{"id":22942,"date":"2025-08-25T08:00:00","date_gmt":"2025-08-25T11:00:00","guid":{"rendered":"https:\/\/www.ethicalhacker.com.br\/site\/?p=22942"},"modified":"2025-08-25T12:01:12","modified_gmt":"2025-08-25T15:01:12","slug":"cisco-alerta-sobre-vulnerabilidades-criticas","status":"publish","type":"post","link":"https:\/\/www.ethicalhacker.com.br\/site\/2025\/08\/exploits\/cisco-alerta-sobre-vulnerabilidades-criticas\/","title":{"rendered":"Cisco alerta sobre vulnerabilidades cr\u00edticas"},"content":{"rendered":"\n<p data-start=\"44\" data-end=\"113\"><strong data-start=\"44\" data-end=\"113\">Cisco alerta sobre vulnerabilidades cr\u00edticas em LLMs corporativos<\/strong><\/p>\n<p style=\"text-align: justify;\" data-start=\"115\" data-end=\"191\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Um relat\u00f3rio da Cisco Talos revelou que Large Language Models (LLMs) est\u00e3o sendo <strong data-start=\"81\" data-end=\"134\">armazenados e manipulados por criminosos digitais<\/strong>, que utilizam vers\u00f5es modificadas \u2014 como FraudGPT, DarkGPT e GhostGPT \u2014 para automatizar ataques como phishing, desenvolvimento de malware e explora\u00e7\u00e3o de vulnerabilidades em escala global<\/span>.<\/p>\n<p data-start=\"115\" data-end=\"191\">\u00a0<\/p>\n<p data-start=\"198\" data-end=\"259\"><strong data-start=\"198\" data-end=\"259\">Modelos ajustados (fine\u2011tuned) ampliam o risco de ataques<\/strong><\/p>\n<p style=\"text-align: justify;\" data-start=\"261\" data-end=\"337\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">De acordo com o mesmo estudo, LLMs personalizados com ajuste fino (fine-tuning) apresentam uma <strong data-start=\"95\" data-end=\"157\">probabilidade 22 vezes maior de gerar respostas maliciosas<\/strong> em compara\u00e7\u00e3o aos modelos base. O processo de personaliza\u00e7\u00e3o muitas vezes relaxa mecanismos internos de prote\u00e7\u00e3o, tornando-os vulner\u00e1veis a jailbreaks e manipula\u00e7\u00e3o via prompt injection<\/span>.<\/p>\n<p data-start=\"261\" data-end=\"337\">\u00a0<\/p>\n<p data-start=\"344\" data-end=\"418\"><strong data-start=\"344\" data-end=\"418\">Vetores emergentes: prompt injection e modelos maliciosos como servi\u00e7o<\/strong><\/p>\n<p style=\"text-align: justify;\" data-start=\"420\" data-end=\"496\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Ataques t\u00eam explorado lojas de IA criminal, onde criminosos vendem modelos j\u00e1 configurados para phishing ou cria\u00e7\u00e3o de ransomware. Esses modelos recebem input malicioso via prompt injection ou backdoors integrados, permitindo execu\u00e7\u00e3o de comandos arbitr\u00e1rios ou retorno de dados sens\u00edveis, sem autentica\u00e7\u00e3o<\/span>.<\/p>\n<p data-start=\"420\" data-end=\"496\">\u00a0<\/p>\n<p data-start=\"503\" data-end=\"552\"><strong data-start=\"503\" data-end=\"552\">Impacto sobre empresas e infraestrutura de IA<\/strong><\/p>\n<p style=\"text-align: justify;\" data-start=\"554\" data-end=\"591\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Organiza\u00e7\u00f5es que utilizam LLMs em opera\u00e7\u00f5es de atendimento ao cliente, an\u00e1lise de dados ou automa\u00e7\u00e3o contabilidade enfrentam risco ampliado. Um modelo comprometido ou mal projetado pode exfiltrar dados internos, executar instru\u00e7\u00f5es adversas, manipular l\u00f3gica de decis\u00e3o e contaminar cadeias de automa\u00e7\u00e3o com malware ou mensagens falsificadas.<\/span><\/p>\n<p data-start=\"554\" data-end=\"591\">\u00a0<\/p>\n<p data-start=\"598\" data-end=\"657\"><strong data-start=\"598\" data-end=\"657\">Mitiga\u00e7\u00f5es recomendadas para proteger LLMs corporativos<\/strong><\/p>\n<ul data-start=\"659\" data-end=\"918\">\n<li data-start=\"659\" data-end=\"740\">\n<p style=\"text-align: justify;\" data-start=\"662\" data-end=\"740\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Adotar <strong data-start=\"7\" data-end=\"33\">modelos especializados<\/strong> para seguran\u00e7a, como o Foundation-sec-8b da Cisco, com \u00eanfase em dados de ciberseguran\u00e7a e auditoria rigorosa<\/span>.<\/p>\n<\/li>\n<li data-start=\"741\" data-end=\"785\">\n<p style=\"text-align: justify;\" data-start=\"744\" data-end=\"785\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Implantar <strong data-start=\"10\" data-end=\"64\">camadas independentes de seguran\u00e7a (AI guardrails)<\/strong> para validar prompts e bloquear a\u00e7\u00f5es fora de protocolo.<\/span><\/p>\n<\/li>\n<li data-start=\"786\" data-end=\"830\">\n<p data-start=\"789\" data-end=\"830\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Realizar testes de prompt injection, backdoor scanning e valida\u00e7\u00e3o de alignment ap\u00f3s fine-tuning.<\/span><\/p>\n<\/li>\n<li data-start=\"831\" data-end=\"875\">\n<p style=\"text-align: justify;\" data-start=\"834\" data-end=\"875\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Operar modelos locais (on\u2011premise), sem depend\u00eancia de APIs externas, mantendo controle completo sobre dados e comportamento.<\/span><\/p>\n<\/li>\n<li data-start=\"876\" data-end=\"918\">\n<p style=\"text-align: justify;\" data-start=\"879\" data-end=\"918\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Educar equipes sobre riscos de modelos \u201cjailbreaks\u201d e uso indevido de LLMs piratas ou mal configurados.<\/span><\/p>\n<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p data-start=\"925\" data-end=\"938\"><strong data-start=\"925\" data-end=\"938\">Conclus\u00e3o<\/strong><\/p>\n<p style=\"text-align: justify;\" data-start=\"940\" data-end=\"979\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">A vulnerabilidade de LLMs corporativos exposta pela Cisco evidencia que modelos de IA sofisticados, ao serem ajustados para ambientes espec\u00edficos, ampliam a superf\u00edcie de ataque e podem se tornar vetores diretos de explora\u00e7\u00e3o. A cooptar intelig\u00eancia artificial para fins criminosos, atores maliciosos elevam os danos digitais a novos patamares.<\/span><\/p>\n<p style=\"text-align: justify;\" data-start=\"981\" data-end=\"1020\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Para organiza\u00e7\u00f5es que dependem de IA, a estrat\u00e9gia de defesa n\u00e3o pode ser meramente funcional \u2014 \u00e9 preciso construir modelos com <strong data-start=\"128\" data-end=\"152\">seguran\u00e7a intr\u00ednseca<\/strong>, limitar sua exposi\u00e7\u00e3o, validar outputs constantemente, e operar com governan\u00e7a robusta. S\u00f3 assim a tecnologia poderosa da IA deixar\u00e1 de ser amea\u00e7a e se tornar\u00e1 aliada verdadeira na defesa cibern\u00e9tica.<\/span><\/p>\n<p data-start=\"981\" data-end=\"1020\">\u00a0<\/p>\n<p data-start=\"1027\" data-end=\"1042\"><strong>Refer\u00eancias Bibliogr\u00e1ficas:\u00a0<\/strong><\/p>\n<ul data-start=\"1044\" data-end=\"1211\">\n<li data-start=\"1044\" data-end=\"1128\">\n<p data-start=\"1047\" data-end=\"1128\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Cisco Talos \/ HackRead. <em data-start=\"24\" data-end=\"81\">Malicious AI Models Are Behind a New Wave of Cybercrime<\/em>. Dispon\u00edvel em: <a href=\"https:\/\/hackread.com\/malicious-ai-models-wave-of-cybercrime-cisco-talos\/\" target=\"_blank\" rel=\"noopener noreferrer\" data-start=\"98\" data-end=\"246\" data-is-last-node=\"\">https:\/\/hackread.com\/malicious-ai-models-wave-of-cybercrime-cisco-talos\/<\/a><\/span>\u00a0<\/p>\n<\/li>\n<li data-start=\"1129\" data-end=\"1211\">\n<p data-start=\"1132\" data-end=\"1211\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">VentureBeat. <em data-start=\"13\" data-end=\"69\">Cisco warns fine\u2011tuning turns LLMs into threat vectors<\/em>. Dispon\u00edvel em: <a href=\"https:\/\/venturebeat.com\/ai\/cisco-warns-fine-tuning-turns-llms-into-threat-vectorsstructure\/\" target=\"_blank\" rel=\"noopener noreferrer\" data-start=\"86\" data-end=\"272\" data-is-last-node=\"\">https:\/\/venturebeat.com\/ai\/cisco-warns-fine-tuning-turns-llms-into-threat-vectorsstructure\/<\/a><\/span><\/p>\n<\/li>\n<\/ul>\n\n\n","protected":false},"excerpt":{"rendered":"<p>Cisco alerta sobre vulnerabilidades cr\u00edticas em LLMs corporativos Um relat\u00f3rio da Cisco Talos revelou que Large Language Models (LLMs) est\u00e3o sendo armazenados e manipulados por criminosos digitais, que utilizam vers\u00f5es modificadas \u2014 como FraudGPT, DarkGPT e GhostGPT \u2014 para automatizar ataques como phishing, desenvolvimento de malware e explora\u00e7\u00e3o de vulnerabilidades em escala global. \u00a0 Modelos [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":22945,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[89,100,21,105],"tags":[],"class_list":["post-22942","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-basico","category-diversos","category-exploits","category-noticias"],"_links":{"self":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/22942","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/comments?post=22942"}],"version-history":[{"count":3,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/22942\/revisions"}],"predecessor-version":[{"id":23165,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/22942\/revisions\/23165"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media\/22945"}],"wp:attachment":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media?parent=22942"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/categories?post=22942"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/tags?post=22942"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}