Microsoft’s GitHub is being abused by hackers can AI fix it? | #ransomware | #cybercrime

What you need to know

  • Advanced persistent threats (APTs) are always looking for ways to blend in with normal activity.
  • By utilizing Microsoft’s GitHub, a known good platform, to host malware or command and control techniques, APTs are finding more success.
  • The Insikt Group, Recorded Future’s threat research division, published a report on the increased malicious activity taking place through GitHub.
  • While Microsoft is looking for every way to make money on Copilot, cleaning up GitHub would be an actual good use case that an LLM could likely achieve. 

With CES wrapping up, the entire corporate world is focused on AI and how it can make these corporations more money. There have been a lot of promises about how AI can facilitate a safer digital world, but I have yet to see much fruit from such talk. The Insikt group, the threat research team of Recorded Future, released a report today discussing how GitHub is increasingly used for malicious infrastructure by threat actors and Advanced Persistent Threats (APTs.)

This issue in and of itself is a problem and worthy of news, but it seems to me that this is the perfect opportunity for Microsoft to show the world what it can do. It reminds me of the cheating epidemic in games like Activision’s Call of Duty Warzone. Activision had to make a bespoke machine-driven anti-cheat system called Ricochet, which repeatedly bans thousands of cheaters. Similarly, Microsoft should be looking to use Copilot to intelligently inspect, analyze, and verify every single piece of code uploaded to the extremely popular site GitHub, which it acquired in 2018. 

How are hackers abusing GitHub?

Source link

National Cyber Security