Is AI Making Hackers Smarter?

By Skeeter Wesinger

Artificial intelligence (AI) significantly influences the advancement of hacking techniques, enhancing the creativity and complexity of hacker strategies. Here are the primary ways AI is transforming hacking:


AI enables the automation of various hacking activities. It streamlines tasks such as scanning for network vulnerabilities, executing phishing attacks, and cracking passwords. This efficiency allows hackers to target multiple systems at once with minimal effort.

AI also plays a crucial role in developing malware that can evade detection. By learning from its operational environment, AI-enhanced malware can modify its behavior to bypass security measures, making it more challenging for conventional security tools to detect and prevent attacks.

In the realm of social engineering, AI, particularly through natural language processing (NLP), can create more convincing phishing emails and other deceptive tactics. These AI tools analyze extensive data from social media and other sources to tailor attacks more personally, increasing their likelihood of success.

AI systems can rapidly assess the results of their actions and adjust strategies promptly. When an attack method becomes ineffective, AI can swiftly identify alternative approaches, enhancing the threat posed by AI-driven attacks.

Hackers can use AI to detect patterns and vulnerabilities in software and systems that have eluded human researchers. These zero-day exploits, which exploit previously unknown vulnerabilities, are invaluable for compromising secure systems. Moreover, AI can make strategic decisions about which targets are most susceptible and thus more worthwhile to attack, helping hackers optimize their resources.

AI also reduces the barrier to entry for aspiring hackers by automating complex tasks, enabling individuals with limited hacking expertise to launch advanced attacks and expand the threat landscape.

However, it is crucial to recognize that AI technologies are also being used to strengthen cybersecurity defenses, setting the stage for a continuous arms race between attackers and defenders. AI-enhanced security systems can quickly analyze threats, adapt to new methods, and automate responses, providing an essential countermeasure to AI-powered hacking efforts.

BitLocker, Microsoft’s encryption software for SSDs, has faced various challenges since its debut. The upcoming Windows 11 version 24H2 update, also known as the 2024 update, may introduce a new concern for users: BitLocker could be enabled by default during the installation process for all editions of Windows, including the Home edition. This information comes from a report by the German news outlet Deskmodder, which was subsequently covered by Neowin. Enabling BitLocker by default is seen as problematic for several reasons outlined below.

Firstly, enabling BitLocker, which encrypts and decrypts data continuously on your SSD, can significantly decrease your PC’s performance. Specifically, it could slow down system performance by up to 45% in Windows Pro, with similar impacts likely on other versions of the operating system.

Secondly, there is a risk for users who are not familiar with encryption. They might end up encrypting their data unintentionally during installation and could face difficulties decrypting it later if they misplace or fail to save the necessary decryption key. This could render both the CPU and the SSD inaccessible.

A third concern highlighted involves security vulnerabilities in BitLocker. According to YouTuber Stacksmashing, BitLocker’s encryption can be easily breached. They demonstrate that with a modest investment in a $10 Raspberry Pi Pico and physical access to the machine, encrypted data on a system with an external Trusted Platform Module (TPM) can be decrypted.

However, there is a straightforward remedy for this automatic encryption: users can disable Device Encryption in the Privacy & security section of the Settings menu. While this option exists, many Windows 11 users, particularly those with the Home version, may not be aware of it or know how to manage these settings.

If these reports are accurate, it would be prudent for Microsoft to reconsider the default auto-encryption feature before releasing the update. Such a feature seems to introduce more problems than it resolves.

Why “American Graffiti” is George Lucas’s Best Film

Story by Skeeter Wesinger

When George Lucas unveiled “American Graffiti” in 1973, it wasn’t just a film but a time machine. The year was 1962, and Lucas’s canvas was the nocturnal sprawl of Modesto, California, his boyhood backdrop. This was America before it lost its innocence, before the seismic shifts of the Vietnam War, the assassinations of JFK and MLK, the Manson Family horrors, and the Watergate scandal. It was an America that existed just before everything changed, and Lucas captured it with aching nostalgia.

Remember 1973? Nixon was reshaping America’s financial landscape by detaching the dollar from the gold standard. Protests against the Vietnam War were a fixture in the news. Yet amidst this turmoil, Lucas offered a retreat to a seemingly simpler past. “American Graffiti” parked us squarely on those sun-baked Modesto streets where the biggest worry was what song the DJ would play next.

Critics might argue that Lucas’s later works surpass this early outing with their grander scales and technological innovations. Yet, “American Graffiti” stands out in Lucas’s filmography as his most personal film, a lovingly detailed tableau of his youth. The film’s power lies in its ability to evoke nostalgia without being blinded by it. Lucas doesn’t just remind us of the past; he makes us feel the poignancy of losing it.

The soundtrack alone—featuring hits like “At the Hop,” “Runaway, and “16 Candles”—is a masterclass in storytelling, each track capturing the zeitgeist of early ’60s teen culture. It’s an era encapsulated in the blissful ignorance of the film’s characters, teenagers on the cusp of adulthood, unaware of the tumultuous changes awaiting them in the decade.

“American Graffiti also set a stylistic precedent that resonates through cinema today—from the teen angst of “The Breakfast Club to the nostalgic echoes in “Guardians of the Galaxy.” Lucas’s film isn’t just a reflection on youth; it’s a commentary on the American experience, a mirror held up to a society perpetually in flux.

In a filmography filled with faraway galaxies and epic sagas, “American Graffiti does something remarkable. It brings us home. It reminds us of where we came from and, more poignantly, how far we have traveled. That’s why, in my view, it remains not just a significant work in Lucas’s oeuvre but his finest film.

AMD finally patches gaping Zenbleed security hole — MSI releases AGESA 1.2.0.Ca BIOS update for Zen 2

AMD

MSI has published new BIOS updates featuring AMD’s AM4 AGESA 1.2.0.Ca firmware update, which targets Zenbleed attacks. The new firmware targets a vulnerability in AMD’s Ryzen 4000 series Zen 2 APUs that “may allow an attacker to potentially access sensitive information.”

It appears MSI is rolling out the new BIOS updates as we speak. The new firmware update is available on almost all X570 motherboards, but only a few of MSI’s other chipsets and motherboards (including the 400 series) have the new firmware update at the time of writing.

AGESA 1.2.0.Ca specifically addresses Zen 2 vulnerability CVE-2023-20593, classified as a medium-level threat by AMD. Specific details on the threat itself were not disclosed, however, AMD does say that this threat can allow an attacker access to sensitive information “under specific microarchitectural circumstances”.
Even though AGESA 1.2.0.Ca is targeted at Ryzen 4000 “Renior” APUs, the threat exists in all Zen 2 processors. It just happens that AMD already patched this security vulnerability in prior AGESA microcode updates—1.2.0.C and 1.0.0.B—in Ryzen 3000 processors before it got around to rectifying the issue in the Ryzen 4000 series.

AMD has already patched the security threat for other Ryzen-based CPUs outside of the AM4 platform, including the Ryzen 3000 Threadripper HEDT chips, 7002 EPYC server CPUs, and Ryzen 4000, 5000, and 7020 series mobile CPUs (yes, some Ryzen 7000 mobile parts are Zen 2-based). The only Zen 2 platform that remains vulnerable is AMD’s Ryzen Embedded V2000 CPus, which was supposed to get the EmbeddedPi-FP6 1.0.0.9 AGESA firmware update by April.

AMD did not state if this new security update impacts performance. When we tested Zenbleed fixes previously, we found that while gaming was unaffected, other performance could drop as much as 15%.

To re-iterate, this specific vulnerability only affects Zen 2-based chips, so if you have an AM4 chip using a different architecture — like Zen+ or Zen 3, you don’t need to update your BIOS.