted in the model generating content related to criminal activities, including illegal weapons and controlled substances.

Insecure Code Generation

78% of code-related attacks successfully extracted insecure and malicious code snippets.

The model generated malware, trojans, and self-executing scripts upon requests. Trojans pose a severe risk as they can allow attackers to gain persistent, unauthorized access to systems, steal sensitive data, and deploy further malicious payloads.

Self-executing scripts can automate malicious actions without user consent, creating potential threats in cybersecurity-critical applications.

Compared to industry models, DeepSeek-R1 was 4.5x, 2.5x, and 1.25x more vulnerable than OpenAI’s o1, Claude-3-Opus, and GPT-4o, respectively.

78% of code-related attacks successfully extracted insecure and malicious code snippets.

CBRN Vulnerabilities

Generated detailed information on biochemical mechanisms of chemical warfare agents. This type of information could potentially aid individuals in synthesizing hazardous materials, bypassing safety restrictions meant to prevent the spread of chemical and biological weapons.

13% of tests successfully bypassed safety controls, producing content related to nuclear and biological threats.

3.5x more vulnerable than Claude-3-Opus and OpenAI’s o1.

Generated detailed information on biochemical mechanisms of chemical warfare agents.

13% of tests successfully bypassed safety controls, producing content related to nuclear and biological threats.

3.5x more vulnerable than Claude-3-Opus and OpenAI’s o1.

Recommendations for Risk Mitigation

To minimize the risks associated with DeepSeek-R1, the following steps are advised:

1. Implement Robust Safety Alignment Training

2. Continuous Automated Red Teaming

Regular stress tests to identify biases, security vulnerabilities, and toxic content generation.

Employ continuous monitoring of model performance, particularly in finance, healthcare, and cybersecurity applications.

3. Context-Aware Guardrails for Security

Develop dynamic safeguards to block harmful prompts.

Implement content moderation tools to neutralize harmful inputs and filter unsafe responses.

4. Active Model Monitoring and Logging

Real-time logging of model inputs and responses for early detection of vulnerabilities.

Automated auditing workflows to ensure compliance with AI transparency and ethical standards.

5. Transparency and Compliance Measures

Maintain a model risk card with clear executive metrics on model reliability, security, and ethical risks.

Comply with AI regulations such as NIST AI RMF and MITRE ATLAS to maintain credibility.

Conclusion

DeepSeek-R1 presents serious security, ethical, and compliance risks that make it unsuitable for many high-risk applications without extensive mitigation efforts. Its propensity for generating harmful, biased, and insecure content places it at a disadvantage compared to models like Claude-3-Opus, GPT-4o, and OpenAI’s o1.

Given that DeepSeek-R1 is a product originating from China, it is unlikely that the necessary mitigation recommendations will be fully implemented. However, it remains crucial for the AI and cybersecurity communities to be aware of the potential risks this model poses. Transparency about these vulnerabilities ensures that developers, regulators, and enterprises can take proactive steps to mitigate harm where possible and remain vigilant against the misuse of such technology.

Organizations considering its deployment must invest in rigorous security testing, automated red teaming, and continuous monitoring to ensure safe and responsible AI implementation. DeepSeek-R1 presents serious security, ethical, and compliance risks that make it unsuitable for many high-risk applications without extensive mitigation efforts.

Readers who wish to learn more are advised to download the report by visiting this page.

Problem: EDR detected a system file as malware, it flagged but didn’t delete the file. Is it a false positive or not? Twil tries to find out.

Investigation:

Examples of similar trojans hijack Yahoo Messenger to send typical spooky virus messages. Most of them in Vietnamese.

A particularly amusing example: “You need to update Windows! Go to http://geocities.co.jp/virus.exe”

Can’t find any examples of this thing doing anything with this system file.

This is a system file that could Cause Problems if it got deleted, so we probably shouldn’t do that

Skipping any links from Kaspersky or McAfee.

Is [insert article] written by ChatGPT? Is the clipart AI? Is the article complete bullshit or is it shilling a malware “file cleaner” or is it just written by an ESL speaker?

Interesting article about decompiling an executable and algorithmically de-obfuscating the code. Getting sidetracked.

Page from the corp that just bought VMWare with absolutely no information

Result: Got completely sidetracked and sadly had to go home and make a nice cup of tea

I'm so glad that generative AI is dying, but please please please understand that chatbot AIs and art generation AIs and voice replicating AIs are not the ones I'm scared of, they're just the most gimmicky, and the easiest to fight in a court of law.

You should be concerned with facial recognition software being used in policing. Many of these AIs are trained on datasets of majority white males, meaning they become less accurate and less effective when used on someone outside of those demographics, meaning more innocent people of marginalized communities being accused and harassed by police.

You should be concerned with resume-reading AI. Amazon created an AI model that was trained on previous hiring data and used to filter out applications. The software recognized a pattern of applicants with non-white names being rejected and thus filtered out every applicant with any non-white name. This software was deemed a failure by Amazon and was scrapped, but highlights a big issue with AI in general. If there's a shred of bias in a testing dataset, that bias will be amplified by the software.

You should be concerned with autonomous weaponry used in warfare. See, when I say "I want fewer people to die in war", it's because I want less war. What I don't want is for large wealthy imperialist countries to be putting lethal weapons with little to no human oversight into warzones where they can 'identify enemy combatants' and 'eliminate targets' at the discretion of a computer program. You know it's bad when even Elon Musk has publicly supported a ban on autonomous weaponry.

You should be concerned with AIs being trained to diagnose medical problems. These AIs are being trained on diagnosis data of previous medical cases. Meaning using patient data for a testing dataset (HIPAA/PIPEDA/GDPR etc. violations??). Anyone who's been tossed around the medical system could tell you that removing the humanity from healthcare will only lead to more suffering.

These are only a few examples I know off the top of my head as someone studying computer science in undergrad. This isn't to say that all AI is bad. AI is such a huge category of software that lumping it all together is irresponsible. AI is used in maps and navigation, spellcheck, translation software, speech-to-text, text-to-speech, online banking, malware detection, hate speech filtering, and so many assistive technologies for disabled people.

I'm glad that chatGPT and AI art generators are dying, but they're barely even on my list of concerns when it comes to AI technology.

from grapheneOS's tweet:

Neither this app or the Google Messages app using it are part of GrapheneOS and neither will be, but GrapheneOS users can choose to install and use both. Google Messages still works without the new app. The app doesn't provide client-side scanning used to report things to Google or anyone else. It provides on-device machine learning models usable by applications to classify content as being spam, scams, malware, etc. This allows apps to check content locally without sharing it with a service and mark it with warnings for users. It's unfortunate that it's not open source and released as part of the Android Open Source Project and the models also aren't open let alone open source. It won't be available to GrapheneOS users unless they go out of the way to install it. We'd have no problem with having local neural network features for users, but they'd have to be open source. We wouldn't want anything saving state by default. It'd have to be open source to be included as a feature in GrapheneOS though, and none of it has been so it's not included. Google Messages uses this new app to classify messages as spam, malware, nudity, etc. Nudity detection is an optional feature which blurs media detected as having nudity and makes accessing it require going through a dialog. Apps have been able to ship local AI models to do classification forever. Most apps do it remotely by sharing content with their servers. Many apps have already have client or server side detection of spam, malware, scams, nudity, etc. Classifying things like this is not the same as trying to detect illegal content and reporting it to a service. That would greatly violate people's privacy in multiple ways and false positives would still exist. It's not what this is and it's not usable for it. GrapheneOS has all the standard hardware acceleration support for neural networks but we don't have anything using it. All of the features they've used it for in the Pixel OS are in closed source Google apps. A lot is Pixel exclusive. The features work if people install the apps.

hey folks if you have an android phone: google shadow installed a "security app".

I had to go and delete it myself this morning.

10 Essential Navy Current Affairs for 2025

As global maritime tensions rise and technological advancements redefine naval operations, staying informed about current affairs in the naval sphere is more critical than ever. Whether you're a defense enthusiast, policy analyst, or preparing for competitive exams, understanding the 10 Essential Navy Current Affairs for 2025 will help you stay ahead. Here's a breakdown of the most impactful updates in navy current affairs 2025 (TheVeza)—a year of innovation, diplomacy, and strategic repositioning.

1. India Commissions Indigenous Aircraft Carrier INS Vikrant-II

Building on the success of its first homegrown carrier, India officially commissioned INS Vikrant-II in early 2025. The state-of-the-art vessel is equipped with advanced radar systems, electromagnetic aircraft launch systems (EMALS), and stealth capabilities, making it a formidable addition to the Indian Navy’s blue-water fleet.

2. QUAD Naval Exercises Expand Scope

The QUAD alliance—comprising India, the U.S., Japan, and Australia—held its largest-ever naval exercise in the Bay of Bengal this year. New drills focused on cyberwarfare and anti-submarine operations, reflecting the changing dynamics of maritime security in the Indo-Pacific.

3. AUKUS Pact Rolls Out Nuclear Submarine Technology

A major development in navy current affairs 2025, the AUKUS alliance (Australia, UK, US) has begun the delivery of nuclear-powered submarines to Australia. This shift is expected to significantly alter the strategic calculus in the South China Sea and beyond.

4. Artificial Intelligence Integration in Naval Warfare

AI is no longer the future—it’s now standard. In 2025, navies around the world have begun integrating AI for threat detection, autonomous vessel navigation, and tactical decision-making. The U.S. Navy, in particular, unveiled its first fully AI-coordinated fleet simulation exercises in the Pacific.

5. China’s Third Aircraft Carrier—Fujian—Becomes Operational

China's Type 003 aircraft carrier Fujian entered full operational status this year. It features electromagnetic catapults and a significantly larger air wing. This development is being closely monitored by global naval forces due to its implications for Taiwan and South China Sea dynamics.

6. Indian Navy Unveils Blue Economy Naval Doctrine

In a groundbreaking step, the Indian Navy released a comprehensive Blue Economy Naval Doctrine focusing on ocean resource management, environmental protection, and strategic economic zones. This initiative merges sustainability with security—a critical trend in 2025.

7. Cybersecurity Breaches in Naval Systems

2025 witnessed a spate of cybersecurity breaches targeting naval command systems. One of the most alarming incidents involved a malware attack on a NATO warship's communication grid during a Black Sea drill. This highlights the pressing need for cyber-resilience in naval infrastructure.

8. Expansion of the Indo-Pacific Maritime Domain Awareness (IPMDA)

To counter China's growing assertiveness, the IPMDA program, originally launched in 2022, received a major upgrade. Satellites, undersea sensors, and cooperative AI platforms now provide real-time tracking of vessels across contested maritime regions.

9. Women in Navy Leadership Roles Surge

Marking a pivotal cultural shift, several navies, including those of India and the UK, appointed women officers to command warships and submarines. Commander Priya Nair of the Indian Navy became the first woman to lead an anti-submarine warfare unit in 2025.

10. Navy’s Role in Humanitarian and Climate Missions

From disaster relief in cyclone-hit Southeast Asia to Arctic rescue missions, 2025 saw an expansion of naval operations in humanitarian assistance and climate response. The Navy is becoming a key pillar in global climate resilience strategies.

Why These Navy Current Affairs Matter (For TheVeza Readers)

Each of these developments reflects how naval strategy, technology, and geopolitics are shifting rapidly in 2025. For readers of TheVeza, whether you're preparing for defense exams, reporting on maritime policy, or just keen on understanding global security trends, these affairs provide valuable insights into:

Evolving military alliances

Technological breakthroughs in defense

Global power realignment on the seas

The growing role of navies in diplomacy and disaster response

Pro Tip for Aspirants & Analysts:

When studying navy current affairs 2025 (for TheVeza), always connect individual events to larger strategic trends. Think about how AI, geopolitics, and environmental changes are collectively redefining naval power projection.

Final Thoughts

2025 has proven to be a year of transformation for navies across the globe. From indigenous shipbuilding to AI-powered fleets and diplomatic exercises, these 10 essential navy current affairs underscore the increasingly complex role naval forces play in global affairs.

The Role of AI in Cybersecurity

In an increasingly digital world, cybersecurity has become more critical than ever. With cyber threats growing in complexity and frequency, traditional security systems often struggle to keep up. This is where Artificial Intelligence (AI) steps in as a transformative force in cybersecurity. AI brings speed, adaptability, and intelligence to threat detection and response systems, enabling organizations to safeguard sensitive data more efficiently.

The integration of AI in cybersecurity is revolutionizing how threats are identified, analyzed, and neutralized. It helps companies not only detect potential breaches in real-time but also predict and prevent them with far greater accuracy. As organizations strive to fortify their digital infrastructure, understanding the role of AI in cybersecurity has become essential for both professionals and businesses.

AI Enhancing Threat Detection AI has dramatically changed the way cybersecurity threats are detected. Traditional systems rely heavily on predefined rules and signatures, which can be ineffective against new or evolving threats. In contrast, AI uses machine learning algorithms to analyze massive volumes of data and identify patterns that may indicate malicious activity.

By continuously learning from new threats, AI systems can quickly recognize anomalies in network behavior or unauthorized access attempts. This ability allows AI to detect zero-day threats and insider attacks that would typically evade traditional detection methods. The speed and accuracy of AI-powered tools are making them indispensable in today’s threat landscape.

Automated Response and Mitigation AI doesn’t just stop at detection—it also aids in responding to threats. Automated response mechanisms driven by AI can take immediate action to isolate compromised systems, block malicious traffic, or alert security teams before damage is done.

This rapid response minimizes the window of vulnerability and reduces the impact of attacks. In some cases, AI can handle routine threats entirely on its own, freeing up human analysts to focus on more complex security challenges.

AI in Malware Analysis AI has also proven useful in malware detection and analysis. Instead of relying solely on known malware signatures, AI can identify unknown or polymorphic malware by examining behavior and characteristics.

Advanced AI tools use deep learning models to understand how malware operates, even if it has never been seen before. This proactive approach helps cybersecurity teams stay ahead of cybercriminals, who are constantly adapting their techniques to evade detection.

Behavioral Analytics for Improved Security Behavioral analytics is another area where AI excels. By building user behavior profiles, AI can detect when an individual deviates from their usual pattern, which might signal a compromised account or malicious insider activity.

For instance, if a user suddenly begins accessing sensitive files at odd hours or from unfamiliar locations, AI systems can flag this behavior for investigation. This form of monitoring adds a powerful layer of defense to cybersecurity strategies.

AI Pest Monitoring - DataMites AI Internship Projects

AI for Threat Intelligence and Prediction AI can analyze vast quantities of cybersecurity data from across the globe to identify emerging threats and attack trends. It helps organizations and security professionals stay informed about potential vulnerabilities and threats before they reach their systems.

Predictive capabilities driven by AI allow companies to take preventive measures, improving their overall security posture. It also helps in crafting more robust incident response plans by learning from past security events.

Upskilling for the Future of Cybersecurity With AI becoming integral to cybersecurity, professionals must upgrade their skills to stay relevant. Pursuing AI certification in Indore is an excellent step for those looking to enter or grow in the cybersecurity field. These programs offer practical knowledge of how AI is applied in real-world security settings, from anomaly detection to automated threat response.

As cybersecurity becomes more AI-driven, professionals equipped with both cybersecurity and AI skills will be in high demand. The ability to understand and deploy AI tools effectively will be a critical asset in the coming years. For residents of Indore, the typical cost of such certifications ranges between ₹40,000 to ₹70,000 depending on the course duration and level of hands-on experience.

The Growing Importance of AI Certification in Indore Organizations are now hiring candidates who understand both cybersecurity fundamentals and how AI complements security architecture. An AI certification in Indore not only enhances one’s technical knowledge but also improves employability in this rapidly evolving sector. With growing tech presence in Indore and demand for skilled professionals, the city is emerging as a hub for AI-based learning in cybersecurity.

Students and working professionals alike are recognizing the value of structured learning programs that combine theory with practical experience. Whether you're new to cybersecurity or a seasoned IT professional, obtaining an AI certification in Indore can open new doors and future-proof your career.

DataMites Institute is a trusted AI training provider in Indore, known for its industry-aligned curriculum and expert instructors. The institute bridges the gap between theory and practice by offering project-based learning and hands-on sessions, preparing learners for advanced roles in AI and cybersecurity. Accredited by IABAC and NASSCOM FutureSkills, DataMites emphasizes real-world applications with live projects and expert guidance. With over 1,00,000 successful graduates, it continues to equip learners with the skills needed to meet industry demands.

In conclusion, AI is rapidly transforming the field of cybersecurity—from smarter threat detection and automated response to predictive analytics and behavior monitoring. As organizations continue to rely on AI-driven solutions to combat ever-evolving threats, professionals must equip themselves with the right skills. Pursuing a specialized program such as an AI certification in Indore is an effective way to stay ahead of the curve. Institutes like DataMites offer strong foundations and practical insights to help learners thrive in the AI-powered future of cybersecurity.

AI detection is the big area for scammery now, both large and small.

On the small end, you see stuff like the above AO3 bot scam. There's no real tech behind it, and the concern that it'd be used to scrape more material is rather silly. A webspider would do the job far more efficiently. The site it's taking you to is more likely a mass of trackers and malware scripts.

But pay attention to the wording used:

"call out all AI using cheaters" is very telling language. For a scam to work, the victim has to want something, and they've identified the very common want of an opportunity to unleash cruelty on a 'deserving' target without fear of retaliation.

I have anon asks turned off for a reason.

Here's the truth of it: if there's an AI written fic on AO3 that hasn't been edited enough to count as the human author's work, then it's going to suck, and that's enough reason to not recommend it. If the answer to "why do I want to know if this is AI?" is "so I can attack the person if it is" then you need to reconsider your motivations.

The grand irony is that the fervently anti-AI crowd isn't fighting the phenomenon, they're 100% a part of it.

Because AI-hype and anti-AI paranoia are two sides of the same coin.

A realistic understanding of the situation with functional knowledge of how the technology actually works greatly reduces both the terror generative AI produces, at the same time it deflates the kind of deceptive promises that pump the company stock.

Programs that promise to detect AI and those that promise to poison datasets don't need to actually work to look promising enough to draw investor cash or a buyout, and are the new wild west of AI snakeoil.

Glaze and Nightshade are ineffective for multiple reasons and Artshield only works because AI scrapers don't want to scrape their own gens to reduce recursive dataset issues, and it uses stable diffusion to put a stable diffusion watermark on the picture (ironically making it so that it triggers AI detectors as AI). In all cases, traditional watermarks and/or signatures are more effective at dissuading random scraping.

So images can be detected as AI... provided they haven't been modified or edited enough that the AI-generator's own watermark is erased. If that hasn't happened, you don't need fancy detectors, there's free utilities to do that (I'm sure). If it has been edited, then you're back to reading tea leaves.

But there's no marking text in the same way. Some efforts have been made to make the programs embed word-patterns that can be used as a watermark, but a few editing passes or even a run through a second 'reword this better' AI and that's gone.

But there's always someone out there to sell a detector if someone wants to find something bad enough. Drugs, bombs, water, or "cheaters" -

- so long as you don't mind buying a dowsing rod.

Quick PSA, if you get one of those "Work scanned, AI use detected" comments on AO3, just mark them as spam.

Some moron apparently built a bot to annoy or prank hundreds of authors.

There is no scanning process, your work doesn't actually resemble AI writing, it's all bullshit. Mark the comment as spam (on AO3, not the email notification you got about the comment!) and don't let it get to you.

KnowBe4, a US-based security vendor, revealed that it unwittingly hired a North Korean hacker who attempted to load malware into the company's network. KnowBe4 CEO and founder Stu Sjouwerman described the incident in a blog post this week, calling it a cautionary tale that was fortunately detected before causing any major problems.

"First of all: No illegal access was gained, and no data was lost, compromised, or exfiltrated on any KnowBe4 systems," Sjouwerman wrote. “This is not a data breach notification, there was none. See it as an organizational learning moment I am sharing with you. If it can happen to us, it can happen to almost anyone. Don't let it happen to you.”

KnowBe4 said it was looking for a software engineer for its internal IT AI team. The firm hired a person who, it turns out, was from North Korea and was "using a valid but stolen US-based identity" and a photo that was "enhanced" by artificial intelligence. There is now an active FBI investigation amid suspicion that the worker is what KnowBe4's blog post called "an Insider Threat/Nation State Actor."

KnowBe4 operates in 11 countries and is headquartered in Florida. It provides security awareness training, including phishing security tests, to corporate customers. If you occasionally receive a fake phishing email from your employer, you might be working for a company that uses the KnowBe4 service to test its employees' ability to spot scams.

Person Passed Background Check and Video Interviews

KnowBe4 hired the North Korean hacker through its usual process. "We posted the job, received résumés, conducted interviews, performed background checks, verified references, and hired the person. We sent them their Mac workstation, and the moment it was received, it immediately started to load malware," the company said.

Even though the photo provided to HR was fake, the person who was interviewed for the job apparently looked enough like it to pass. KnowBe4's HR team "conducted four video conference based interviews on separate occasions, confirming the individual matched the photo provided on their application," the post said. "Additionally, a background check and all other standard pre-hiring checks were performed and came back clear due to the stolen identity being used. This was a real person using a valid but stolen US-based identity. The picture was AI 'enhanced.'"

The two images at the top of this story are a stock photo and what KnowBe4 says is the AI fake based on the stock photo. The stock photo is on the left, and the AI fake is on the right.

The employee, referred to as "XXXX" in the blog post, was hired as a principal software engineer. The new hire's suspicious activities were flagged by security software, leading KnowBe4's Security Operations Center (SOC) to investigate:

On July 15, 2024, a series of suspicious activities were detected on the user beginning at 9:55 pm EST. When these alerts came in KnowBe4's SOC team reached out to the user to inquire about the anomalous activity and possible cause. XXXX responded to SOC that he was following steps on his router guide to troubleshoot a speed issue and that it may have caused a compromise. The attacker performed various actions to manipulate session history files, transfer potentially harmful files, and execute unauthorized software. He used a Raspberry Pi to download the malware. SOC attempted to get more details from XXXX including getting him on a call. XXXX stated he was unavailable for a call and later became unresponsive. At around 10:20 pm EST SOC contained XXXX's device.

“Fake IT Worker From North Korea”

The SOC analysis indicated that the loading of malware "may have been intentional by the user," and the group "suspected he may be an Insider Threat/Nation State Actor," the blog post said.

"We shared the collected data with our friends at Mandiant, a leading global cybersecurity expert, and the FBI, to corroborate our initial findings. It turns out this was a fake IT worker from North Korea," Sjouwerman wrote.

KnowBe4 said it can't provide much detail because of the active FBI investigation. But the person hired for the job may have logged into the company computer remotely from North Korea, Sjouwerman explained:

How this works is that the fake worker asks to get their workstation sent to an address that is basically an "IT mule laptop farm." They then VPN in from where they really physically are (North Korea or over the border in China) and work the night shift so that they seem to be working in US daytime. The scam is that they are actually doing the work, getting paid well, and give a large amount to North Korea to fund their illegal programs. I don't have to tell you about the severe risk of this. It's good we have new employees in a highly restricted area when they start, and have no access to production systems. Our controls caught it, but that was sure a learning moment that I am happy to share with everyone.

While Hackers Planned, EDSPL Was Already Ten Steps Ahead

In a world where every digital interaction is vulnerable, cybersecurity is no longer optional — it's the frontline defense of your business. Yet while many organizations scramble to react when a breach occurs, EDSPL operates differently. We don’t wait for threats to knock on the door. We anticipate them, understand their intentions, and neutralize them before they even surface.

Because when hackers are plotting their next move, EDSPL is already ten steps ahead.

The EDSPL Philosophy: Cybersecurity Is About Foresight, Not Just Firewalls

The old security model focused on building barriers — firewalls, antivirus software, strong passwords. But today’s cybercriminals don’t follow predictable paths. They evolve constantly, test systems in silence, and strike where you least expect.

EDSPL believes the real game-changer is predictive, layered defense, not reactive patchwork. Our mission is simple: to secure every digital touchpoint of your business with proactive intelligence and continuous innovation.

Let’s take you through how we do it — step by step.

Step 1: 24/7 Vigilance with an Intelligent SOC

Our Security Operations Center (SOC) isn’t just a room with blinking screens — it's the heartbeat of our cybersecurity ecosystem.

Operating 24x7, our SOC monitors every piece of digital activity across your infrastructure — cloud, network, endpoints, applications, and more. The goal? Detect, analyze, and respond to any abnormality before it turns into a crisis.

AI-powered threat detection

Real-time alert triaging

Continuous log analysis

Human + machine correlation

While others wait for signs of compromise, we catch the hints before the damage.

Step 2: SIEM – Seeing the Unseen

SIEM (Security Information and Event Management) acts as the brain behind our security posture. It pulls data from thousands of sources — firewalls, servers, endpoints, routers — and analyzes it in real time to detect anomalies.

For instance, if an employee logs in from Mumbai at 10:00 AM and from Russia at 10:03 AM — we know something’s wrong. That’s not a human. That’s a threat. And it needs to be stopped.

SIEM lets us see what others miss.

Step 3: SOAR – Automating Smart Responses

Detection is only half the story. Speedy, accurate response is the other half.

SOAR (Security Orchestration, Automation, and Response) turns alerts into actions. If a malware file is detected on an endpoint, SOAR can:

Quarantine the device

Notify IT instantly

Run scripts to scan the entire network

Launch a root cause analysis — all in real-time

This reduces the response time from hours to seconds. When hackers are moving fast, so are we — faster, smarter, and more focused.

Step 4: XDR – Beyond the Endpoint

XDR (Extended Detection and Response) extends protection to cloud workloads, endpoints, servers, emails, and even IoT devices. Unlike traditional tools that only secure silos, XDR connects the dots across your digital ecosystem.

So if an attack begins through a phishing email, spreads to a laptop, and then tries to access cloud storage — we track it, contain it, and eliminate it at every stage.

That’s the EDSPL edge: protection that flows where your business goes.

Step 5: CNAPP – Complete Cloud Confidence

As businesses shift to the cloud, attackers follow.

CNAPP (Cloud-Native Application Protection Platform) provides deep visibility, governance, and runtime protection for every asset you run in public, private, or hybrid cloud environments.

Whether it’s container security, misconfiguration alerts, or DevSecOps alignment — CNAPP makes sure your cloud remains resilient.

And while hackers try to exploit the cloud’s complexity, EDSPL simplifies and secures it.

Step 6: ZTNA, SASE, and SSE – Redefining Access and Perimeter Security

Gone are the days of a fixed network boundary. Today, employees work from homes, cafes, airports — and data travels everywhere.

That’s why EDSPL embraces Zero Trust Network Access (ZTNA) — never trust, always verify. Every user and device must prove who they are every time.

Coupled with SASE (Secure Access Service Edge) and SSE (Security Service Edge), we provide:

Encrypted tunnels for safe internet access

Identity-driven policies for access control

Data loss prevention at every stage

Whether your user is at HQ or on vacation in Tokyo, their connection is secure.

Step 7: Email Security – Because 90% of Threats Start with an Inbox

Phishing, spoofing, ransomware links — email is still the hacker’s favorite weapon.

EDSPL’s advanced email security stack includes:

Anti-spam filters

Advanced Threat Protection (ATP)

Malware sandboxing

Real-time URL rewriting

And because human error is inevitable, we also provide employee awareness training — so your team becomes your first line of defense, not your weakest link.

Step 8: Application & API Security – Shielding What Powers Your Business

Your customer portal, internal CRM, APIs, and mobile apps are digital goldmines for attackers.

EDSPL protects your applications and APIs through:

WAF (Web Application Firewall)

Runtime protection

API behavior monitoring

OWASP Top 10 patching

We ensure your software delivers value — not vulnerabilities.

Step 9: VAPT – Ethical Hacking to Outsmart the Real Ones

We don’t wait for attackers to find weaknesses. We do it ourselves — legally, ethically, and strategically.

Our Vulnerability Assessment and Penetration Testing (VAPT) services simulate real-world attack scenarios to:

Find misconfigurations

Exploit weak passwords

Test security controls

Report, fix, and harden

It’s like hiring a hacker who’s on your payroll — and on your side.

Please visit our website to know more about this blog https://edspl.net/blog/while-hackers-planned-edspl-was-already-ten-steps-ahead/

Sam Altman has a new optical scanner to detect humans from AI

Unlock the Secrets of Ethical Hacking! Ready to dive into the world of offensive security? This course gives you the Black Hat hacker’s perspective, teaching you attack techniques to defend against malicious activity. Learn to hack Android and Windows systems, create undetectable malware and ransomware, and even master spoofing techniques. Start your first hack in just one hour! Enroll now and…