Résumé: made by AI Website you pentest: made by AI The pentest: performed by AI The documentation of said pentest: written by AI using a template I'm feeling a bit lazy, can AI open the bank account for my salary?
Just got an Add by an international manufactoring firm bragging about their new Quality Control Process. It's an AI playing "where is waldo" with bad solder joints. It has been trained on images of good and bad solder joints. Which have been generated by a different AI, using only a handful of original images. So, yeah, if your german-made(tm) electronics turn into a firestorm, rest assured the AI was satisfied with its results.
@@nipstyler Actually, assuming a net worth of 195,000 (average American net worth is actually even less at 192,000 but this makes it easier) it's the equivalent of 56 cents slipping out of your wallet.
The "You only have 30 days to claim your coins" is just incredible thing to happen considering all the scam emails that use this type of time pressure methods portaying exactly as PayPal, this is going to be a shitshow.
All of that just for them to keep the money smh, I guarantee you most Ring doorbell owners haven't even heard of these events so they'll miss out on the money.
actually there was a reddit post where a guy pinged his article about how this paper and the high percentage of success "could" be misleading. hoping that is mentioned in the video here. EDIT: i think that info isnt added here, i do recommend reading that article. i'll ping here if i find
To be fair, $5m is a lot of money considering that the company doesnt actually have billions in cash right now. It likely has much less and the billion dollar value is only its market cap which is different. Its highly likely ring only have hundreds of millions in cash, where a $5m fine is NOT a slap on the wrist, but more a school lunch detention so to speak
Just from a quick scan of the research paper it appears anything achieved with GPT here could equally be achieved with a regular custom written tool for exploring any one of those vulnerabilities (with the added benefit of not needing to pay anything beyond electricity/hosting costs). The paper also says that even for GPT-4 as soon as you remove the CVE description the success rate drops from 87% to 7%.
"hack into websites" to my understanding, the 87% success involved a lot of XSS attacks which isn't exactly "hacking" and is something anybody, AI or not, could learn to do the basics of in an afternoon
good point, but "hacking" has never had a good definition since it was used in the MIT Railroad Club. Specific terminology from professional pentesting should be used in cases like this.
You’re absolutely right. With computers, anything is possible. It’s only a matter of time before stuff like this becomes even more sophisticated and the internet will never be the same again.
Hi Seytonic, When did TCMSecurity get started as a training outfit? Where is their registered headquarters? Where can i find their annual financial returns 'before' spending money, please? Thanks for the info. Links not accepted for obvious reasons. Just reply to this comment, tell me info what and where to seach... it's easier and, transparent. :-) Thanks.
The AI agents with a code interpreter is something I've been tempted to try but, honestly, I dread to think what it'd get up to and it'd execute faster than I could keep up.
@@JustARegularNerd I should have added "and the Internet". The AI interpreters will very often try and download tools they need to do things, so it wouldn't work without Internet access.
While true, this is victim blaming. Ring is entirely in the wrong here, their customers should be able to use their cameras as they see fit in their own homes, without employees having unfettered access.
ironically.. the guy who found the google's mini voice assistant device in his bathroom was recording him 247 and giving metadata of his bathroom time to their server in 2022
Ring (and other camera manufacturers) should include an offline mode that lets their cameras save everything to a local NAS. Any camera system that doesnt is a piece of junk.
If we look at the tested LLMs. There's a problem with this. All of those are various fine tunes and variations of much smaller local models. What we aren't seeing in the tested ai models are Gemini, Claude, or co-pilot, which are more in par with gpt4. The remainder of those models are barely capable of holding a decent conversation without losing coherence. I mean sure they can somewhat but a far cry from gpt 3.5 even.
This is Whats next, show your skills? 1. CodeCraft Duel: Super Agent Showdown 2. Pixel Pioneers: Super Agent AI Clash 3. Digital Duel: LLM Super Agents Battle 4. Byte Battle Royale: Dueling LLM Agents 5. AI Code Clash: Super Agent Showdown 6. CodeCraft Combat: Super Agent Edition 7. Digital Duel: Super Agent AI Battle 8. Pixel Pioneers: LLM Super Agent Showdown 9. Byte Battle Royale: Super Agent AI Combat 10. AI Code Clash: Dueling Super Agents Edition
On minecraft servers we use baritone to auto raid bases that sell crap for real money on discord. In shooters I use an AI to predict the tactics of the enemy team, essentially auto-commanding my side of the battle. It was only a matter of time.
I'm genuinely worried about the future of cybersecurity as a career with the development in AI... Is it even worth pursuing this field anymore? Can someone please answer my question.
I’ll put it this way, every career is at risk with AI. We also always have a moment in industries where we think, “This is it, it’s over.” Then we realize it was just a change, not a means to an end.
Probably. I don't think anyone sensible is willing to put actual important confidential information under the control of AI without oversight. They aren't going to let the nuclear launch codes be protected by just an AI, simply because having control is important. The landscape may shift, but I don't think cybersecurity will be a solved problem with AI. It will likely just shift into a different form (though it might very well make the job market more competitive).
@@the-answer-is-42 i doubt that there is still a MASSIVE shortage of qualified workers so if ur a Specialist at something i doubt you gotta worry for your job
I appreciate that you recognize that committing international financial crimes is not necessarily something DPRK would be doing for fun if they weren't under sanctions.
8,80$ is nothing on the OpenAI API. I've spent 100s for simple scripts that build code or think step by step. 8,80 is cheap af, it just means the cheaper upcoming options that will be capable of it like llama 4 etc will do it basically for free and locally
i do not see how CVE ai is dangerous, the information is already public, people can already do what the AI did, and programmers cant automate it by making a perfect tool
That's what the years of them seeing your body's and eyeing you down, judging you, and invading your privacy is worth: 50. Dollars. Yeah if this was in Germany, the company would bankrupt to pay it off.
um, llm's do not 'think'. people need to start using the correct words for things. the fact the term AI and an LLM's is now synonymous is just sad. LLM's do not understand a word they are saying to us. As for the prompts to exploit chatgpt is so easy junior high school kids are doing it. LLM's are incredibly stupid and can only do things they have been taught. So take a simple puzzle a kindergarten kid can do - match the shapes and put the correct one in it's hold. If an LLM wasn't taught how to sold the specific puzzle in front of it , it cannot solve it.
It's sad that North Korea cannot even participate in the creation of internationally popular art. These sanctions are so restrictive and hurt the countries abilities to even get enough food imported.
"womp womp". Imagine if your country had recently freed itself from colonial occupation and then had imperialist powers carve up your country to install a fascist dictator to exert control, then, when a civil war breaks out made the entirety of the UN invade the half of your country that is actually democratically ruled, killing 3 MILLION of your people and completely leveling almost that whole half, and then being completely put on embargo by the non democratic world cursing your country to be extremely poor
Fun Fact: The screen at 3:30 appears to be a game I played a while ago called Hacknet. Highly recommend playing it if a hacking game sounds interesting. May not be everyone's cup of tea, but it's pretty noice.
Bro, it was extremely unnecessary to constantly compare the AI tool with script kiddies at the beginning because everyone is interested in this kind of technology because it's simply extremely exciting. And secret services are also interested in such technology.
@Leo-sd3jt nah he's probably just parroting. Wanted to come here and sound like a big smart man. Not actually add anything useful to the conversation or give anyone a head's up on wtf he's referencing.
