Latest news with #CiscoAIDefense
TECHx
10-07-2025
- TECHx
Cisco Talos Reveals Rise in Malicious Use of AI Tools
Home » Emerging technologies » Cyber Security » Cisco Talos Reveals Rise in Malicious Use of AI Tools Cisco Talos, one of the world's most trusted threat intelligence teams, has revealed how cybercriminals are increasingly abusing artificial intelligence (AI) tools to enhance their operations. According to a newly published report, large language models (LLMs) are being exploited to generate malicious content and bypass traditional security measures. Cisco Talos reported that both custom-built and jailbroken (modified) versions of LLMs are now being used to scale cyberattacks. These versions are producing phishing emails, malware, viruses, and other harmful content. The report noted that some LLMs are being connected to external tools, including email accounts and credit card checkers. This integration is helping cybercriminals automate and amplify their attacks. Cisco Talos researchers also documented the presence of malicious LLMs on underground forums. These include names such as: FraudGPT DarkGPT WhiteRabbitNeo These tools are advertised with features like ransomware creation, phishing kit generation, and card verification services. Interestingly, the report also revealed that some fake AI tools are being used to scam fellow cybercriminals. Cisco Talos highlighted how attackers are jailbreaking legitimate AI models. These jailbreaks aim to bypass safety guardrails and alignment training, allowing the generation of normally restricted content. Additionally, the report warned that AI models themselves are becoming targets. Attackers are inserting backdoors into downloadable models, enabling them to function as programmed by the attacker when activated. Models using external data sources are also at risk. If threat actors manipulate the source data, it could compromise the model's behavior. Fady Younes, Managing Director for Cybersecurity at Cisco covering the Middle East, Africa, Türkiye, Romania, and CIS, commented on the findings. He stated that while large language models offer significant potential, they are now being weaponized to scale attacks. He emphasized the need for strong AI governance, user awareness, and foundational cybersecurity measures. 'With recent innovations like Cisco AI Defense, we are committed to helping enterprises achieve end-to-end protection as they build, use, and innovate with AI,' Younes added. Cisco Talos concluded that as AI becomes more integrated into enterprise and consumer systems, security strategies must evolve. It stressed the importance of: Scanning for tampered AI models Validating external data sources Monitoring abnormal LLM behavior Educating users on the risks of prompt manipulation The report signals a new phase in the cyber threat landscape. Cisco Talos continues to monitor the situation as part of its mission to strengthen global cybersecurity.
Channel Post MEA
09-07-2025
- Channel Post MEA
Cybercriminals Increasingly Exploit AI Tools To Enhance Attacks: Cisco Talos
Cisco Talos has published a new report revealing how cybercriminals are increasingly abusing artificial intelligence (AI) tools – particularly large language models (LLMs) – to enhance their operations and evade traditional defenses. The findings highlight how both custom-built and jailbroken (modified) versions of LLMs are being used to generate malicious content at scale, signaling a new chapter in the cyber threat landscape. The report explores how threat actors are bypassing built-in safeguards legitimate AI tools use, creating harmful alternatives that cater to criminal demands. These unregulated models can produce phishing emails, malware, viruses and even assist in scanning websites for vulnerabilities. Some LLMs are being connected to external tools such as email accounts, credit card checkers, and more to streamline and amplify attack chains. Commenting on the report's findings, Fady Younes, Managing Director for Cybersecurity at Cisco Middle East, Africa, Türkiye, Romania and CIS, stated: 'While large language models offer enormous potential for innovation, they are also being weaponized by cybercriminals to scale and refine their attacks. This research highlights the critical need for AI governance, user vigilance, and foundational cybersecurity controls. By understanding how these tools are being exploited, organizations can better anticipate threats and reinforce their defenses accordingly. With recent innovations like Cisco AI Defense, we are committed to helping enterprises harness end-to-end protection as they build, use, and innovate with AI.' Cisco Talos researchers documented the emergence of malicious LLMs on underground forums, including names such as FraudGPT, DarkGPT, and WhiteRabbitNeo. These tools are advertised with features like phishing kit generation and ransomware creation, alongside card verification services. Interestingly, even the criminal ecosystem is not without its pitfalls – many so-called 'AI tools' are also scams targeting fellow cybercriminals. Beyond harmful models, attackers are also jailbreaking legitimate AI platforms using increasingly sophisticated techniques. These jailbreaks aim to bypass safety guardrails and alignment training to produce responses that would normally be blocked. The report also warns that LLMs themselves are becoming targets, as attackers are inserting backdoors into downloadable AI models to function as per the attacker's programming when activated. As a result, models using external data sources to find information are exposed to risks if threat actors tamper with the sources. Cisco Talos' findings underscore the dual nature of emerging technologies – offering powerful benefits but also introducing new vulnerabilities. As AI becomes more commonplace for enterprises and consumer systems, it is essential that security measures evolve in parallel. This includes scanning for tampered models, validating data sources, monitoring abnormal LLM behavior, and educating users on the risks of prompt manipulation. Cisco Talos continues to lead the global cybersecurity community by sharing actionable intelligence and insights. The full report, Cybercriminal Abuse of Large Language Models, is available at
Web Release
09-07-2025
- Web Release
Cisco Talos: Cybercriminals Increasingly Exploit AI and Language Models to Enhance Attacks
Cisco Talos, one of the world's most trusted threat intelligence teams, has published a new report revealing how cybercriminals are increasingly abusing artificial intelligence (AI) tools – particularly large language models (LLMs) – to enhance their operations and evade traditional defenses. The findings highlight how both custom-built and jailbroken (modified) versions of LLMs are being used to generate malicious content at scale, signaling a new chapter in the cyber threat landscape. The report explores how threat actors are bypassing built-in safeguards legitimate AI tools use, creating harmful alternatives that cater to criminal demands. These unregulated models can produce phishing emails, malware, viruses and even assist in scanning websites for vulnerabilities. Some LLMs are being connected to external tools such as email accounts, credit card checkers, and more to streamline and amplify attack chains. Commenting on the report's findings, Fady Younes, Managing Director for Cybersecurity at Cisco Middle East, Africa, Türkiye, Romania and CIS, stated: 'While large language models offer enormous potential for innovation, they are also being weaponized by cybercriminals to scale and refine their attacks. This research highlights the critical need for AI governance, user vigilance, and foundational cybersecurity controls. By understanding how these tools are being exploited, organizations can better anticipate threats and reinforce their defenses accordingly. With recent innovations like Cisco AI Defense, we are committed to helping enterprises harness end-to-end protection as they build, use, and innovate with AI.' Cisco Talos researchers documented the emergence of malicious LLMs on underground forums, including names such as FraudGPT, DarkGPT, and WhiteRabbitNeo. These tools are advertised with features like phishing kit generation and ransomware creation, alongside card verification services. Interestingly, even the criminal ecosystem is not without its pitfalls – many so-called 'AI tools' are also scams targeting fellow cybercriminals. Beyond harmful models, attackers are also jailbreaking legitimate AI platforms using increasingly sophisticated techniques. These jailbreaks aim to bypass safety guardrails and alignment training to produce responses that would normally be blocked. The report also warns that LLMs themselves are becoming targets, as attackers are inserting backdoors into downloadable AI models to function as per the attacker's programming when activated. As a result, models using external data sources to find information are exposed to risks if threat actors tamper with the sources. Cisco Talos' findings underscore the dual nature of emerging technologies – offering powerful benefits but also introducing new vulnerabilities. As AI becomes more commonplace for enterprises and consumer systems, it is essential that security measures evolve in parallel. This includes scanning for tampered models, validating data sources, monitoring abnormal LLM behavior, and educating users on the risks of prompt manipulation. Cisco Talos continues to lead the global cybersecurity community by sharing actionable intelligence and insights. The full report, Cybercriminal Abuse of Large Language Models, is available at
TECHx
25-03-2025
- Business
- TECHx
Cisco and NVIDIA Unveil Secure AI Factory
Cisco and NVIDIA have launched the Cisco Secure AI Factory, a new AI architecture that prioritizes security at every layer. This collaboration builds on their expanded partnership announced last month. Both companies are moving quickly to deliver validated reference architectures to help enterprises deploy, manage, and secure AI infrastructure at any scale. Chuck Robbins, Chair and CEO of Cisco, stressed the importance of integrating security with AI: 'AI can unlock groundbreaking opportunities for the enterprise. To achieve this, the integration of networking and security is essential. Cisco and NVIDIA's trusted, innovative solutions empower our customers to harness AI's full potential simply and securely.' Jensen Huang, founder and CEO of NVIDIA, echoed this sentiment, highlighting the need for robust protection: 'AI factories are transforming every industry, and security must be built into every layer to protect data, applications, and infrastructure. Together, NVIDIA and Cisco are creating the blueprint for secure AI—giving enterprises the foundation they need to confidently scale AI while safeguarding their most valuable assets.' What Is the Cisco Secure AI Factory? AI factories—data centers designed to handle AI workloads—require more than just advanced computing power. They also need built-in security to protect data, applications, and infrastructure. The Cisco Secure AI Factory with NVIDIA addresses these challenges. It integrates advanced networking, security solutions, and scalable architecture to simplify AI deployment while ensuring comprehensive protection. At the core of this collaboration is the NVIDIA Spectrum-X™ Ethernet networking platform. Cisco also integrates key security solutions: Cisco Hypershield: Protects AI workloads by preventing lateral movement and mitigating vulnerabilities. Cisco AI Defense: Safeguards AI models and applications across their lifecycle while aligning with key security standards like NIST, MITRE ATLAS, and OWASP LLM Top 10. Three Layers of AI Security Cisco and NVIDIA's Secure AI Factory embeds security across three critical layers: Infrastructure Security: Cisco's Hybrid Mesh Firewall delivers unified security management. Future plans include integration with NVIDIA BlueField-3 DPUs for zero-trust security across AI nodes. Workload Security: Cisco Hypershield provides proactive vulnerability mitigation without patching. Upcoming features will enhance real-time threat detection through NVIDIA BlueField-3's DOCA AppShield. AI Application Security: Cisco AI Defense protects AI applications from safety risks and streamlines security workflows. Future integrations with NVIDIA AI Enterprise will further strengthen AI security. Flexible Deployment Options Cisco and NVIDIA offer two deployment models to fit different enterprise needs: Ready-to-Deploy: A complete, vertically integrated solution combining Cisco's security tools with NVIDIA's technology. This option automates the AI factory lifecycle—from design to deployment and monitoring. Build-Your-Own: Modular components from Cisco, NVIDIA, and ecosystem partners allow businesses to customize their AI infrastructure. Accelerating AI Adoption Cisco and NVIDIA are moving fast to meet the rising demand for AI infrastructure. Since announcing their collaboration in February 2025, Cisco has already developed new reference architectures for: Cisco Nexus Hyperfabric AI Cisco Nexus 9000 Series Switches These architectures are validated against NVIDIA's Enterprise Reference Architecture for HGX H200 and Spectrum-X. By combining their expertise, Cisco and NVIDIA deliver scalable, secure AI infrastructure that helps businesses at every stage of their AI journey.
Tahawul Tech
25-03-2025
- Business
- Tahawul Tech
'Cisco and NVIDIA's trusted, innovative solutions empower our customers to harness AI's full potential simply and securely.'- Chuck Robbins, Cisco
Cisco has announced a new AI factory architecture with global AI leaders NVIDIA, that is ultimately designed to place security at its core, whilst also simplifying enterprise AI adoption. This collaboration with NVIDIA builds on the expanded partnership that was announced last month, and the companies have moved swiftly to provide validated reference architectures today. Together, the companies are developing the Cisco Secure AI Factory with NVIDIA to dramatically simplify how enterprises deploy, manage, and secure AI infrastructure at any scale. 'AI can unlock ground-breaking opportunities for the enterprise,' said Chuck Robbins, Chair and CEO, Cisco. 'To achieve this, the integration of networking and security is essential. Cisco and NVIDIA's trusted, innovative solutions empower our customers to harness AI's full potential simply and securely.' 'AI factories are transforming every industry, and security must be built into every layer to protect data, applications and infrastructure,' said Jensen Huang, founder and CEO, NVIDIA. 'Together, NVIDIA and Cisco are creating the blueprint for secure AI—giving enterprises the foundation they need to confidently scale AI while safeguarding their most valuable assets.' Developing and delivering AI applications require high performing, scalable infrastructure and AI software tool chain. Securing this infrastructure and AI software requires a new architecture – one that embeds security at all layers of the AI stack and automatically expands and adapts as the underlying infrastructure changes. Cisco and NVIDIA's partnership on the NVIDIA Spectrum-XTM Ethernet networking platform provides the foundation for the Cisco Secure AI Factory with NVIDIA. Cisco is integrating security solutions like Cisco Hypershield, to help protect AI workloads, and Cisco AI Defense, to help protect the development, deployment, and use of AI models and applications. Together, Cisco and NVIDIA will provide customers with the flexibility to design infrastructure for their specific AI needs without sacrificing operational simplicity or security. Building a Secure AI Factory: AI factories – data centers purpose-built to power AI workloads – are designed to be more modular, scalable and agile, but organizations must also look beyond raw compute power. AI Factories must address new and complex security challenges. The recently published Cisco State of AI Security report analyzes dozens of AI-specific threat vectors and over 700 pieces of AI-related legislation to highlight key developments from a rapidly evolving AI security landscape. Organizations that strategically address both their AI infrastructure and security challenges simultaneously will be more agile, scale faster, and derive business value quicker. Cisco Secure AI Factory with NVIDIA is expected to build on the companies' unique ability to offer flexible AI networking and full-stack technology options that leverage the planned joint architecture. The partnership will bring together technologies from Cisco, NVIDIA, and our ecosystem partners into a secure AI factory architecture for enterprise customers, including: compute, networking, storage, and software. The Cisco Secure AI Factory with NVIDIA includes security at all layers: Securing the infrastructure through Cisco Hybrid Mesh Firewall that provides unified security management and consistent policy across multiple enforcement points. It will, in the future, extend pervasive, zero-trust security enforcement to every AI node by integrating with NVIDIA BlueField-3 DPUs. Securing the Workload via Cisco Hypershield that prevents adversary lateral movement and proactive vulnerability mitigation without the need for patching, all from a single management interface. Future enhancements will further strengthen workload protection through integration with NVIDIA BlueField-3's DOCA AppShield for real-time workload threat detection in AI-focused virtual machines and containers. 3. Securing the AI application with Cisco AI Defense that empowers security and AI teams with comprehensive tools to protect AI applications from safety risks across the development lifecycle. Additionally, AI Defense helps companies align to AI security standards with a single integration, including NIST, MITRE ATLAS, and OWASP LLM Top 10. Future enhancements include integration with NVIDIA AI Enterprise to streamline AI security workflows. Cisco and NVIDIA each bring a unique understanding of customer AI infrastructure needs, and by combining their insights, can offer flexible deployment models alongside proven reference architectures. The Secure AI Factory will provide enterprise customers with scalable, high-performance AI infrastructure that supports customers at any stage of their journey and embeds security throughout. Cisco Secure AI Factory with NVIDIA will have flexible deployment options, including · Ready-to-deploy approach along with Cisco's security portfolio and NVIDIA technology, customers can deploy a vertically integrated AI solution that automates and simplifies the secure AI factory lifecycle from design to deployment and ongoing monitoring. · Build-your-own: Featuring customizable modular components from Cisco, NVIDIA, and the companies' storage ecosystem partners, customers can incorporate their current infrastructure and build solutions that are designed precisely for their unique environments. Cisco and NVIDIA: The journey to a validated and unified architecture Moving quickly is crucial to meet today's demand for AI infrastructure, and Cisco and NVIDIA have made progress as part of the collaboration announced in February 2025. Cisco has developed new reference architectures with deployment options for Cisco Nexus Hyperfabric AI or Cisco Nexus 9000 Series Switches validated and based on the NVIDIA Enterprise Reference Architecture for HGX H200 and Spectrum-X.
