Today's LLMs craft exploits from patches at lightning speed The time from vulnerability disclosure to proof-of-concept (PoC) exploit code can now be as short as a few hours, thanks to generative AI models. Matthew Keely, of Platform Security and penetration testing firm ProDefense, managed to cobble together a working exploit for a critical vulnerability in Erlang's SSH library (CVE- …
"your infrastructure should be built to allow safe and fast patching."
This has become crucial: Your production system should be able to be patched and updated at any time.
If not, you're a sitting duck.
And you should make backups because you will be hacked.
"So perhaps we should add in a "Patch Friday" every now and then."
No, a Simian Army (like Netflix) of monkey programs that reboot, or patch, servers and services randomly. Netflix uses these to ensure robust services. If a server cannot reboot now, there is something wrong.
If you want to be able to patch any time, you should simply patch and reboot randomly to test continuously.
Never on Friday. You don't want to be in at the weekend when it goes wrong, do you? Safest not to do anything of consequence on Friday. Except firing people, of course. Studies have statistically shown that there's less chance of an incident if you do it at the end of the week.
This post has been deleted by its author
This paints an interesting picture which could theoretically be the first place where LLMs or dare we say AI is pitted against itself / other models in real time.
Bad actors use LLMs to quickly find exploits while systems are protected by LLMs real time constantly scanning for vulnerabilities, attacks etc. and self patching the system.
Human interaction is simply to watch, check logs, occasionally prompt.
At this point it really is AI against AI with all the hallucinations that could result.
Bad actor AI tricks system protection AI into becoming a Bad actor too.
It's a weird idea, always on 24/7 self learning LLM's "battling" each other at a speed humans can't match and perhaps even left unattended/unmonitored for hours end.
What could possibly go wrong?
...before we look back on today's world with much the same misty eyed nostalgia as we get today looking at computing in the 80s and early 90s? "Oh, no, there's no password, there's only one user account, so why need one?" "Why would we need to segregate memory between processes? Who's running two processes at once?" "What do you mean 'firewall' why wouldn't I allow totally unrestricted data flow between this machine and that one? That's Ted's machine. We all know Ted!"
I get the impression that a day will come when running code that hasn't been mathematically validated to do what it says it does will be looked at as some kind of age of innocence naiveite, and people will look back on speed of development and change in the decades before and wish for the days before everything got infested with hostile AI that has to be guarded against at every turn.
My question is whether this means that, in addition to generating exploits faster, AI can also assist with generating exploits for vulnerabilities that might not have had exploits created for them at all, previously. I'm thinking of vulnerabilities that MS categorizes as 'exploitation less likely', such as CVE-2024-35254.
Thoughts?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
