The Cyber Year in Stories: Autumn 2024
Google's Big Sleep: From Concept to Vulnerability Discovery
In the fast-paced world of cybersecurity, innovations that enhance abilities to detect vulnerabilities are always welcome.
Therefore it’s no surprise that cybersecurity titans like Palo Alto, Fortinet and CrowdStrike have all implemented AI into their threat detection capabilities.
But one such innovation from outside the cybersecurity realm has proven its worth in a remarkable way. Big Sleep, a framework introduced by Google just a few months ago, has already made its mark by uncovering its first real-world vulnerability.
From its inception to its first major find, Big Sleep represents a significant leap forward in the application of artificial intelligence to the critical field of vulnerability research.
Discovering the vulnerability
In a significant breakthrough for AI in cybersecurity, researchers from Google Project Zero and Google DeepMind have uncovered their first real-world vulnerability using a large language model (LLM).
This discovery, announced in a blog in November, marks a pivotal moment in the application of AI to vulnerability research.
The vulnerability in question is an exploitable stack buffer underflow in SQLite, a widely used open-source database engine.
"The vulnerability is quite interesting, along with the fact that the existing testing infrastructure for SQLite (both through OSS-Fuzz and the project's own infrastructure) did not find the issue, so we did some further investigation," the researchers noted in their blog post.
This flaw, identified in early October before it appeared in an official release, demonstrates the proactive potential of AI-assisted vulnerability research.
What makes this discovery particularly noteworthy is its evasion of traditional detection methods.
“We believe this is the first public example of an AI agent finding a previously unknown exploitable memory-safety issue in widely used real-world software,” Google’s security researchers wrote in the blog post.
In an era where digital threats loom larger than ever, the EU deadline for enterprises to take decisive step to fortify their cybersecurity defences has now dawned.
The Network and Information Systems Directive 2 (NIS2), a landmark cybersecurity bill, has come into full force, marking a significant milestone in the EU's efforts to create a harmonised approach to digital security across its member states.
This directive arrives at a critical juncture. The European Union Agency for Cybersecurity (ENISA) has recently reported an alarming increase in sophisticated cyberattacks, including new forms of phishing and zero-day exploits.
These threats are not confined to a single sector but span across industries, threatening the digital infrastructure that underpins much of modern European society and economy. Therefore, from today, organisations operating within the EU will have to follow the rules, or face the wrath.
A look at NIS2
NIS2 is more than just an update to its predecessor NIS1; it represents a paradigm shift in how the EU approaches cybersecurity.
By casting a wider net to include more sectors and by introducing more stringent requirements, the directive aims to create a culture of cybersecurity that permeates through businesses, supply chains, and critical infrastructure operating in the EU.
However, this ambitious goal comes with its own set of challenges, as organisations scramble to understand and implement the new requirements.
Three more autumn highlights
Cracking with Quantum: What Breakthrough Research Means
Fortinet's Mission to Bridge the Cybersecurity Skills Gap
Solarwinds CISO Wants Global Cyber Laws After Winning Case
Explore the latest edition of Cyber Magazine and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.
Discover all our upcoming events and secure your tickets today.
Cyber Magazine is a BizClik brand