Many AI-first enterprises have already embraced sovereign architectures for general AI initiatives; cybersecurityโand the SOCโshould be next.
The post Is The SOC Obsolete, And We Just Havenโt Admitted It Yet? appeared first on SecurityWeek.
The Senateโs top Democrat called on the Department of Homeland Security Friday to work closely with state and local governments to defend against artificial intelligence-strengthened hacks.ย
Senate Minority Leader Chuck Schumer, D-N.Y., wrote to DHS Secretary Markwayne Mullin to make sure state, local, tribal and territorial (SLTT) governments arenโt left behind as AI models advance, posing new hacking threats.
โThere is a race between cybersecurity defenders and AI-enabled hacking โ and thereโs no time to waste,โ Schumer wrote.
โWhile the White House has reportedly begun hosting meetings about its internal security priorities following these frontier AI cyber breakthroughs, it is glaringly obvious that the Department of Homeland Security needs an updated plan for coordinating these efforts with [state, local, tribal and territorial] governments and implementing procedures to reduce the risk of disruptive cyberattacks enabled by frontier AI,โ he stated.
Schumer said he was worried about the capabilities of DHS and its Cybersecurity and Infrastructure Security Agency to carry out that coordination, given federal funding cuts to the Multistate Information Sharing and Analysis Center, and the lack of a Senate-confirmed CISA director for the duration of the second Trump administration.
Schumer wants a plan from DHS by July 1 on coordinating with state and local governments on a range of questions, such as how to identify top AI talent, carry out rapid patching and conduct risk assessments.
โAI is changing the cyber battlefield fast โ and we cannot let hackers get there first,โ Schumer said in comments accompanying the letter. โHospitals, power grids, water systems, schools, elections, and emergency services cannot be left exposed while criminal gangs and state-backed hackers race to exploit new AI tools. DHS must immediately help states and localities find and fix vulnerabilities before Americans are hit with outages, disruptions, and attacks that could put lives and livelihoods at risk.โ
CISA is using AI to help on the defensive side internally, agency officials recently said.
The post Sen. Schumer seeks DHS plan on AI cyber coordination with state, local governments appeared first on CyberScoop.
As businesses and governments turn to AI agents to access the internet and perform higher-level tasks, researchers continue to find serious flaws in large language models that can be exploited by bad actors.
The latest discovery comes from browser security firm LayerX, involving a bug in the Chrome extension for Anthropicโs Claude AI model that allows any other plugin โ even ones without special permissions โ to embed hidden instructions that can take over the agent.ย
โThe flaw stems from an instruction in the extensionโs code that allows any script running in the origin browser to communicate with Claudeโs LLM, but does not verify who is running the script,โ wrote LayerX senior researcher Aviad Gispan. โAs a result, any extension can invoke a content script (which does not require any special permissions) and issue commands to the Claude extension.โ
Gispan said he was able to execute any prompt he wanted, blow through Claudeโs safety guardrails, evade user confirmation and perform cross-site actions across multiple Google tools. As a proof of concept, LayerX was able to exploit the flaw to extract files from Google Drive folders and share them with unauthorized parties, surveil recent email activity and send emails on behalf of a user, and pilfer private source code from a connected GitHub repository.
The vulnerability โeffectively breaks Chromeโs extension securityโ by creating โa privilege escalation primitive across extensions, something Chromeโs security model is explicitly designed to prevent,โ Gispan wrote.
Claude relies on text, user interface semantics, and interpretation of screenshots to make decisions, all things that an attacker can control on the input side. The researchers modified Claudeโs user interface to remove labels and indicators around sensitive information, like passwords and sharing feedback, then prompted Claude to share the files with an outside server.
That means cybersecurity defenders often have nothing obviously malicious to detect. Where there is visible activity, the model can be prompted to cover its tracks by deleting emails and other evidence of its actions.
Ax Sharma, Head of Research at Manifold Security, called the vulnerability โa useful demonstration of why monitoring AI agents at the prompt layer is fundamentally insufficient.โ
โThe most sophisticated part of this attack isnโt the injection, but that the agentโs perceived environment was manipulated to produce actions that looked legitimate from the inside,โ said Sharma. โThatโs the class of threat the industry needs to be building defenses for.โ
Gispan said LayerX reported the flaw to Anthropic on April 27, but claimed the company only issued a โpartialโ fix to the problem. According to LayerX, Anthropic responded a day later to say that the bug was a duplicate of another vulnerability already being addressed in a future update.ย ย ย
While that fix, issued May 6, introduced new approval flows for privileged actions that made it harder to exploit the same flaw, Gispan said he was still able to take over Claudeโs agent in some scenarios.
โSwitching to โprivilegedโ mode, even without the userโs notification or consent, enabled circumventing these security checks and injecting prompts into the Claude extension, as before,โ Gispan wrote.
Anthropic did not respond to a request for comment from CyberScoop on the research and mitigation efforts.
The post Flaw in Claudeโs Chrome extension allowed โanyโ other plugin to hijack victimsโ AI appeared first on CyberScoop.
The company is expanding its platformโs capabilities with the acquisition of SecureIQx and Korbit.ai.
The post Boost Security Raises $4 Million for SDLC Defense Platform appeared first on SecurityWeek.
The Cybersecurity and Infrastructure Security Agency is urging critical infrastructure owners and operators to plan for delivering essential services under emergency conditions โ potentially for months at a time.
The federal governmentโs top cybersecurity agency warned that state-sponsored hackers, particularly two Chinese groups known as Salt Typhoon and Volt Typhoon, continue to threaten critical sectors like electricity, water, and internet.ย
The agency is now working with the private sector to protect operational technology โ the systems that control the heavy machinery and equipment that powers most critical infrastructure โ from attacks that enter through business IT systems or third-party vendor products.
The initiativeย โ known as CI Fortify โ will include CISA conducting targeted technical assessments of critical infrastructure entities and aims to create plans that โallow for safe operations for weeks to months while isolatedโ from IT networks and third-party tools, according to the agencyโs website.
Nick Andersen, CISAโs acting director, told reporters that the goal is โservice delivery [that] can still reach critical infrastructure after the asset owner has disconnected with IT and OT, disconnected from third party vendors and service provider connections and disconnected from third party telecommunications equipment.โ
Over the past two years, wars in Ukraine, Gaza, Iran and elsewhere have seen water plants, power substations, data centers and other critical infrastructure targeted by kinetic or cyberattacks.
Andersen said the agency has already begun engaging with some companies to pilot the assessments and expects that work to ramp up considerably as CISA hires additional staff in the coming months.
He declined to name the entities involved in the pilot program, but said they will focus on organizations that support national security, defense, public health and safety and economic continuity. He added that CISAโs assessments will vary from sector to sector depending on their unique needs.
โWater isnโt necessarily designed to prioritize specific customer needs outside of recovery periods, while energy and transportation have more immediate tradeoffs for selecting one load or one set of cargo over another,โ Andersen said as an example.
One pillar of CISAโs strategy is isolation: essentially turning off all third-party and business network connections to an OT network when facing an emergency or unknown vulnerability.
Organizations also need to develop an internal plan for what acceptable service levels look like under those conditions and reach understandings with their critical customers, like U.S. military installations and lifeline services.
The second pillar, recovery, involves best practices for organizations: backing up files, documenting systems and having manual backups for operations when normal computer systems are down.
In conversations with cybersecurity specialists who focus on critical infrastructure and operational technology, it is widely assumed that China is not the only nation to have broadly compromised Americans critical infrastructure. That hacking groups tied to other nations have almost surely noticed and exploited the same basic vulnerabilities and hygiene issues found by the Typhoons.
Agencies like the FBI and Federal Communications Commission have touted efforts to purge Chinese hackers and work voluntarily with telecoms to harden their network security. But U.S. national security officials and cybersecurity defenders have consistently said both Salt Typhoon and Volt Typhoon remain active threats to U.S. critical infrastructure.
The post CISA wants critical infrastructure to operate โweeks to monthsโ in isolation during conflict appeared first on CyberScoop.
Read more of this story at Slashdot.
Login