Deepfake Steals $26 Million from Multinational Company, Hacking Ring Sells Millions of Job-Seekers' Personal Data and China may have a better LLM than GPT-4
Frontiers of AI & Cybersecurity from the provider of seed capital to startups pushing boundaries of AI & Cybersecurity
“Once in a while, technology comes along that is so powerful and so broadly applicable that it accelerates the normal march of economic progress. And like a lot of economists, I believe that generative AI belongs in that category.”
– Andrew McAfee
There have been many shocking developments in the last two weeks, from multimillion-dollar deepfake scams to China’s announcement of a LLM more powerful than GPT-4. Keep looking out for our emails every other week to stay updated on the most revolutionary advancements of our age!
AI
Chinese Researchers announce higher performing LLM than GPT-4 and LLaMa 2
Chinese scientists have built an AI called Spark 3.5, which they report outperforms GPT-4 Turbo in language, math, coding, and multimodal tasks. Meanwhile, Tsinghua University released a compact 1 billion parameter LLM called MiniCPM-2B, a groundbreaking end-side LLM that is designed to work on laptops, phones, and end devices to provide lower latency and improved user experience from larger models like ChatGPT. It claims to outperform Meta’s 70 billion LLaMa 2, offers sophisticated natural language processing in both English and Chinese, in addition to handling image, audio, video, and code inputs. Not only does it provide unprecedented levels of accuracy for the resources it requires, but it is also completely open-source, and anyone can access it for academic research or personal use. Both MiniCPM and Spark 3.5 demonstrate China could be catching up in the battle for supremacy for AI. (Shengding Hu, Medium, Geeky Gadgets, Live Science)
Google DeepMind’s Novel AI Model Solves International Math Olympiad Geometry Problems at Gold Medalist Levels
A new AI model, called AlphaGeometry, is able to solve International Math Olympiad problems and produces human-readable proofs by synthesizing millions of theorems and proofs without needing a human teaching or showing the art of problem-solving. Proving Geometry theorems has been a highly challenging task, not only for computers, but for humans as well. Out of a set of the 30 latest olympiad problems, the model successfully solved 25; the average gold medalist solves 25.9. The model was trained on 100 million algorithmically generated mathematical proofs, creating a massive training set even though the set of actual olympiad problems is quite small, as far as AI training sets go. With AlphaGeometry, researchers will be able to further advance research into both training set generation and mathematical artificial intelligence capabilities. (Nature, NY Times)
CYBER + AI
Deepfake Scammers Steal $26 Million From Multinational Hong Kong Firm
This week, a finance worker at a multinational firm was duped into transferring 200 million Hong Kong dollars, which is $26 million USD, to scammers after joining a video call with several AI-generated imitations of company executives. The Hong Kong police disclosed the scam, but did not say the name of the affected company or the worker. According to Senior Superintendent Baron Chan, “scammers found publicly available video and audio of the impersonation targets via YouTube, then used deepfake technology to emulate their voices to lure the victim to follow their instructions.” Deepfake technology is getting better than ever, and the world will surely begin to see more and more convincing phishing scams like this one; it is more important than ever that each person stays vigilant, especially when video and audio calls can be simulated so easily. (CNN, Barron's)
IBM Security Researchers Demonstrate Hijacking Live Conversations Using GenAI
A new type of attack called “audio-jacking” was unveiled this week, demonstrating how generative AI can hijack a live conversation, passing on fake responses to an unwitting victim. In the published demonstration, speakers A and B are transferring banking information; the AI interjects by mimicking both voices, collecting the sensitive information, then changing it before passing it on to the intended recipient. The diagram shows the conversation, with the red text and arrows showing the modified responses from the AI. As this technology develops, not only will phishing and deepfake scams get better, but we could also see censorship and media hijacking as broadcasts or political speeches are changed in real time. (IBM Security, Cointelegraph)
CYBERSECURITY
Hacking Ring Sells Phone Numbers, Dates of Birth, and Work Histories of 2 Million Job Seekers by Compromising 65 Websites via XSS and SQL Injections
A hacking ring known as ‘ResumeLooters’ stole names, phone numbers, dates of birth, and work histories of more than two million job seekers in the Asia-Pacific area. The hackers put the data up for sale via Telegram channels, according to security researchers. ResumeLooters “is yet another example of how much damage can be made with just a handful of publicly available tools [...] they employ very straightforward attack methods,” as noted by senior threat analyst Nikita Rostovcev. The hackers mainly used XSS and SQL injections, something that every organization should guard against. This article from LinkedIn provides some helpful tips for preventing XSS and SQL vulnerabilities. (Darkreading, The Hacker News, Bleeping Computer)
INTERPOL Operation Arrests 31 Cybercriminals and Takes Down 1300+ Malicious Servers
A collaborative effort by INTERPOL, codenamed Operation Synergia, resulted in the arrest of 31 suspected cybercriminals and identification of almost 2000 malicious servers, 70% of which were disabled by the 60+ law enforcement agencies in partnership on the operation. The operation has demonstrated that fighting cybercrime can be extremely effective when international law enforcement, national authorities, and private sector entities collaborate to make the world safer. The assistant director to the INTERPOL Cybercrime Directorate commented that “the results of this operation, achieved through the collective efforts of multiple countries and partners, show [INTERPOL’s] unwavering commitment to safeguarding the digital space,” and that they will continue to dismantle “the infrastructure behind phishing, banking malware, and ransomware attacks” around the world. (INTERPOL, Recorded Future)
Thanks for reading this week’s newsletter! If you have news of an interesting novel development, reach out and we may include your story in our next post!
Until next time,