My name is Peter at Cradlepoint and this is your security story for Saturday March 23, 2024. Have you heard about the chat overflow attack? These emails are meant to bypass AI and ML systems and be entered into the inbox like anything else. So how does it work? So these AI and ML systems are trained not to look for bad signatures – detect them – but to look for known good conversations. This email consists of two parts. There is the visible part, which is the actual link to update your password or enter information. Then there's a whole bunch of space… and then the hidden part: the good conversation that trains these AI systems, your defenses, to allow their malicious messages. And now here is a situation where isolation can definitely help to mitigate, isolate, explode the payload in the cloud, or just make the site read-only, so that no credentials can be entered . #CredentialStealing

https://www.darkreading.com/cloud-security/conversation-overflow-cyberattacks-bypass-ai-security

https://www.infosecurity-magazine.com/news/new-conversation-overflow-tactic/

Please take the opportunity to connect and share this video with your friends and family if you find it useful.