New Artificial Intelligence Tools Pose Serious Security Threat

Secure Computing Corporation warns that artificial intelligence (AI) software used in testing by a small number of software developers is now being widely used by hackers to find formerly undiscovered vulnerabilities.

These AI tools use a methodology referred to as ‘Fuzzing.’ This is an automated methodology for testing applications for bugs by checking allowed input for a given application and trying to force abnormal responses to see if unexpected results (bugs) can be generated.

Once a bug is found, further research can determine if the bug can be exploited as a vulnerability and then be packaged as an exploit. Hackers are sharing their Fuzzing results in a collaborative effort in IRC chat rooms and in news groups to rapidly develop new threats.