hacks

With the rise of new AI models facilitating swift software vulnerability identification and possible misuse by cybercriminals, the US Cybersecurity and Infrastructure Security Agency (CISA) released a directive on Wednesday requiring quicker software patch implementation for federal agencies. This directive provides a timeline for bug fixes based on priority, demanding a three-day response for critical issues.

Chris Butera, CISA’s acting executive assistant director for cybersecurity, highlighted the necessity of prioritizing high-risk vulnerabilities. This directive is framed within ongoing efforts from both private and public sectors to evaluate the implications of AI-enhanced cybersecurity threats.

“Prioritizing vulnerable assets is essential at this time due to AI developments empowering threat actors to locate and exploit weaknesses,” Butera remarked. He underscored the urgency of prompt patching to avert widespread automated exploitation.

The guidelines for patch prioritization consider factors such as public visibility of a system, inclusion in CISA’s Known Exploited Vulnerabilities Catalog, automation of exploit techniques, and the extent of access obtainable if exploited. Vulnerabilities that fit all criteria must be resolved within three days, alongside a forensic assessment to ascertain any system breaches.

This directive supersedes earlier CISA directives from 2019 and 2021 that established a protocol for addressing critical bugs within 15 days and other issues within 30 days. CISA has previously observed how quickly threat actors capitalize on vulnerabilities, frequently on the day they are revealed.

Although there have been notable advancements in federal cybersecurity, challenges like funding and priorities can sometimes lead to delays. Butera clarified that the directive was crafted considering these obstacles, establishing feasible timelines.

Advancements in AI are transforming the vulnerability detection arena, necessitating more rapid patching. Nevertheless, researchers indicate a need for systemic strategies to eliminate categories of vulnerabilities. Emily Long, CEO of Edera, stated, “CISA’s directive only tackles part of the issue,” stressing the importance of frameworks that restrict attacker access following a breach.

Butera acknowledged, “The directive initially mitigates AI capabilities, but additional efforts are essential.”

Capture an image with any digital camera or smartphone, and it’s not only the pixels that are recorded. The photo also contains metadata, referred to as EXIF (Exchangeable Image File Format) data, which reveals information about when it was captured, the device utilized, and the camera configurations. If your smartphone or camera is equipped with a GPS chip and monitors your location, this is also subtly embedded in the photograph. This can aid in reminiscing about memories captured in specific places but may not be suitable if you intend to share images while keeping your home address confidential. It’s important to reflect on the metadata linked to any photograph you distribute beyond your private use, and eliminate location data if needed.

How to Inspect Photo Metadata

Photo metadata can offer various benefits, including location tagging. Google Photos and Apple Photos facilitate the organization of your library based on the locations where images were captured. Attempt to search for a location in these applications to observe the outcomes. You can access photo metadata in multiple ways. In Google Photos for Android, select an image, tap the three dots in the upper right corner, and pick About. If there’s location information, it will be displayed on a map. In Google Photos on the web, open an image and click the info icon in the upper right to see the metadata. On iOS, use Apple Photos by opening an image and tapping the info icon at the bottom. If location details are present, they will show on a map. In Apple Photos on the web, double-click an image to open it, and the info icon is located at the top right.

This data can be accessed on Windows and macOS, though it shows GPS coordinates rather than a map. In Windows, right-click on an image in File Explorer, select Properties, and go to the Details tab. On macOS, right-click an image in Finder, choose Get Info, and GPS coordinates will be displayed in the dialog if they are available.

Techin' Geek

CISA Calls on US Agencies to Tackle Security Vulnerabilities Within 3 Days in Light of AI Threats

Your Images Might Be Disclosing Your Location. Here’s How to Stop That