<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal">A very interesting piece of work from Symantec:<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" style="margin-left:.2in">Open AI’s Operator agent upon prompting discovered a Symantec employee’s email address via deduction based on other company emails that were public (as the target employee’s email wasn't publicly available online),
and drafted a malware PowerShell script. Once it had established the email address, it drafted the PowerShell script. It opted to find and install a text editor plugin for Google drive. Interestingly, Operator visited several web pages about PowerShell prior
to creating the script, seemingly to get some guidance on how it could be done. Finally, the agent generated a reasonably convincing email urging the employee to run the script, attached the script to said email, and sent the email without requiring any proof
of authorization.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">News article – <a href="https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fopenai-operator-agent-proof-concept-phishing-attack&data=05%7C02%7Ccaice-csse%40eng.auburn.edu%7C412a052787b6447e47f208dd62ee8122%7Cccb6deedbd294b388979d72780f62d3b%7C0%7C0%7C638775498769253921%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=0YOBo3CUurEc4MmBNbe%2B3XPnOIZB0pwwo24WntMrSc4%3D&reserved=0" originalsrc="https://www.darkreading.com/threat-intelligence/openai-operator-agent-proof-concept-phishing-attack">
https://www.darkreading.com/threat-intelligence/openai-operator-agent-proof-concept-phishing-attack</a>
<o:p></o:p></p>
<p class="MsoNormal">Symantec blog post – <a href="https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.security.com%2Fthreat-intelligence%2Fai-agent-attacks&data=05%7C02%7Ccaice-csse%40eng.auburn.edu%7C412a052787b6447e47f208dd62ee8122%7Cccb6deedbd294b388979d72780f62d3b%7C0%7C0%7C638775498769269955%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=u9VhLByxpQvGlh8a9IOJRA3tF3yHaXRZrm51sBFAWbs%3D&reserved=0" originalsrc="https://www.security.com/threat-intelligence/ai-agent-attacks">
https://www.security.com/threat-intelligence/ai-agent-attacks</a> <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>