LLMs have shown preliminary promise in some security tasks and CTF challenges. However, it is unclear whether LLMs are able to realize multistage network attacks, which involve executing a wide variety of actions across multiple hosts such as conducting reconnaissance, exploiting vulnerabilities to gain initial access, leveraging internal hosts to move laterally, and using multiple compromised hosts to exfiltrate data. We evaluate LLMs across 10 multistage networks and find that popular LLMs are unable to realize these attacks. To enable LLMs to realize these attacks, we introduce Incalmo, an LLM-agnostic high-level attack abstraction layer that sits between an LLM and the environment. Rather than LLMs issuing low-level command-line instructions, which can lead to incorrect implementations, Incalmo allows LLMs to specify high-level tasks (e.g., infect a host, scan a network), which are then carried out by Incalmo. Incalmo realizes these tasks by translating them into low-level primitives (e.g., commands to exploit tools). Incalmo also provides an environment state service and an attack graph service to provide structure to LLMs in selecting actions relevant to a multistage attack. Across 9 out of 10 realistic emulated networks (from 25 to 50 hosts), LLMs using Incalmo can successfully autonomously execute multistage attacks. We also conduct an ablation analysis to show the key role the high-level abstractions play. For instance, we find that both Incalmo's high-level tasks and services are crucial. Furthermore, even smaller-parameter LLMs with Incalmo can fully succeed in 5 of 10 environments, while larger-parameter LLMs without Incalmo do not fully succeed in any.

The integration of social media and artificial intelligence (AI) into disaster management, particularly for earthquake response, represents a profound evolution in emergency management practices. In the digital age, real-time information sharing has reached unprecedented levels, with social media platforms emerging as crucial communication channels during crises. This shift has transformed traditional, centralized emergency services into more decentralized, participatory models of disaster situational awareness. Our study includes an experimental analysis of 8,900 social media interactions, including 2,920 posts and 5,980 replies on X (formerly Twitter), following a magnitude 5.1 earthquake in Oklahoma on February 2, 2024. The analysis covers data from the immediate aftermath and extends over the following seven days, illustrating the critical role of digital platforms in modern disaster response. The results demonstrate that social media platforms can be effectively used as real-time situational awareness tools, delivering critical information to society and authorities during emergencies.

Wireless communications advance hand-in-hand with artificial intelligence (AI), indicating an interconnected advancement where each facilitates and benefits from the other. This synergy is particularly evident in the development of the sixth-generation technology standard for mobile networks (6G), envisioned to be AI-native. Generative-AI (GenAI), a novel technology capable of producing various types of outputs, including text, images, and videos, offers significant potential for wireless communications, with its distinctive features. Traditionally, conventional AI techniques have been employed for predictions, classifications, and optimization, while GenAI has more to offer. This article introduces the concept of strategic demand-planning through demand-labeling, demand-shaping, and demand-rescheduling. Accordingly, GenAI is proposed as a powerful tool to facilitate demand-shaping in wireless networks. More specifically, GenAI is used to compress and convert the content of various kind (e.g., from a higher bandwidth mode to a lower one, such as from a video to text), which subsequently enhances performance of wireless networks in various usage scenarios such as cell-switching, user association and load balancing, interference management, and disaster scenarios management. Therefore, GenAI can serve a function in saving energy and spectrum in wireless networks. With recent advancements in AI, including sophisticated algorithms like large-language-models and the development of more powerful hardware built exclusively for AI tasks, such as AI accelerators, the concept of demand-planning, particularly demand-shaping through GenAI, becomes increasingly relevant. Furthermore, recent efforts to make GenAI accessible on devices, such as user terminals, make the implementation of this concept even more straightforward and feasible.

Cyberattacks continue to grow in prevalence and sophistication. With the ability to disrupt business operations, wipe out critical data, and cause reputational damage, they pose an existential threat to businesses, critical services, and infrastructure. Today's new wave of attacks is outsmarting and outpacing humans, and even starting to incorporate artificial intelligence (AI). What's known as "offensive AI" will enable cybercriminals to direct targeted attacks at unprecedented speed and scale while flying under the radar of traditional, rule-based detection tools. Some of the world's largest and most trusted organizations have already fallen victim to damaging cyberattacks, undermining their ability to safeguard critical data.

Artificial Intelligence and Automation should be used in cyber threat detection to increase security, efficiency and help organizations be pro-active, helping them see the threats in advance and keep their infrastructure and data safe. As organizations dwell into smarter and innovative products, they are dependent on critical data which is under constant threat. A breach of critical data can put the organization and its customers at serious risk. A combination of AI and Automation can be leveraged to counter these threats and provide insight into obscure and malicious activity on systems, networks, and infrastructure. In 2017, the average number of breached records by country was 24,089.

Permutation of any two hidden units yields invariant properties in typical deep generative neural networks. This permutation symmetry plays an important role in understanding the computation performance of a broad class of neural networks with two or more hidden units. However, a theoretical study of the permutation symmetry is still lacking. Here, we propose a minimal model with only two hidden units in a restricted Boltzmann machine, which aims to address how the permutation symmetry affects the critical learning data size at which the concept-formation (or spontaneous symmetry breaking in physics language) starts, and moreover semi-rigorously prove a conjecture that the critical data size is independent of the number of hidden units once this number is finite. Remarkably, we find that the embedded correlation between two receptive fields of hidden units reduces the critical data size. In particular, the weakly-correlated receptive fields have the benefit of significantly reducing the minimal data size that triggers the transition, given less noisy data. Inspired by the theory, we also propose an efficient fully-distributed algorithm to infer the receptive fields of hidden units. Overall, our results demonstrate that the permutation symmetry is an interesting property that affects the critical data size for computation performances of related learning algorithms. All these effects can be analytically probed based on the minimal model, providing theoretical insights towards understanding unsupervised learning in a more general context.

E2EE system provides secure communication by encrypting messages or the information that is transferring through the channel. Only the sender and the recipient can read the information; no third-party can view or intercept the transmitted data. Even if attackers or hackers get access to servers where your data is stored, they cannot extract the data as they lack access to the decryption keys to understand the data. Recently, social networking platforms have incorporated their messaging channels with this capability to protect themselves from cyber attacks. If enterprises can incorporate this major security practice in chatbot platforms, it will be one of the most robust methods to ensure significant chatbot security.

Choose the right data to track. This may look different for all businesses. For SMBs, choose the right data with careful thought. You will want to place what attention you have on the most critical data. Collect clean and useful data. Now, businesses must collect clean and useful data from the data they have decided to track.

Sometimes when we write about analytics, machine learning and AI, it's challenging to come up with concrete use cases. That makes it harder than it should be for readers to grasp the power of these technologies. And that's a shame, because it makes AI seem ethereal rather than useful or easily understood. But every so often I am reminded that when one needs use cases, one need look no further than ERP (Enterprise Resource Planning) software. Sometimes ERP is disparaged as mundane.

Major brands, such as Target and Home Depot, have fallen at the hands of payment system data breaches over the past couple of years. It's safe to say that after the investigations, consumers were upset at the lack of stringent security systems and protocols in place to keep their data out of malicious hackers' hands. Because of high-profile breaches, the expectation is that the governing bodies will make PCI compliance and regulations even more stringent. Unfortunately, compliance does not equal data security. Compliance checks today are not continuous or automatic, even in the largest of global enterprises.