AI hacking tool exploits zero-day security vulnerabilities in minutes

A new AI tool-designed to help companies find their security weaknesses and repair-from Internet criminals, operate their head, and used as a devastating piracy weapons that take advantage of vulnerabilities on a zero day.

According to a report issued by Chebecurity Check Point, the HEXSTRIKRIKE-EI-is the turning point that security experts scare, where the tremendous force of artificial intelligence is placed directly in the hands of those who want to harm.

A tool for good, twisted for bad

Hexstrike-Ei was supposed to be one of the good people. Creators described it as a “vibrant offensive security framework” designed to help security professionals think like infiltrators to better protect their organizations.

Think about it as “brain”, Amnesty International acts as a leader of a digital orchestra. It directs more than 150 specialized artificial intelligence agents and safety tools to test the company’s defenses, find weaknesses such as weaknesses on the zero day, and reports.

The problem? What makes the tool great for defenders also makes it incredibly attractive to the attackers. Immediately after its release, the gossip lit up on the dark web. Harmful actors were not just discussing the tool; They were actively discovering how to arrange it.

The race against weaknesses on the zero day became shorter

This artificial intelligence penetration tool can not be worse. Just as Hexstrike-AAI appeared, Citrix announced three “zero day” weaknesses in the famous Netscaleer products. Zero Day is so new that there were zero days to create a correction, leaving companies completely exposed.

Usually, the exploitation of these complex defects requires a team of highly skilled and skilled infiltrators, if not weeks, from work. With Hexstrike-Ei, this process was reduced to less than 10 minutes.

Artificial intelligence brain does all heavy lifting. The attacker can give him a simple matter such as “Netscale”, and the system automatically set the best tools to use and the exact steps that must be taken. It puts a democratic by turning it into a simple process and automation.

Since one of the electronic criminals boasts in an underground forum: “Watching how everything works without my participation is just a song. I am no longer a worker in the programmer, but it was an operator.”

What does these AI penetration tools mean for the security of the institution?

This is not just a problem for major companies. The speed and size of these acting new attacks means that the companies’ window to protect itself from the weaknesses of a zero day shrinks greatly.

Check Point urges organizations to take immediate action:

• Get promotions: The first and most obvious step is the application of the repairs issued by Citrix to Netscale weaknesses.

• Fight fire with fire: It is time to adopt AI’s defense systems that can discover threats that carry the speed of the machine and respond to it, because humans can no longer keep up with it.

• Speeding defenses: The days of spending weeks ended to apply a security patch.

• Listen to the whispers: Monitoring gossip on the dark internet is no longer optional; It is a source of intelligence that can give you a great beginning that affects the need in the next attack.

One day I felt theoretical threat is now a real and present danger. With AI, now a large -scale penetration tool is now effectively to exploit the weaknesses of the zero day, the game has changed, and our approach to safety must change.

See also: AI Security Wars: Can Google Cloud defend tomorrow’s threats?

Do you want to learn more about artificial intelligence and large data from industry leaders? Check AI and Big Data Expo, which is held in Amsterdam, California, and London. The comprehensive event is part of Techex and is determined with other leading technological events, click here for more information.
AI News is supported by TechForge Media. Explore other web events and seminars here.