Posts

Showing posts with the label LLM

Threat Actors Exploit Google’s Gemini to Accelerate Cyberattacks

Google Threat Intelligence Group (GTIG)  recently reported that cybercriminals—in particular, state-sponsored threat actors from North Korea, Iran, China, and Russia—are misusing Gemini, Google’s large language model (LLM), to support all stages of their attack lifecycle. Specifically, GTIG observed threat actors using Gemini to code and script tasks, accelerate reconnaissance, research publicly known vulnerabilities, and enable malware development and post-compromise activity. Examples of State-Sponsored Threat Actor’s Use of Gemini GTIG documented several examples of state-backed actors integrating Gemini into their operations, including: North Korea:  GTIG observed the North Korean government-backed group  UNC2970  use Gemini to synthesize open-source intelligence (OSINT ) and profile high-value targets to support campaign planning and reconnaissance. Iran:  The Iranian sponsored actor  APT42  used generative AI models, including Gemini, to search f...

Groundbreaking Lawsuit Tests Whether AI Hiring Tools Trigger FCRA Compliance

Image
A company selling artificial intelligence (AI)-powered applicant assessment tools has been hit with a lawsuit that may be the first of its kind to claim that such tools violate the federal Fair Credit Reporting Act (FCRA) and its California equivalent, the Investigative Consumer Reporting Agencies Act (ICRAA). This case could be the tip of the iceberg for lawsuits based on AI-powered tools that employers are increasingly using to make hiring and other employment decisions. Quick Hits A proposed class action alleges that a widely-used AI-powered tool violates the federal FCRA and California’s ICRAA by compiling sensitive, individualized personal information on job applicants without their consent.  The complaint contends that by evaluating applicants based on extensive data sources—such as LinkedIn profiles, publications, and job application history—the tool generates consumer reports subject to the disclosure, authorization, notification, and certification requirements of both stat...

Cybersecurity Awareness Month 2025: Don't Get Haunted by Shadow AI

"It's the boogeyman… and he's been here all along."  – Laurie Strode,  Halloween  (1978) As Cybersecurity Awareness Month unfolds and Halloween looms, one of the m ost chilling threats haunting today's businesses isn't a hacker in a hoodie – it's shadow artificial intelligence (AI) . And it may be lurking in your company right now. What may seem like a harmless shortcut or even a helpful digital assistant can quietly morph into a ghost in your machine, undermining defenses, leaking data, and luring your organization into costly incidents, regulatory nightmares, and reputational damage. This month, as you check your locks and test your alarms, it's worth doing the same for your AI ecosystem. Let this alert serve as your survival playbook to help you detect, contain, and banish the risks of shadow AI – before it becomes the next potential headline that keeps you up at night. What Lurks in the Shadows – What Is Shadow AI? Shadow AI refers to the use of AI...

Preventing Woke AI in the Federal Government (Trump EO Tracker)

Directs all federal agencies to procure only those large language models (LLMs) developed in accordance with two Unbiased AI Principles: truth-seeking and ideological neutrality. Within 120 days, the Director Management and Budget (OMB), in coordination with the Administrator for Federal Procurement Policy (OFPP), the Administrator of General Services (GSA), and the Director of the Office of Science and Technology Policy (OSTP), must issue guidance for implementing this directive. Agencies must then, within 90 days of receiving that guidance, adopt procedures to ensure all procured LLMs meet these principles. Additional Documentation Trump Executive Order -  Preventing Woke AI in the Federal Government   Source(s): Preventing Woke AI in the Federal Government (Trump EO Tracker) | JD Supra . (2025). JD Supra. https://www.jdsupra.com/legalnews/preventing-woke-ai-in-the-federal-5999766/?origin=CEG&utm_source=CEG&utm_medium=email&utm_campaign=CustomEmailDigest&utm_...