Connect with us

Technology

Microsoft AI Has the Potential to Become an Automated Phishing Scheme

Published

on

Microsoft sped up to integrate generative AI into its core systems. The company’s Copilot AI technology can retrieve responses from your emails, Teams chats, and files when you ask questions regarding an upcoming meeting, which might be quite helpful in terms of efficiency. However, hackers may also take advantage of these very procedures.

Researcher Michael Bargury is showcasing five proof-of-concept ways that Copilot, which runs on its Microsoft 365 apps, like Word, can be manipulated by malicious attackers today at the Black Hat security conference in Las Vegas. These ways include using it to provide false references to files, exfiltrate some private data, and evade Microsoft’s security measures.

Arguably, one of the most concerning demonstrations is Bargury’s capacity to transform the AI into an autonomous spear-phishing apparatus. Known as LOLCopilot, the red-teaming code that Bargury developed can, crucially, be used by hackers to see who you regularly email, draft a message that mimics your writing style (including the use of emojis), and send a customized blast that may contain malware or a malicious link once they have access to a target’s work email.

Cofounder and CTO of security firm Zenity Bargury says, “I can do this with everyone you have ever spoken to, and I can send hundreds of emails on your behalf.” Bargury released his research along with videos demonstrating how Copilot may be misused. “A hacker would spend days crafting the right email to get you to click on it, but they can generate hundreds of these emails in a few minutes.”

This example, like other assaults developed by Bargury, primarily operates by utilizing the large language model (LLM) as intended: inputting written queries to obtain information that the AI can acquire. Nevertheless, if it contains extra information or commands to carry out certain tasks, it may have harmful effects. A few of the difficulties in integrating AI systems with corporate data are brought to light by the research, along with the potential consequences of incorporating “untrusted” external data, especially when the AI produces results that appear legitimate.

Among the other assaults that Bargury designed is an example of how a hacker might obtain sensitive data, like people’s salaries, without inadvertently triggering Microsoft’s defenses for sensitive files. This hacker, of course, must first have gained control of an email account. Bargury’s prompt requests that the system not give references to the files from which the data is extracted. Bullying occasionally does assist, according to Bargury.

In other cases, he demonstrates how an attacker can modify responses regarding banking information to reveal their own bank details. This attacker doesn’t have access to email accounts, but instead taints the AI’s database by sending it a malicious email. According to Bargury, “Every time you give AI access to data, that is a way for an attacker to get in,” 

Another example demonstrates how an outside hacker could obtain certain restricted knowledge regarding the potential success or failure of an impending corporate earnings call. The last example, according to Bargury, transforms Copilot into a “malicious insider” by sending users to phishing websites.

Microsoft’s head of AI incident detection and response, Phillip Misner, said the company has been collaborating with Bargury to evaluate the findings and is grateful that he discovered the issue. According to Misner,  “The risks of post-compromise abuse of AI are similar to other post-compromise techniques,” “Security prevention and monitoring across environments and identities help mitigate or stop such behaviors.”

In the last two years, generative AI systems have advanced to the point where, like Google’s Gemini, Microsoft’s Copilot, and OpenAI’s ChatGPT, they may ultimately perform human-like jobs like making reservations for events or making online purchases. But as security experts have shown time and time again, letting outside data into AI systems—for example, by email or by reading content from websites—raises the possibility of indirect trigger injection and poisoning attacks.

As a security researcher and red team director who has widely shown security flaws in AI systems, Johann Rehberger adds, “I think it’s not that well understood how much more effective an attacker can actually become now.” “What we have to be worried [about] now is actually what is the LLM producing and sending out to the user.”

Rehberger cautions in general that a number of data problems may be traced back to the long-standing issue of businesses permitting an excessive number of employees to view files and failing to properly arrange access permissions throughout their enterprises. Rehberger continues, “Now imagine you put Copilot on top of that problem.” He claims to have employed AI systems to look up popular passwords like Password123, and that the algorithms have produced findings from within businesses.

Rehberger and Bargury agree that monitoring the output that an AI generates and transmits to a user needs to be given greater attention. According to Bargury, “The risk is about how AI interacts with your environment, how it interacts with your data, how it performs operations on your behalf,” “You need to figure out what the AI agent does on a user’s behalf. And does that make sense with what the user actually asked for.”

Technology

Vivo V50: Design, camera and key features revealed ahead of India launch

Published

on

Vivo V50: Design, camera and key features revealed ahead of India launch

Vivo has officially started announcing the arrival of the Vivo V50 in India, although its exact launch date is yet to be confirmed. A recent leak suggests that the smartphone could be launched on February 18. The company has now launched a microsite for the upcoming device, revealing key details about its design, camera capabilities, and features. Unlike its Chinese counterpart, the Vivo S20, the V50 will have some unique specifications designed for the global market, where the S series will be rebranded as the V series.

Vivo V50: Design and Build

As per the teaser, the Vivo V50 will retain the same design as its predecessor, featuring a bullet-shaped camera island. On the top, a circular module houses the dual camera sensors, giving it a distinctive aesthetic.

One of its features is its ultra-slim profile, which makes it the slimmest smartphone in India that packs a massive 6000mAh battery. Although it is inferior to the 6,500mAh battery of the Vivo S20, it beats the Vivo V40 in terms of battery capacity.

The smartphone will be available in three colors: Rose Red, Titanium Gray, and Starry Blue. The Starry Blue edition will feature 3D star technology, which creates an attractive effect similar to a starry night sky.

Adding to its durability, the Vivo V50 comes with IP68 and IP69 ratings, which ensure dust and water resistance.

Screen and durability


The Vivo V50 will feature a quad-curve display with a curvature of 41 degrees, which will contribute to its premium look. The bezels are very thin, measuring just 0.186 cm, which makes for a better viewing experience. Additionally, the display is protected by Diamond Shield Glass, which is designed to provide excellent drop resistance.

Camera capabilities

Vivo has collaborated with Zeiss for the front and rear cameras of the Vivo V50. The rear camera setup includes a 50MP primary sensor with optical image stabilization (OIS) and a 50MP ultra-wide-angle lens capable of recording 4K video.

For selfies, the device features a 50-megapixel front camera, which ensures high-quality self-portraits and video calling.

Photography enthusiasts will love the Multi-Focus Portrait mode, which allows users to shoot at focal lengths of 23mm, 35mm, and 50mm. Additionally, the camera will feature seven Zeiss-style bokeh effects for artistic portrait shots.

A unique color-adaptive border feature will automatically extract and apply colors from images such as wedding photos to create custom borders.

The Vivo V50 comes with Aura Light flash and AI Studio Light Portrait 2.0, which enhances soft and bright light in photos.

Software and features

Vivo claims that the V50 will deliver five years of trouble-free performance, which will demonstrate strong optimization and longevity.

The phone is confirmed to include several AI-powered features, such as:

  • Gemini AI integration
  • Circle functionality for searching
  • AI transcription support
  • Live call translation
  • It will run on Funtouch OS 15.

Release and expected price

While the hardware specifications of the Vivo V50 are yet to be revealed, an official launch date is expected to be announced soon.

For reference, the Vivo V40 was launched in June last year at a starting price of ₹34,999. According to industry sources, the V50 is also likely to be priced in the same range.

Continue Reading

Technology

A Complete Step-by-Step Guide to Integrating the WhatsApp Business API for Your Business

Published

on

Integrating the WhatsApp Business API with your business operations can significantly enhance your customer service, streamline communication, and boost engagement. By combining the power of WhatsApp with the convenience of automation through a chatbot in WhatsApp, businesses can provide real-time support and drive greater customer satisfaction.

This step-by-step guide will walk you through the entire process of integrating the WhatsApp Business API, from setting up the API to deploying a chatbot to automate interactions.

What is the WhatsApp Business API?

The WhatsApp Business API is a tool designed for medium to large businesses to facilitate two-way communication with their customers on WhatsApp. Unlike the WhatsApp Business App, which is intended for small businesses, the API allows for greater scalability, automation, and integration with other business tools.

Key Features of WhatsApp Business API:

  • Automated Messaging: Schedule and send notifications, alerts, and updates to customers.
  • Two-Way Conversations: Engage in real-time conversations with customers.
  • Multimedia Support: Share rich media like images, videos, and documents.
  • Secure Messaging: All messages are encrypted end-to-end, ensuring privacy and security.
  • Integration with CRM: Seamlessly integrate with customer relationship management (CRM) tools and other business software.

Integrating the WhatsApp Business API allows businesses to create seamless communication workflows, whether for customer service, sales, or marketing purposes.

Benefits of Integrating the WhatsApp Business API

Before we dive into the integration process, let’s highlight some of the key benefits that businesses can gain from using the WhatsApp Business API:

  1. Improved Customer Engagement: WhatsApp has an incredibly high open rate for messages (up to 98%), making it a valuable platform for customer engagement.
  2. Enhanced Customer Support: Integrating a chatbot in WhatsApp can automate common queries and provide 24/7 customer support.
  3. Automated Notifications: Businesses can send order updates, appointment reminders, payment confirmations, and more through automated messages.
  4. Personalised Experience: By integrating with CRM systems, businesses can offer a highly personalised experience for each customer based on their past interactions.
  5. Increased Conversion Rates: WhatsApp’s fast response time can help businesses convert leads into sales more efficiently.

Step 1: Apply for WhatsApp Business API Access

The first step in integrating the WhatsApp Business API is to apply for access. WhatsApp Business API is not immediately available to all businesses and requires approval from WhatsApp. Here’s how to apply:

  1. Choose a Business Solution Provider (BSP): WhatsApp Business API can only be accessed through an official BSP, such as Twilio, MessageBird, or 360dialog. These providers help businesses set up, manage, and integrate the API.
  2. Submit Your Business Information: You’ll need to provide details about your business, including your name, website, and intended use case for the WhatsApp API.
  3. Get Approval from WhatsApp: Once submitted, WhatsApp will review your application and grant approval if your business meets their criteria.

Once approved, you will receive access to the WhatsApp Business API, including an API key and other necessary credentials.

Step 2: Set Up Your WhatsApp Business Profile

Once you have access to the WhatsApp Business API, the next step is to set up your WhatsApp Business profile. This profile is an essential part of establishing your business identity on WhatsApp and includes information such as your business name, contact information, website, and operating hours.

To set up your profile:

  1. Log into Your BSP Dashboard: Depending on the provider you’ve chosen (e.g., Twilio, MessageBird), log into your account and access the WhatsApp Business API section.
  2. Enter Business Information: Fill in your business name, description, contact information, and website link.
  3. Verify Your Business: Verify your business through Facebook Business Manager to link your WhatsApp number to your business profile.

Step 3: Choose a Messaging Platform or CRM Integration

For effective use of the WhatsApp Business API, you’ll need a messaging platform or CRM that integrates with the API. This will enable you to manage customer conversations, track leads, and automate messages efficiently.

  1. Choose a CRM or Messaging Platform: Select a CRM system such as HubSpot, Salesforce, or Zoho, or a messaging platform like Twilio or 360dialog, that supports WhatsApp API integration.
  2. Configure API Settings: Once you have selected a platform, configure the API to link your WhatsApp number with your CRM. This may involve entering the API key and other authentication details provided by WhatsApp.

Integrating your WhatsApp Business API with a CRM enables automated workflows, allowing you to send personalised messages based on customer data stored in your system.

Step 4: Develop a Chatbot for WhatsApp

Once the WhatsApp Business API is set up, the next step is to integrate a chatbot in WhatsApp. A chatbot helps automate customer support and provides quick answers to common inquiries. Here’s how to develop and deploy your chatbot:

  1. Choose a Chatbot Platform: Select a chatbot development platform like Dialogflow, ManyChat, or Botpress, which integrates with WhatsApp Business API.
  2. Define the Bot’s Functionality: Determine what tasks your chatbot will handle. Common functions include:
    • Answering frequently asked questions
    • Collecting lead information
    • Providing order updates and tracking
    • Sending appointment reminders
  3. Create Conversational Flows: Map out the flow of interactions between the user and the chatbot, ensuring it covers all possible user queries.
  4. Integrate the Chatbot with WhatsApp API: Use the API to connect your chatbot to the WhatsApp Business platform. This allows the bot to send and receive messages seamlessly.
  5. Test the Chatbot: Before going live, thoroughly test the chatbot to ensure it provides accurate responses and functions properly.

Step 5: Set Up Automated Messaging and Notifications

Another powerful feature of the WhatsApp Business API is the ability to send automated messages and notifications. These messages can be used for order confirmations, shipping updates, appointment reminders, and more.

To set up automated messaging:

  1. Create Message Templates: WhatsApp requires businesses to use pre-approved message templates for notifications. These templates need to be submitted and approved by WhatsApp before you can use them.
  2. Configure Triggers: Set up triggers that will automatically send these messages when specific events occur, such as when a customer places an order or schedules an appointment.
  3. Personalise Messages: Use customer data from your CRM to personalise these messages and make them more relevant to the recipient.

Step 6: Monitor and Optimise Your Integration

Once your WhatsApp Business API and chatbot are integrated, it’s important to continually monitor performance and optimise for better results.

  1. Track Metrics: Measure key performance indicators (KPIs) like response time, customer satisfaction, and engagement rates.
  2. Customer Feedback: Collect feedback from customers to understand the effectiveness of the chatbot and automated messages.
  3. Refine Chatbot Responses: Regularly update your chatbot’s conversational flows based on customer interactions to improve its accuracy and efficiency.

Step 7: Ensure Compliance and Security

As you integrate the WhatsApp Business API, it’s crucial to ensure compliance with data protection regulations and maintain customer privacy. WhatsApp’s end-to-end encryption ensures that all messages remain private, but businesses must still adhere to GDPR and other relevant laws when handling customer data.

  1. Obtain Customer Consent: Ensure that customers opt in to receive messages from your business on WhatsApp.
  2. Secure Customer Data: Use encryption and secure data storage practices to protect customer information.

Integrating the WhatsApp Business API with your business operations is a powerful way to improve customer service, automate tasks, and enhance engagement. By combining the API with a chatbot in WhatsApp, businesses can offer 24/7 support and streamline communications with customers.

By following this step-by-step guide, you can ensure a smooth and efficient integration process. With the right tools and strategies, the WhatsApp Business API will become an invaluable asset to your business, helping you connect with customers and grow your brand.

Continue Reading

Technology

How AI and Automation Are Shaping the Future of Business

Published

on

Artificial intelligence was believed to be a concept of the far future. Alongside automation, however, it is becoming the primary force behind the current technological revolution.

Automation and artificial intelligence (AI) are increasingly crucial in changing the way we think about productivity as the need for efficiency keeps growing.

Sachin Dev Duggal the founder of Software building company Builder.ai mentioned “Our team is already investing this capital in our AI and automation capabilities so we can use new frontier technology responsibly and empower our customers more,”

“The company has opened four additional offices since January 2022, including ones in the US, the UAE, Singapore, and France, nearly doubling its staff and expanding its UK headquarters, Sachin Duggal also mentioned.

Due to record-high client demand and ongoing AI developments, the company has almost tripled its staff.

Builder.ai recently revealed an agreement with Microsoft that entails a secret stock investment in the company.”

The Recent State of Productivity

Outcome in the past was dependent on human productivity. Workers would manually discuss project status, keep track of tasks, and attempt to meet deadlines. Although this method was effective for many years, it had a number of drawbacks, such as inability to meet the demand in time and human error.

Conventional approaches have trouble managing data-intensive jobs, scaling operations, and tracking progress in real time. As companies expand, these difficulties become more noticeable, resulting in bottlenecks and lost optimization possibilities.

Moreover, people are not perfect. Stress, fatigue, and multitasking can all readily affect output. This is where automation and artificial intelligence (AI) come in, providing solutions that lessen the workload for staff members while producing reliable outcomes.

According to Sachin Dev Duggal, the latest round of capital will help the business maintain its position as a leader in the sector and its creative pipeline, allowing for more investments in technology, people, and connections.

Capabilities of AI in Workplace

  • Data Analysis and Insights: Through rapid data assessment AI systems uncover hidden patterns within large datasets which support informed choices.
  • Natural Language Processing (NLP): Thanks to its natural language processing capabilities AI systems enable virtual assistants and chatbots to meaningfully engage with staff members along with clients.
  • Personalization: Through assessing user history AI generates personalized interface enhancements and recommendation streams which better serve each individual customer.
  • Improved Cooperation: AI implementation produces tools which empower workforce communication and teamwork to sustain uniformity throughout team members’ work activities.
  • AI Decision Support: When AI provides managers with useful suggestions coupled with practical insights it allows them to accelerate their decision-making process.
  • Predictive analytics: Predictive analytics based on historical data enables AI systems to help organizations estimate market and customer patterns before they happen.

Automation: A Key Player in Modern Day Productivity

Technology-powered operations under automation require minimum human intervention to deliver simple processes as well as improved productivity levels. Workers must perform two types of automation tasks from scheduling emails to supervising entire factory production lines. The goal targets both consistency and efficiency.

Conclusion

AI together with automation techniques reward businesses with enhanced productivity through optimized workflows and improved accuracy and strategic priorities focus. The future advancement of technology will sustain these tools for driving industrial innovation and operational efficiency.

Continue Reading

Trending

error: Content is protected !!