Make your website with AI and hack it with AI for pen testing. This has gone beyond the point of stupidity

5.6 Million Dollars paid out from Ring? Gee willikers, wowie! Their parent company is only worth over a trillion dollars, justice served 🥰🥰🥰

The "You only have 30 days to claim your coins" is just incredible thing to happen considering all the scam emails that use this type of time pressure methods portaying exactly as PayPal, this is going to be a shitshow.

actually there was a reddit post where a guy pinged his article about how this paper and the high percentage of success "could" be misleading. hoping that is mentioned in the video here. EDIT: i think that info isnt added here, i do recommend reading that article. i'll ping here if i find

5.6 million for billion+ dollar company.. 100% fair and justice xD

Just from a quick scan of the research paper it appears anything achieved with GPT here could equally be achieved with a regular custom written tool for exploring any one of those vulnerabilities (with the added benefit of not needing to pay anything beyond electricity/hosting costs). The paper also says that even for GPT-4 as soon as you remove the CVE description the success rate drops from 87% to 7%.

"hack into websites" to my understanding, the 87% success involved a lot of XSS attacks which isn't exactly "hacking" and is something anybody, AI or not, could learn to do the basics of in an afternoon

What is scary inst the AI, but the people that make vulnerable system despite the public databases and unemployed security professionals

The Spøñsør starts at 3:34 and ends at 4:26

That ain't gonna go well

I feel like AI will always have a predictable pattern to follow, which will make it easy to defend against it. Just the landscape changing.

I knew Ring was a sketchy idea to begin with, especially not having it open source

wonder how the latest llama3 70b or rumored 400b will stack up to this task

6:04 clerks cartoon tv series turns out to have been a prophecy lol

3:22 "FBI guy, hes right there, grab em!"

The AI agents with a code interpreter is something I've been tempted to try but, honestly, I dread to think what it'd get up to and it'd execute faster than I could keep up.

that is why you don’t install ring doorbell in a bathroom. lol

Hi Seytonic, When did TCMSecurity get started as a training outfit? Where is their registered headquarters? Where can i find their annual financial returns 'before' spending money, please? Thanks for the info. Links not accepted for obvious reasons. Just reply to this comment, tell me info what and where to seach... it's easier and, transparent. :-) Thanks.

I'm genuinely worried about the future of cybersecurity as a career with the development in AI... Is it even worth pursuing this field anymore? Can someone please answer my question.

Ring (and other camera manufacturers) should include an offline mode that lets their cameras save everything to a local NAS. Any camera system that doesnt is a piece of junk.

wow that ring segment came out of nowhere, enjoyed this one

If we look at the tested LLMs. There's a problem with this. All of those are various fine tunes and variations of much smaller local models. What we aren't seeing in the tested ai models are Gemini, Claude, or co-pilot, which are more in par with gpt4. The remainder of those models are barely capable of holding a decent conversation without losing coherence. I mean sure they can somewhat but a far cry from gpt 3.5 even.

On minecraft servers we use baritone to auto raid bases that sell crap for real money on discord. In shooters I use an AI to predict the tactics of the enemy team, essentially auto-commanding my side of the battle. It was only a matter of time.

This is Whats next, show your skills? 1. CodeCraft Duel: Super Agent Showdown 2. Pixel Pioneers: Super Agent AI Clash 3. Digital Duel: LLM Super Agents Battle 4. Byte Battle Royale: Dueling LLM Agents 5. AI Code Clash: Super Agent Showdown 6. CodeCraft Combat: Super Agent Edition 7. Digital Duel: Super Agent AI Battle 8. Pixel Pioneers: LLM Super Agent Showdown 9. Byte Battle Royale: Super Agent AI Combat 10. AI Code Clash: Dueling Super Agents Edition

Meta ai used to generate CP is just crazy

dang but now the credential stuffers are gonna stuff the emails for the 50 bucks. For. Every. Single. Account.

hey, isn't the game the guy is playing on the computer at 3:33 named hacknet? I swear I can't mistake that UI.

Best sponsor ever, thank you so much

8,80$ is nothing on the OpenAI API. I've spent 100s for simple scripts that build code or think step by step. 8,80 is cheap af, it just means the cheaper upcoming options that will be capable of it like llama 4 etc will do it basically for free and locally

7:43 hehehe thats tom and jerry

Insert Project 2501 reference here

Seeing as to HIRE a hacker would cost considerably more, I'd say people would be willing to pay for that kind of research.

AI is going to revolutionize the pentesting space

crazy stuff always good as normally

I appreciate that you recognize that committing international financial crimes is not necessarily something DPRK would be doing for fun if they weren't under sanctions.

Every new AI development just proves Ned Ludd was right from the start.

One step closer to AI Wars in Cyberspace

"Regime" watch Loyal citizens of Pyongyang in Seoul

Imagine: "this video is sponsored by böackhats"😂

Script kiddies at a new level

good stuff

That's what the years of them seeing your body's and eyeing you down, judging you, and invading your privacy is worth: 50. Dollars. Yeah if this was in Germany, the company would bankrupt to pay it off.

we can only hope that the eu and the us tighten their laws on ai

Remember god's eye from fast and furious it's gonna happen

my pentesting career has ended before it even started

I don't see why the production companies would have an issue when the animation industry is basically North Korea anyway

i do not see how CVE ai is dangerous, the information is already public, people can already do what the AI did, and programmers cant automate it by making a perfect tool

content farm

ROBOT WARS ARE STARTING LETS GOOOOOOOOOO

It's sad that North Korea cannot even participate in the creation of internationally popular art. These sanctions are so restrictive and hurt the countries abilities to even get enough food imported.

👍

Isn't given AI access to the internet dangerous?

um, llm's do not 'think'. people need to start using the correct words for things. the fact the term AI and an LLM's is now synonymous is just sad. LLM's do not understand a word they are saying to us. As for the prompts to exploit chatgpt is so easy junior high school kids are doing it. LLM's are incredibly stupid and can only do things they have been taught. So take a simple puzzle a kindergarten kid can do - match the shapes and put the correct one in it's hold. If an LLM wasn't taught how to sold the specific puzzle in front of it , it cannot solve it.

cool

HELLO!

So why not allow N Korean do honest work. Instead of pushing them to destructive IT hazards?

HackerNewsImma1st Don't take my comments seriously. It's only a meme

Naaah😮

ahhh TSM. the only place you can get your PPPP, PEDP, PCCP, PHCP, PHPP, PQET, PCET, PCST.....

💌🇨🇦

:v

Bro, it was extremely unnecessary to constantly compare the AI tool with script kiddies at the beginning because everyone is interested in this kind of technology because it's simply extremely exciting. And secret services are also interested in such technology.

Fun Fact: The screen at 3:30 appears to be a game I played a while ago called Hacknet. Highly recommend playing it if a hacking game sounds interesting. May not be everyone's cup of tea, but it's pretty noice.

Good sponsor. He follows me on Twitter

agentgpt was just the tip of the iceberg there many different agent frameworks that are 1000x better

Holy hell north korea based

Any recommendations so private email? Is tutanota a greatchoice?

Initializing Automagic-hack complete

First

Just glided into that TCM Security ad, like a ninja in the night..... 🫡