{"id":122454,"date":"2024-11-05T20:30:18","date_gmt":"2024-11-05T13:30:18","guid":{"rendered":"https:\/\/hotvideos24.online\/?p=122454"},"modified":"2024-11-05T20:30:18","modified_gmt":"2024-11-05T13:30:18","slug":"google-claims-world-first-as-ai-finds-0-day-security-vulnerability","status":"publish","type":"post","link":"https:\/\/hotvideos24.online\/?p=122454","title":{"rendered":"Google Claims World First As AI Finds 0-Day Security Vulnerability"},"content":{"rendered":"<p> <script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3711241968723425\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-format=\"fluid\"\r\n     data-ad-layout-key=\"-fb+5w+4e-db+86\"\r\n     data-ad-client=\"ca-pub-3711241968723425\"\r\n     data-ad-slot=\"7910942971\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><br \/>\n<\/p>\n<div>\n<figure class=\"embed-base image-embed embed-0\" role=\"presentation\"><figcaption><fbs-accordion><\/p>\n<p class=\"color-body light-text\">Google&#8217;s Big Sleep team uncovers a zero-day vulnerability using AI for the first time.<\/p>\n<p><\/fbs-accordion><small>SOPA Images\/LightRocket via Getty Images<\/small><\/figcaption><\/figure>\n<p><em>Update, Nov. 05, 2024: This story, originally published Nov. 04, now includes the results of research into the use of AI deepfakes.<\/em><\/p>\n<p>An AI agent has discovered a previously unknown, zero-day, exploitable memory-safety vulnerability in widely used real-world software. It\u2019s the first example, at least to be made public, of such a find, according to Google\u2019s Project Zero and DeepMind, the forces behind Big Sleep, the large language model-assisted vulnerability agent that spotted the vulnerability.<\/p>\n<p>If you don\u2019t know what Project Zero is and have not been in awe of what it has achieved in the security space, then you simply have not been paying attention these last few years. These elite hackers and security researchers work relentlessly to uncover <a href=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/09\/04\/google-issues-android-under-attack-warning-as-0-day-threat-hits-users\/\" target=\"_self\" class=\"color-link\" title=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/09\/04\/google-issues-android-under-attack-warning-as-0-day-threat-hits-users\/\" data-ga-track=\"InternalLink:https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/09\/04\/google-issues-android-under-attack-warning-as-0-day-threat-hits-users\/\" aria-label=\"zero-day vulnerabilities\" rel=\"noopener\">zero-day vulnerabilities<\/a> in Google\u2019s products and beyond. The same accusation of lack of attention applies if you are unaware of DeepMind, Google\u2019s AI research labs. So when these two technological behemoths joined forces to create Big Sleep, they were bound to make waves.<\/p>\n<p><a class=\"embed-base color-body color-body-border link-embed embed-2\" href=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/10\/29\/how-anxiety-beat-the-ai-10-billion-startup-deepfake-hackers\/\" target=\"_blank\" aria-label=\"How Anxiety Beat The $10 Billion Startup AI Deepfake Hackers\" rel=\"noopener noreferrer\" data-ga-track=\"forbesEmbedly:https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/10\/29\/how-anxiety-beat-the-ai-10-billion-startup-deepfake-hackers\/\"><span class=\"link-embed__info\"><span class=\"link-embed__provider\">Forbes<\/span><span class=\"link-embed__title\">How Anxiety Beat The $10 Billion Startup AI Deepfake Hackers<\/span><small class=\"link-embed__byline\">By <span class=\"link-embed__author\">Davey Winder<\/span><\/small><\/span><span class=\"link-embed__thumbnail-wrapper\"><span class=\"link-embed__thumbnail allow-inline-style\" style=\"background-image: url(https:\/\/specials-images.forbesimg.com\/imageserve\/6720afce7c180c05eb1c5d43\/960x0.jpg);\"\/><\/span><\/a><\/p>\n<h2 class=\"subhead-embed color-accent bg-base font-accent font-size text-align\">Google Uses Large Language Model To Catch Zero-Day Vulnerability In Real-World Code<\/h2>\n<p>In a Nov. 1 announcement, Google\u2019s Project Zero blog confirmed that the Project <a href=\"https:\/\/googleprojectzero.blogspot.com\/2024\/06\/project-naptime.html\" rel=\"nofollow noopener noreferrer\" target=\"_blank\" class=\"color-link\" title=\"https:\/\/googleprojectzero.blogspot.com\/2024\/06\/project-naptime.html\" data-ga-track=\"ExternalLink:https:\/\/googleprojectzero.blogspot.com\/2024\/06\/project-naptime.html\" aria-label=\"Naptime large language model assisted security vulnerability research framework\">Naptime large language model assisted security vulnerability research framework<\/a> has evolved into <a href=\"https:\/\/googleprojectzero.blogspot.com\/2024\/10\/from-naptime-to-big-sleep.html\" rel=\"nofollow noopener noreferrer\" target=\"_blank\" class=\"color-link\" title=\"https:\/\/googleprojectzero.blogspot.com\/2024\/10\/from-naptime-to-big-sleep.html\" data-ga-track=\"ExternalLink:https:\/\/googleprojectzero.blogspot.com\/2024\/10\/from-naptime-to-big-sleep.html\" aria-label=\"Big Sleep\">Big Sleep<\/a>. This collaborative effort involving some of the very best ethical hackers, as part of Project Zero, and the very best AI researchers, as part of Google DeepMind, has developed a large language model-powered agent that can go out and uncover very real security vulnerabilities in widely used code. In the case of this world first, the Big Sleep team says it found \u201can exploitable stack buffer underflow in SQLite, a widely used open source database engine.\u201d<\/p>\n<p><fbs-ad position=\"inread\" progressive=\"\" ad-id=\"article-0-inread\" aria-hidden=\"true\" role=\"presentation\"\/><\/p>\n<p>The zero-day vulnerability was reported to the SQLite development team in October which fixed it the same day. \u201cWe found this issue before it appeared in an official release,\u201d the Big Sleep team from Google said, \u201cso SQLite users were not impacted.\u201d<\/p>\n<h2 class=\"subhead-embed color-accent bg-base font-accent font-size text-align\">AI Could Be The Future Of Fuzzing, The Google Big Sleep Team Says<\/h2>\n<p>Although you may not have heard the term fuzzing before, it\u2019s been part of the security research staple diet for decades now. Fuzzing relates to the use of random data to trigger errors in code. Although the use of fuzzing is widely accepted as an essential tool for those who look for vulnerabilities in code, hackers will readily admit it cannot find everything. \u201cWe need an approach that can help defenders to find the bugs that are difficult (or impossible) to find by fuzzing,\u201d the Big Sleep team said, adding that it hoped AI can fill the gap and find \u201cvulnerabilities in software before it&#8217;s even released,\u201d leaving little scope for attackers to strike.<\/p>\n<p><a class=\"embed-base color-body color-body-border link-embed embed-4\" href=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/10\/28\/new-google-cyber-attack-warning-as-russian-apt28-hackers-strike\/\" target=\"_blank\" aria-label=\"New Cyber Attack Warning\u2014Confirming You Are Not A Robot Can Be Dangerous\" rel=\"noopener noreferrer\" data-ga-track=\"forbesEmbedly:https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/10\/28\/new-google-cyber-attack-warning-as-russian-apt28-hackers-strike\/\"><span class=\"link-embed__info\"><span class=\"link-embed__provider\">Forbes<\/span><span class=\"link-embed__title\">New Cyber Attack Warning\u2014Confirming You Are Not A Robot Can Be Dangerous<\/span><small class=\"link-embed__byline\">By <span class=\"link-embed__author\">Davey Winder<\/span><\/small><\/span><span class=\"link-embed__thumbnail-wrapper\"><span class=\"link-embed__thumbnail allow-inline-style\" style=\"background-image: url(https:\/\/specials-images.forbesimg.com\/imageserve\/671cd8a87359f0fc65720710\/960x0.jpg);\"\/><\/span><\/a><\/p>\n<p>\u201cFinding a vulnerability in a widely-used and well-fuzzed open-source project is an exciting result,\u201d the Google Big Sleep team said, but admitted the results are currently \u201chighly experimental.\u201d At present, the Big Sleep agent is seen as being only as effective as a target-specific fuzzer. However, it\u2019s the near future that is looking bright. \u201cThis effort will lead to a significant advantage to defenders,\u201d Google\u2019s Big Sleep team said, \u201cwith the potential not only to find crashing test cases, but also to provide high-quality root-cause analysis, triaging and fixing issues could be much cheaper and more effective in the future.\u201d<\/p>\n<h2 class=\"subhead-embed color-accent bg-base font-accent font-size text-align\">The Flip Side Of AI Is Seen In Deepfake Security Threats<\/h2>\n<p>While the Big Sleep news from Google is refreshing and important, as is that from a new RSA report looking at <a href=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/11\/04\/passwords-are-hot-garbage-ai-promises-something-better-in-2025\/\" target=\"_self\" class=\"color-link\" title=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/11\/04\/passwords-are-hot-garbage-ai-promises-something-better-in-2025\/\" data-ga-track=\"InternalLink:https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/11\/04\/passwords-are-hot-garbage-ai-promises-something-better-in-2025\/\" aria-label=\"how AI can help with the push to get rid of passwords in 2025\" rel=\"noopener\">how AI can help with the push to get rid of passwords in 2025<\/a>, the flip side of the AI security coin should always be considered as well. One such flip side being the use of deepfakes. I\u2019ve already covered how <a href=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/10\/13\/new-gmail-security-alert-for-billions-as-7-day-ai-hack-confirmed\/\" target=\"_self\" class=\"color-link\" title=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/10\/13\/new-gmail-security-alert-for-billions-as-7-day-ai-hack-confirmed\/\" data-ga-track=\"InternalLink:https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/10\/13\/new-gmail-security-alert-for-billions-as-7-day-ai-hack-confirmed\/\" aria-label=\"Google support deepfakes have been used in an attack against a Gmail user\" rel=\"noopener\">Google support deepfakes have been used in an attack against a Gmail user<\/a> a report that went viral for all the right reasons. Now, a Forbes.com reader has got in touch to let me know about some research undertaken to gauge how the AI technology can be used to influence public opinion. Again, I covered this recently as the <a href=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/11\/02\/fbi-warns-2024-election-illegal-immigrant-voting-video-is-russian-hoax\/\" target=\"_self\" class=\"color-link\" title=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/11\/02\/fbi-warns-2024-election-illegal-immigrant-voting-video-is-russian-hoax\/\" data-ga-track=\"InternalLink:https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/11\/02\/fbi-warns-2024-election-illegal-immigrant-voting-video-is-russian-hoax\/\" aria-label=\"FBI issued a warning about a 2024 election voting video\" rel=\"noopener\">FBI issued a warning about a 2024 election voting video<\/a> that was actually a fake backed by Russian distributors. The latest <a href=\"https:\/\/www.vpnranks.com\/resources\/deepfake-trends-and-threats\/\" rel=\"nofollow noopener noreferrer\" target=\"_blank\" class=\"color-link\" title=\"https:\/\/www.vpnranks.com\/resources\/deepfake-trends-and-threats\/\" data-ga-track=\"ExternalLink:https:\/\/www.vpnranks.com\/resources\/deepfake-trends-and-threats\/\" aria-label=\"VPNRanks research\">VPNRanks research<\/a> is well worth reading in full, but here\u2019s a few handpicked statistics that certainly get the grey cells working.<\/p>\n<ul>\n<li>50% of respondents have encountered deepfake videos online multiple times.<\/li>\n<li>37.1% consider deepfakes an extremely serious threat to reputations, especially for creating fake videos of public figures or ordinary people.<\/li>\n<li>Concerns about deepfakes manipulating public opinion are high, with 74.3% extremely worried about potential misuse in political or social contexts.<\/li>\n<li>65.7% believe a deepfake released during an election campaign would likely influence voters\u2019 opinions.<\/li>\n<li>41.4% feel it\u2019s extremely important for social media platforms to immediately remove non-consensual deepfake content once reported.<\/li>\n<li>When it comes to predictions for 2025, global deepfake-related identity fraud attempts are forecasted to reach 50,000 and in excess of 80% of global elections could be impacted by deepfake interference, threatening the integrity of democracy.<\/li>\n<\/ul>\n<\/div>\n<p><script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3711241968723425\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-format=\"fluid\"\r\n     data-ad-layout-key=\"-fb+5w+4e-db+86\"\r\n     data-ad-client=\"ca-pub-3711241968723425\"\r\n     data-ad-slot=\"7910942971\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><br \/>\n<br \/><div data-type=\"_mgwidget\" data-widget-id=\"1660802\">\r\n<\/div>\r\n<script>(function(w,q){w[q]=w[q]||[];w[q].push([\"_mgc.load\"])})(window,\"_mgq\");\r\n<\/script>\r\n<br \/>\n<br \/><a href=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2024\/11\/05\/google-claims-world-first-as-ai-finds-0-day-security-vulnerability\/\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Google&#8217;s Big Sleep team uncovers a zero-day vulnerability using AI for the first time. SOPA Images\/LightRocket via Getty Images Update, Nov. 05, 2024: This story, originally published Nov. 04, now &hellip; <a href=\"https:\/\/hotvideos24.online\/?p=122454\" class=\"more-link\">Read More<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8630],"tags":[],"class_list":["post-122454","post","type-post","status-publish","format-standard","hentry","category-technology","entry"],"_links":{"self":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/posts\/122454","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=122454"}],"version-history":[{"count":0,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/posts\/122454\/revisions"}],"wp:attachment":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=122454"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=122454"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=122454"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}