Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Artificial intelligence (AI) has come a long way over the past six decades. From simple chatbots in the 1960s to today’s sophisticated large language models (LLMs), mimicking human behavior has always been one of AI’s most intriguing applications. At present, though, AI cannot plan or make decisions as humans do. If it could, the ethical implications of AI would suddenly become much more complex. That’s where agentic AI comes in.

AI is unlocking new ways to work across industries. Nearly four in five CEOs are implementing or likely to implement generative AI to speed up innovation across their companies, and workers at every level are using GenAI to improve or expand their processes. Unfortunately, they aren’t the only ones embracing the power of AI. WormGPT was one of the best-known early examples of an AI that could create convincing social engineering attacks and build malware.

Over the past few years, artificial intelligence (AI) has transformed millions of organizations worldwide. AI can automate rote tasks, facilitate natural-language interfaces, and pick up subtle patterns in huge data sets. It can also hallucinate wrong answers, reinforce societal biases, and even introduce cybersecurity risks. Before incorporating the technology into their workflows, responsible organizations must weigh the benefits and risks of AI.

The state of cybersecurity has always been in flux, but the arrival of tools like ChatGPT heralded one of the most significant challenges for security teams in years. AI has the potential to unlock incredible potential in data processing and malware detection, but in the wrong hands, Large Language Models (LLMs) and other adversarial AI tools can be used to develop polymorphic malware that can escape detection, gain access to sensitive data, and poison data sets.

When most people think about cybersecurity, they picture firewalls, anti-virus software, and complex passwords. But the weakest link isn’t a server or a laptop—it’s a person. Social engineering attacks exploit human behavior rather than technical vulnerabilities, and four techniques dominate the landscape today: phishing, smishing, vishing, and quishing.

As CISOs, you’ve invested heavily in desktop security, built out Zero Trust architectures, and hardened your perimeter. But there’s a critical gap many are still leaving exposed: mobile devices and the human behind the screen. In a world where your workforce runs on smartphones, overlooking mobile security is no longer an option.

This week marks a milestone in the evolution of mobile endpoint security. At a time when attackers are moving faster and targeting smarter, Lookout is proud to unveil a breakthrough initiative: AI-powered social engineering protection—the first solution of its kind built to detect and disrupt human-targeted attacks at the mobile edge.

If you work for (or alongside) the United States government, then threat actors want your sensitive data. In 2023, federal agencies fell victim to 11 major cybersecurity incidents, with threats continuing to evolve well into 2024. Safeguarding federal and critical infrastructure organizations requires a modern cybersecurity framework. In today’s mobile-enabled workplaces, that means extending your data protection strategy to wherever devices are being used.

Threat actors are constantly searching for new ways past your organization’s defenses. Learning these tactics, techniques, and procedures (TTPs) plays an enormous role in cybersecurity. If you understand how a threat actor plans to attack, you can align your defenses to stay one step ahead. The MITRE ATT&CK framework is designed to help you do exactly that. The MITRE ATT&CK framework is an ever-evolving catalog of the TTPs cyber criminals use in each phase of an attack.