Anthropic's latest AI model identifies 'thousands of zero-day vulnerabilities' in 'every major operating system and every major web browser'
Additionally, it's worth noting that the dataset used for these graphs is fairly wide. It only tracks publicly disclosed vulnerabilities that have a known exploitation. In other words, we may well be looking at the mere tip of the iceberg, and the ZDC researchers remind readers that "we only track publicly visible exploits. Private or nation-state exploits may exist earlier." The time-lapse of the collapse of computer security is detailed in a specific page at the ZDC.
So what can be done? Well, the ZDC researchers published a call to action . First, those that are fairly easy to swallow: ensure every piece of firmware, software, framework, and hardware platform has all the security features enabled by default, and always adopt a zero-trust architecture whenever possible. Since 70% of vulnerabilities are a consequence of memory safety bugs, using Rust or another memory-safe language instead of C or C++ is a must.
The ZDC also recommends that systems be designed so they're disposable by default, meaning, for example, that an exploited machine can be easily restored. Since AI bots are empowering attackers, the ZDC recommends the availability of free and open-source AI-powered tools (think an open-source Mythos), so that defenders have full knowledge of their system, source code, and logs.
Then we get into the tricky ones. The biggest recommendation is to make software makers liable for damaging security vulnerabilities, as well-known cybersecurity master Bruce Scheiner explains: "No industry in the past 150 years has improved safety or security without being forced to by the government." He additionally points out that an insecure, technically unsound product that is first to market and/or easier to use will win over their better-developed competitors every single time.
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Key considerations
- Investor positioning can change fast
- Volatility remains possible near catalysts
- Macro rates and liquidity can dominate flows
Reference reading
- https://www.tomshardware.com/tech-industry/cyber-security/SPONSORED_LINK_URL
- https://www.tomshardware.com/tech-industry/cyber-security/zero-day-clock-visualizes-and-quantifies-the-effects-of-ai-on-software-security-time-until-exploit-went-from-one-year-to-one-day-and-projected-to-be-one-minute-soon-enough#main
- https://www.tomshardware.com
- Autonomous ErgoChair Pro Review: Comfortable, but that's it
- Lenovo says it's digging into allegations that its China-only G10 handheld is being used for piracy — third parties may be including illicit games to inflate pr
- SK hynix unveils 'iHBM' thermal architecture that cools AI memory at the source — integrated cooling elements inside HBM interface cut thermal resistance by 30%
- Chinese GPU maker sells out over 30,000 gaming GPUs within 48 hours despite lukewarm benchmarks — LX 7G100 proves hype trumps performance
- NVIDIA Vera CPU Is ‘Packing a Heavy-Hitting Punch’ Against Competition
Informational only. No financial advice. Do your own research.