2nd Sight Lab

How I Use AI for Pe*******on Testing. Presentation at the AWS Security Community Day at the Computer History Museum on YouTube

AWS Community Day How I Use AI for Pe*******on Testing [Advanced] - Teri Radichel

Anthropic Mythos ~ Anthropic released a new model they claim is scary good at finding security vulnerabilities. What questions should we be asking?

This is not a hot take. I’m just pondering how much we can trust a model, the purported ROI, and how we can evaluate the risk of relying on it.

Anthropic Mythos Anthropic released a new model they claim is scary good at finding security vulnerabilities. What questions should we be asking?

🤖🤖🤖🤖🤖🤖🤖🤖🤖🤖🤖🤖
Pentesting is not a scanner or a fuzzer - whether SAST, DAST, AI, deterministic or non-deterministic. Pentesting is a human * using those tools * to see if they can find a security problem that your teams and tools may have missed.
🤖🤖🤖🤖🤖🤖🤖🤖🤖🤖🤖🤖

I was just listening to an interview on the radio with a person who worked at a hospital.

1. Your cyber insurance makes you a target. They know how much you can pay.

2. Don’t use your backups until you have eliminated the attacker or they will encrypt your backups too.

3. Pull the plug until you figure that out and cut them off (except critical patient machines). The hospital in story I was listening to had people running across the hospital when faxes were overused and started smoking.

4. They got in because the hospital was running out of date software and one person clicked a link about a bonus. (And apparently no network segregation?)

Hospital was down and patients needing cancer treatment had to drive over a mountain to nearest hospital so oncology was first restored.

Was part of a wave of attacks on rural hospitals during Covid.

I believe the ransomware was Medusa but I thought they said was attributed to Russia. Attribution is difficult. You might not really be sure, especially with AI.

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware Storm-1175 exploits 16+ CVEs since 2023, including zero-days, enabling rapid Medusa ransomware attacks within 24 hours.