MITRE ATLAS analysiert OpenClaw: Neue Exploit-Pfade in KI-Agentensystemen

ie Untersuchung von OpenClaw zeigt, wie selbstständig agierende KI-Systeme völlig neue Sicherheitsrisiken schaffen, die über traditionelle Bedrohungsmodelle hinausgehen.

https://www.all-about-security.de/mitre-atlas-analysiert-openclaw-neue-exploit-pfade-in-ki-agentensystemen/

#MITRE #OpenClaw #exploits #kiagenten

AI Recommendation Poisoning represents a trust-layer attack surface.

Microsoft researchers documented memory manipulation techniques classified as MITRE ATLAS AML.T0080.

Key characteristics:
• Persistent assistant memory alteration
• URL-based pre-populated prompt injection
• Cross-prompt injection via documents/web content
• Social engineering-based memory modification

This shifts the threat model from direct model compromise to recommendation integrity compromise.

If assistants influence financial, healthcare, or security decisions, poisoned memory becomes a systemic risk.

Source: https://www.microsoft.com/en-us/security/blog/2026/02/10/ai-recommendation-poisoning/

How should enterprises audit and sanitize AI memory state at scale?

Follow TechNadu for intelligence-driven AI security coverage.

#Infosec #ThreatModeling #PromptInjection #AIThreats #MITRE #CyberDefense #SecurityResearch #TechNadu

Manipulating AI memory for profit: The rise of AI Recommendation Poisoning - https://www.redpacketsecurity.com/manipulating-ai-memory-for-profit-the-rise-of-ai-recommendation-poisoning/

#threatintel
#AI memory poisoning
#prompt injection
#AI security
#memory persistence
#MITRE ATLAS AML.T0080

I don't seem to get any response from MITRE Corporation requesting CVE IDs. Multiple requests have been silently ignored. What can I do ... except becoming my own CNA?

#cve #mitre #security #cre #foswiki #opensource #perl

Turning threat reports into detection insights with AI - https://www.redpacketsecurity.com/turning-threat-reports-into-detection-insights-with-ai/

#threatintel
#threat-intelligence
#mitre-attck
#detection-engineering
#ai-for-security
#ttp-extraction

MITRE ATT&CK: Wie Cloud-Kontrollen gegen Cyberangriffe wirken

Das Center for Threat-Informed Defense hat nun einen Weg gefunden, etablierte Sicherheitskontrollen direkt mit den Vorgehensweisen realer Angreifer zu verknüpfen.

https://www.all-about-security.de/mitre-attck-wie-cloud-kontrollen-gegen-cyberangriffe-wirken/

#MITRE #cloud #cybersecurity #threat

INFORM-Framework: Bedrohungsbasierte Cybersicherheit messbar machen

Strategische Verteidigungsplanung mit neuem Messansatz

Die MITRE Cyber Threat Intelligence Division (CTID) präsentiert INFORM, ein webbasiertes Bewertungsinstrument für bedrohungsorientierte Sicherheitsarchitekturen

https://www.all-about-security.de/inform-framework-bedrohungsbasierte-cybersicherheit-messbar-machen/

#mitre #framework #cyberthreat #cybersecurity #RedTeam