『AI Security Ops』のカバーアート

AI Security Ops

AI Security Ops

著者: Black Hills Information Security
無料で聴く

概要

 Join in on weekly podcasts that aim to illuminate how AI transforms cybersecurity—exploring emerging threats, tools, and trends—while equipping viewers with knowledge they can use practically (e.g., for secure coding or business risk mitigation).© 2025 Black Hills Information Security 政治・政府
エピソード
  • AI News Stories | Episode 36

    AI News Stories | Episode 36
    2026/01/22
    This week on AI Security Ops, the team breaks down how attackers are weaponizing AI and the tools around it: a critical n8n zero-day that can lead to unauthenticated remote code execution, prompt-injection “zombie agent” risks tied to ChatGPT memory, a zero-click-style indirect prompt injection scenario via email/URLs, and malicious Chrome extensions caught siphoning ChatGPT/DeepSeek chats at scale. They close with a reminder that the tactics are often “same old security problems,” just amplified by AI—so lock down orchestration, limit browser extensions, and keep sensitive data out of chat tools.Key stories discussed1) n8n (“n-eight-n”) zero-day → unauthenticated RCE riskhttps://thehackernews.com/2026/01/critical-n8n-vulnerability-cvss-100.htmlThe hosts discuss a critical flaw in the n8n workflow automation platform where a workflow-parsing HTTP endpoint can be abused (via a crafted JSON payload) to achieve remote code execution as the n8n service account. Because automation/orchestration platforms often have broad internal access, one compromise can cascade quickly across an organization’s automation layer. ai-news-stories-episode-36Practical takeaway: don’t expose orchestration platforms directly to the internet; restrict who/what can talk to them; treat these “glue” systems as high-impact targets and assess them like any other production system. ai-news-stories-episode-362) “Zombie agent” prompt injection via ChatGPT Memoryhttps://www.darkreading.com/endpoint-security/chatgpt-memory-feature-prompt-injectionThe team talks about research describing an exploit that stores malicious instructions in long-term memory, then later triggers them with a benign prompt—leading to potential data leakage or unsafe tool actions if the model has integrations. The discussion frames this as “stored XSS vibes,” but harder to solve because the “feature” (following instructions/context) is also the root problem. ai-news-stories-episode-36User-side mitigation themes: consider disabling memory, keep chats cleaned up, and avoid putting sensitive data into chat tools—especially when agents/tools are involved. ai-news-stories-episode-363) “Zero-click” agentic abuse via crafted email/URL (indirect prompt injection)https://www.infosecurity-magazine.com/news/new-zeroclick-attack-chatgpt/Another story describes a crafted URL delivered via email that could trigger an agentic workflow (e.g., email summarization / agent actions) to export chat logs without explicit user interaction. The hosts largely interpret this as indirect prompt injection—a pattern they expect to keep seeing as assistants gain more connectivity. ai-news-stories-episode-36Key point: even if the exact implementation varies, auto-processing untrusted content (like email) is a persistent risk when the model can take actions or access history. ai-news-stories-episode-364) Malicious Chrome extensions stealing ChatGPT/DeepSeek chats (900k users)https://thehackernews.com/2026/01/two-chrome-extensions-caught-stealing.htmlTwo Chrome extensions posing as AI productivity tools reportedly injected JavaScript into AI web UIs, scraped chat text from the DOM, and exfiltrated it—highlighting ongoing extension supply-chain risk and the reality that “approved store” doesn’t mean safe. ai-news-stories-episode-36Advice echoed: minimize extensions, separate browsers/profiles for sensitive activities, and treat “AI sidebar” tools with extra skepticism. ai-news-stories-episode-365) APT28 credential phishing updated with AI-written lureshttps://thehackernews.com/2026/01/russian-apt28-runs-credential-stealing.htmlThe closing story is a familiar APT pattern—phishing emails with malicious Office docs leading to PowerShell loaders and credential theft—except the lure text is AI-generated, making it more consistent/convincing (and harder for users to spot via grammar/tone). ai-news-stories-episode-36The conversation stresses that “don’t click links” guidance is oversimplified; verification and layered controls matter (e.g., disabling macros org-wide). ai-news-stories-episode-36Chapter Timestamps(00:00) - Intro & Sponsors(01:16) - 1) n8n zero-day → unauthenticated RCE(09:00) - 2) “Zombie agent” prompt injection via ChatGPT Memory(19:52) - 3) “Zero-click” style agent abuse via crafted email/URL (indirect prompt injection)(19:52) - 3) “Zero-click” style agent abuse via crafted email/URL (indirect prompt injection)(23:41) - 4) Malicious Chrome extensions stealing ChatGPT/DeepSeek chats (~900k users)(29:59) - 5) APT28 phishing refreshed with AI-written lures(34:15) - Closing thoughts: “AI genie is out of the bottle” + safety remindersBrought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com🔗 Register for ...
    続きを読む 一部表示
    35 分
  • 2026 Predictions | Episode 35

    2026 Predictions | Episode 35
    2026/01/08

    AI Security Ops | Episode 35 – 2026 Predictions

    In this episode, the BHIS panel looks into the crystal ball and shares bold predictions for AI in 2026—from energy constraints and drug development breakthroughs to agentic AI risks and cybersecurity threats.

    Chapters

    • (00:00) - Intro & Sponsor Shoutouts
    • (01:14) - Prediction: Grid Power Becomes the Bottleneck
    • (10:27) - Prediction: FDA Qualifies AI Drug Development Tools
    • (15:45) - Prediction: Nation-State Threat Actors Weaponize AI
    • (17:33) - Prediction: Agentic AI Dominates App Development
    • (23:07) - Closing Thoughts: Jobs, Risk & Opportunity

    🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –

    https://poweredbybhis.com



    Brought to you by:

    Black Hills Information Security

    https://www.blackhillsinfosec.com


    Antisyphon Training

    https://www.antisyphontraining.com/


    Active Countermeasures

    https://www.activecountermeasures.com


    Wild West Hackin Fest

    https://wildwesthackinfest.com


    ----------------------------------------------------------------------------------------------

    Joff Thyer - https://blackhillsinfosec.com/team/joff-thyer/

    Derek Banks - https://www.blackhillsinfosec.com/team/derek-banks/

    Brian Fehrman - https://www.blackhillsinfosec.com/team/brian-fehrman/

    Bronwen Aker - http://blackhillsinfosec.com/team/bronwen-aker/

    Ben Bowman - https://www.blackhillsinfosec.com/team/ben-bowman/
    続きを読む 一部表示
    25 分
  • AI Security Ops - Why Did We Create This Podcast? | Podcast Trailer

    AI Security Ops - Why Did We Create This Podcast? | Podcast Trailer
    2025/12/24

    Join the 5,000+ cybersecurity professionals on our BHIS Discord server to ask questions and share your knowledge about AI Security.
    https://discord.gg/bhis

    AI Security Ops | Episode 34 – Why Did We Create This Podcast?
    In this episode, the BHIS team explains the purpose behind AI Security Ops, what you can expect from future episodes, and why this show matters for anyone at the intersection of AI and cybersecurity.

    Chapters

    • (00:00) - Intro & Welcome
    • (00:13) - Why We Started AI Security Ops
    • (00:41) - Our Mission: Stay Informed & Ahead
    • (00:56) - What We Cover: AI News & Insights
    • (01:23) - Community Q&A & Real-World Scenarios
    • (02:18) - Special Guests & Industry Leaders
    • (02:41) - Demos, How-Tos & Practical Tips
    • (03:07) - Who Should Listen & Why Subscribe
    • (03:34) - Join the Conversation & Closing

    🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –

    https://poweredbybhis.com



    Brought to you by:

    Black Hills Information Security

    https://www.blackhillsinfosec.com


    Antisyphon Training

    https://www.antisyphontraining.com/


    Active Countermeasures

    https://www.activecountermeasures.com


    Wild West Hackin Fest

    https://wildwesthackinfest.com
    続きを読む 一部表示
    4 分
まだレビューはありません