Artificial Intelligence Aids in Cyber Attack Prevention
Positive Technologies has announced the findings of a recent study analyzing the key applications of Artificial Intelligence in cybersecurity. The report revealed that AI can be applied to over half of the countermeasures listed in the MITRE D3FEND framework.
The study found that 28% of existing countermeasures already use AI support, while another 27% are expected to be integrated with AI solutions that are currently in development.
According to experts at Positive Technologies, Artificial Intelligence allows defenders to identify, predict, and prevent cyberthreats more efficiently. For instance, AI helps protect sensitive data by recognizing classified information in documents and adapting the content based on the user's access level.
In addition, the company reported that AI tools can be used for automated security testing. In their product PT Dephaze, generative AI generates likely passwords for specific targets, analyzes text files, and compiles detailed reports.
Currently, AI is widely used for detecting cyberthreats. It analyzes user behavior, network traffic, and executable files. The study indicated that in the near future, AI may also help gather network intelligence and detect unauthorized software or services that escape the notice of IT teams.
Positive Technologies stated that AI will likely enable more realistic simulations of user behavior, assist in deploying honeypots, and support continuous biometric authentication. Tools like MaxPatrol VM are already helping organizations maintain up-to-date infrastructure data.
A major benefit of Artificial Intelligence in cybersecurity is its ability to detect unknown threats. For example: PT Sandbox uses behavioral analysis to identify anomalies.
MaxPatrol SIEM includes BAD (Behavioral Anomaly Detection), which tracks zero-day exploits and new malware.
Roman Reznikov, Cybersecurity Research Analyst at Positive Technologies, commented that the goal is to embed AI as an 'autopilot' to speed up incident response and reduce pressure on security teams. He added that this concept was successfully tested during the Standoff 13 cyberbattle, where MaxPatrol O2 prevented breaches by detecting attacks on a simulated infrastructure.
Moreover, the company noted that AI helps SOC teams make faster decisions by providing context for alerts and suggesting appropriate responses. MaxPatrol O2 automatically creates action plans and offers options for handling incidents with varying degrees of human input.
However, Positive Technologies warned that the use of AI comes with challenges. High-quality training data and skilled professionals are essential. While AI strengthens defenses, it may also become a target for attackers. Therefore, the company recommends a responsible approach to AI adoption, considering risks and following best practices for cybersecurity.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Gulf Today
4 days ago
- Gulf Today
EGA begins production with its next-generation smart smelting technology
Emirates Global Aluminium announced start of hot metal production at pilot reduction cells for EX, the company's next generation aluminium smelting technology. The pilot at Al Taweelah is a key step in readying the technology for large-scale industrialisation, making the project a key foundation for both future low-carbon primary aluminium production growth at EGA and the strengthening of EGA's position as the smelting technology provider of choice for the global aluminium industry. The pilot will also be used to prove the most advanced Industry 4.0 capabilities in the aluminium industry. All EGA's existing Industry 4.0 use case will be deployed in the new technology and the company is developing new state-of-the-art digital capabilities centred on artificial intelligence and advanced data analytics. Abdulnasser Bin Kalban, Chief Executive Officer of Emirates Global Aluminium, said, 'First hot metal from these EX Technology reduction cells is a key milestone for both our technology leadership and future growth at EGA. Our goal is to expand our primary aluminium production with the most advanced and smart aluminium smelting technology, to build the smelter of the future and to create further value for EGA through smelting technology partnerships around the world." EGA has developed its own aluminium smelting technology in the UAE for more than 35 years. EGA has used its own technology in every smelter expansion since the 1990s and has retrofitted all its older production lines. EGA was the first UAE industrial company to license its core process technology internationally, in a deal with Aluminium Bahrain in 2016 for use in the Bahraini company's Potline 6 expansion project. EX is EGA's 10th generation smelting technology. Construction of the pilot pots began in late 2024. EGA's EX has been designed to produce more aluminium with less energy per tonne and lower emissions. EX reduction cells provide higher productivity per square meter compared to our latest DX+ Ultra technology. The next generation technology is expected to reduce greenhouse gas emissions per tonne of aluminium produced by around five per cent for the more productive variant and around 12 percent for the lower energy variant. WAM
Campaign ME
7 days ago
- Campaign ME
Mediakart, Continuum Media partner to enhance contextual, 3D advertising in MENA
Mediakart, a platform that specialises in contextual and 3-dimensional (3D) advertising, has formed a strategic alliance with Dubai-based Continuum Media in an effort to offer brands new ways of engaging with audiences in the Middle East and global markets. By combining Mediakart's data-driven ad solutions and digital expertise with Continuum Media's regional intelligence, the alliance aims to help marketers achieve deeper audience penetration through tailored, immersive campaigns. The focus will be on elevating how contextual and 3D ads are delivered to brands looking to drive engagement and ROI. 'Mediakart is dedicated to pushing the boundaries of modern advertising,' said Shahad Anand, Business Head of Mediakart. 'Our collaboration with Continuum Media allows us to offer richer, more personalised ad experiences that go beyond the flat, traditional formats. Together, we can create campaigns that connect with people at the right place, time, and context.' With advertising increasingly shifting toward personalisation and interactivity, contextual and 3D formats are becoming central to brand communication strategies, Mediakart claims. 'This partnership marks the beginning of a new chapter in experiential advertising for the region,' said Nayeem Siddiqui, Managing Director at Continuum Media. 'Together with Mediakart, we're combining strategic insight with creative technology to help brands speak more intelligently and intuitively to their audiences. We're excited about the innovation this will bring to our clients.' Both companies emphasise that this alliance is not just about expanding geographic reach – it's about transforming how brand stories are told. From interactive product showcases to context-based messaging, the collaboration is set to offer brands a multidimensional toolkit to drive engagement, loyalty, and performance. Mediakart and Continuum Media envision this partnership as a long-term commitment to redefining digital advertising, particularly in the fast-evolving Middle Eastern market. The joint approach will provide businesses with scalable solutions that align with shifting consumer expectations and the future of brand communications. 'With Continuum Media's on-ground presence and Mediakart's innovation-first mindset, we're positioned to lead the next wave of intelligent advertising,' added Anand. 'We look forward to seeing how this collaboration shapes the future of media across the region.' As brands increasingly demand ad formats that are both impactful and contextually relevant, this alliance aims to deliver on those expectations – bridging creativity, data, and strategy to move audiences and markets forward.
Tahawul Tech
24-06-2025
- Tahawul Tech
Don't take any ‘shortcuts' – Positive Technologies find critical vulnerability in macOS application
PT SWARM expert Egor Filatov found a critical vulnerability in Shortcuts, a built-in macOS app that streamlines device management by automating repetitive user actions. If successfully exploited, the security flaw could allow an attacker to gain full control over the device, including the ability to read, edit, and delete any data. If the compromised device happens to be a laptop connected to a corporate network, the attacker could also infiltrate the internal company infrastructure. The vulnerability, tracked as BDU:2025-02497 and rated 8.6 out of 10 on the CVSS 3.0 scale, affects Shortcuts 7.0 (2607.1.3). The vendor was notified of the threat in line with the responsible disclosure policy and has already released a software patch. Users are advised to upgrade to macOS Sequoia 15.5 or later. If updating the OS is currently not possible, Positive Technologies recommends users to pay close attention to the downloaded shortcuts before running them or avoid using them altogether. The Shortcuts app was introduced with macOS Monterey back in 2021 and has been supported in macOS Ventura, Sonoma, and Sequoia versions over the past four years. With the app, users can create shortcuts to automate various tasks, such as starting a timer, playing music, or converting text to audio. Users also have access to macros[1] that provide ready-made shortcuts. A threat actor could leverage this functionality by uploading infected templates to the library. For the security flaw to be exploited, it would be enough for the victim to inadvertently run a malicious macro on their device. 'An attacker could exploit this vulnerability to target any Shortcuts user,' said Egor Filatov, Junior Mobile Application Security Researcher at Positive Technologies. 'Before remediation, the vulnerability allowed an attacker to bypass macOS security mechanisms and execute arbitrary code on the victim's system.' According to the expert, the potential consequences of successful attacks include the following: Theft of confidential data or deletion of valuable information Malware execution Installation of backdoors[2] aimed at maintaining access to the system even after vulnerability patching Ransomware[3] infection Disruption to the organization's business processes (if a corporate device is compromised) Positive Technologies experts have been studying Apple products for over a decade. In 2018, Maxim Goryachy and Mark Ermolov, while looking for security flaws in Intel Management Engine, found a firmware vulnerability (CVE-2018-4251) affecting personal computers made by Apple and other manufacturers. In 2017, Timur Yunusov warned the community about multiple security gaps he discovered in Apple Pay: by exploiting the vulnerabilities, attackers could compromise users' bank cards and make unauthorized payments on external resources. Before that, another Positive Technologies researcher found and helped eliminate a critical vulnerability in the website, which could allow an adversary to conduct a directory traversal attack and gain access to private data. In addition to the macOS version of Shortcuts, there is also an iOS version of the app for mobile devices. To prevent threat actors from infiltrating the corporate network via vulnerable mobile apps, companies should protect their apps against reverse engineering. This can be done with solutions such as PT MAZE, which turns the application into an impenetrable maze, making attacks too resource-intensive for adversaries. [1] A macro is a pre-programmed sequence of actions defined by the user. [2] A backdoor is a type of malware that allows unauthorized access to data or enables remote control of the compromised system. Typically, an attacker installs a backdoor on a target system for future access. [3] Ransomware is a type of malware that encrypts a victim's files or locks them out of their computer system, giving the attacker control over any personal information stored on the compromised device. The attacker can then demand a ransom, threatening to leave the files or system inaccessible to the victim or to disclose confidential data if the ransom is not paid.
