The federal government, led by the Cybersecurity and Infrastructure Security Agency (CISA), conducted its first tabletop exercise focused on artificial intelligence (AI) cyber incidents. The exercise, organized under the Joint Cyber Defense Collaborative, involved 50 AI experts from 15 companies, and various international cyber defense agencies. It forms part of the Biden administration's broader initiatives to address the potential risks of AI, particularly as major companies like Microsoft accelerate the release of AI-enabled products. The tabletop aimed to understand AI-related cybersecurity incidents, improve information sharing, and enhance cooperation between industry and government. This effort also contributes to the development of CISA's AI security incident collaboration playbook, set for release at the end of 2024. Various U.S. government partners, including the FBI and NSA, and international agencies from Australia, the U.K., New Zealand, and Canada participated or observed the exercise.

CISA leads first tabletop exercise for AI cybersecurity cyberscoop

A study from Mount Sinai Hospital indicates that artificial intelligence (AI) can significantly enhance patient outcomes by predicting and preventing health decline. Published in *Critical Care Medicine*, the research involved over 2,700 adult patients split into two groups, with one group receiving real-time AI alerts about potential health deterioration. The intervention group saw a 43% higher likelihood of receiving escalated care and markedly reduced mortality rates. The study suggests that AI algorithms outperform traditional methods like the MEWS by enabling earlier interventions and potentially saving lives. Despite the study's early termination due to the COVID-19 pandemic, a simplified AI system is being used to monitor stepdown unit patients at Mount Sinai, continually improving through reinforcement learning.

Real-Time AI Alerts Reduce Patient Deaths by 43%, Mount Sinai Study Finds hitconsultant.net

A recent malware campaign employs deceptive Google Chrome, Word, and OneDrive errors to trick users into executing malicious PowerShell scripts. Multiple threat actors, including ClearFake, ClickFix, and TA571, are using these tactics. The attacks involve fake error messages prompting users to copy a PowerShell “fix” and run it, leading to various malware installations such as DarkGate, Matanbuchus, and NetSupport. These campaigns are spread through compromised websites and HTML email attachments, exploiting users' lack of understanding of the dangers associated with running PowerShell commands. Despite the need for significant user interaction, the social engineering techniques used are effective at deceiving individuals into executing harmful actions on their systems.

Fake Google Chrome errors trick you into running malicious PowerShell scripts bleepingcomputer

The Black Basta ransomware group exploited a Windows privilege escalation vulnerability (CVE-2024-26169) before Microsoft issued a patch in March 2024. Symantec researchers found that an exploit tool, likely compiled pre-patch, was used in a recent attempted ransomware attack, though no payload was deployed. The tactics closely matched those of Black Basta, which has been active since 2022, targeting over 500 organizations primarily in the healthcare sector. This group evolved from the Conti ransomware and shifted infection vectors from Qakbot to the DarkGate loader after Qakbot was taken down in August 2023. Organizations are urged to patch the flaw immediately to mitigate the ongoing risk.

Black Basta may have exploited Microsoft flaw before a patch was issued itpro