Cyber Security Informer

Episode 256: Recursive Pollution? Data Feudalism? Gary McGraw On LLM Insecurity

The Security Ledger

FEBRUARY 21, 2024

Paul speaks with Gary McGraw of the Berryville Institute of Machine Learning (BIML), about the risks facing large language model machine learning and artificial intelligence, and how organizations looking to leverage artificial intelligence and LLMs can insulate themselves from those risks. Read the whole entry. »

Artificial Intelligence

Artificial Intelligence Risk Architecture Technology

Unveiling The Applications and Distinctions of Machine Learning and Artificial Intelligence in Cybersecurity

Security Boulevard

MARCH 12, 2024

The terms "machine learning" and "artificial intelligence" are frequently used in cybersecurity, often interchangeably, leading to confusion about their precise meanings and applications. And how do these technologies converge to bolster cyber resilience? What are the disparities between them?

Artificial Intelligence

Artificial Intelligence Cybersecurity Technology

RSAC Fireside Chat: Extending ‘shift left’ to achieve SSCS — ‘software supply chain security’

The Last Watchdog

APRIL 18, 2023

One of the nascent security disciplines already getting a lot of buzz as RSA Conference 2023 gets ready to open next week at San Francisco’s Moscone Center is “software supply chain security,” or SSCS. True software supply chain security is about looking at the application in a holistic way just prior to deployment,” Rose observes.

Software

Software CISO Internet Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Tackling Cyber Threats: Is AI Cybersecurity Our Only Hope?

Jane Frankland

MAY 8, 2024

On the other hand, it’s been portrayed as a potential threat to our privacy, security, creativity and even mankind’s existence. So where does AI stand in the realm of cybersecurity, and how can we leverage it for protection rather than harm? Is it our only hope for survival?These

Cyber threats

Cyber threats Cybersecurity Artificial Intelligence CISO

GUEST ESSAY: A primer on why AI could be your company’s cybersecurity secret weapon in 2022

The Last Watchdog

JANUARY 24, 2022

Related: Deploying human security sensors. Using supervised learning, this finds relationships between input and output variables; for example a person’s weight based on known height. DTs are applicable to regression and classification problems. Support Vector Machines (SVM): SVMs are excellent for limited data analysis.

Cybersecurity

Cybersecurity Artificial Intelligence Marketing

Black Hat Fireside Chat: Easy come, easy go access strengthens ‘Identity Threat Detection & Response’

The Last Watchdog

AUGUST 4, 2023

How did they obtain this access? I had the chance to sit down with Trustle CEO Emiliano Berenbaum to learn just how ITDR can help companies much more efficiently manage user identities and access privileges, while also strengthening security, in an increasingly complex operating environment.

Threat Detection

Threat Detection CISO Internet Internet

How to Protect Your Machine Learning Models

Thales Cloud Protection & Licensing

FEBRUARY 14, 2024

How to Protect Your Machine Learning Models madhav Thu, 02/15/2024 - 07:20 Contributors: Dr. Werner Dondl and Michael Zunke Introduction In computer technology, few fields have garnered as much attention as artificial intelligence ( AI) and machine learning (ML).

Encryption

Encryption Engineering Software Mobile

Machine Learning is a Must for API Security

IT Security Guru

SEPTEMBER 13, 2023

Modern digital transformations have been fuelled by APIs, altering how many businesses and organizations run. Companies are forced to respond to an increase in API threats, but they quickly learn that traditional, static methods of API security are ineffective. In addition, the average cost of a data breach is $4.45

Digital transformation

Digital transformation Data breaches Artificial Intelligence Firewall

How to protect your machinelearning Models

Security Boulevard

FEBRUARY 20, 2024

How to protect your machinelearning Models richard-r.stew… Tue, 02/20/2024 - 21:50 Dr. Werner Dondl and Michael Zunke In computer technology, few fields have garnered as much attention as artificial intelligence ( [KD1] [RJ2] AI) and machine learning (ML).

Encryption

Encryption Engineering Software Mobile

Ask These 5 AI Cybersecurity Questions for a More Secure Approach to Adversarial Machine Learning

NetSpi Executives

FEBRUARY 21, 2024

Artificial Intelligence (AI) and Machine Learning (ML) present limitless possibilities for enhancing business processes, but they also expand the potential for malicious actors to exploit security risks. Like many technologies that came before it, AI is advancing faster than security standards can keep up with.

Artificial Intelligence

Artificial Intelligence Cybersecurity Penetration Testing Architecture

How to protect your machinelearning Models

Thales Cloud Protection & Licensing

FEBRUARY 20, 2024

How to protect your machinelearning Models richard-r.stew… Tue, 02/20/2024 - 21:50 Dr. Werner Dondl and Michael Zunke In computer technology, few fields have garnered as much attention as artificial intelligence ( [KD1] [RJ2] AI) and machine learning (ML).

Encryption

Encryption Engineering Software Mobile

How to protect your machinelearning Models

Thales Cloud Protection & Licensing

FEBRUARY 20, 2024

How to protect your machinelearning Models richard-r.stew… Tue, 02/20/2024 - 21:50 Dr. Werner Dondl and Michael Zunke In computer technology, few fields have garnered as much attention as artificial intelligence ( [KD1] [RJ2] AI) and machine learning (ML).

Encryption

Encryption Engineering Software Mobile

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

The Last Watchdog

OCTOBER 5, 2023

Acohido to share his ideas about the current cyber threat landscape, the biggest threats for businesses today, the role of AI and machine learning in cyberattacks and cyberdefence, and the most effective methods for companies to protect themselves. Byron is the founder and editor-in-chief of The Last Watchdog on Privacy & Security.

Cyber threats

Cyber threats Cyber Insurance Cybersecurity Threat Detection

Adversarial Machine Learning and the CFAA

Schneier on Security

JULY 23, 2020

I just co-authored a paper on the legal risks of doing machine learning research, given the current state of the Computer Fraud and Abuse Act: Abstract: Adversarial Machine Learning is booming with ML researchers increasingly targeting commercial ML systems such as those used in Facebook, Tesla, Microsoft, IBM, Google to demonstrate vulnerabilities.

Risk

Risk Hacking

GUEST ESSAY: The many benefits of infusing application security during software ‘runtime’

The Last Watchdog

JUNE 27, 2022

Vulnerabilities in web applications are the leading cause of high-profile breaches. Log4j, a widely publicized zero day vulnerability, was first identified in late 2021, yet security teams are still racing to patch and protect their enterprise apps and services. How ‘runtime’ works. Related: Log4J’s big lesson.

Software

Software Technology Engineering Education

What is real-time protection and why do you need it?

Malwarebytes

MAY 20, 2024

Malwarebytes’ free version tackles and reactively resolves threats already on your system, but the real-time protection you get with Malwarebytes Premium Security goes one step further and actively monitors your computer’s files, processes, and system memory in real time to block threats before they have a chance to do any damage.

Cyber threats

Cyber threats Spyware Malware Cybersecurity

Help Your Security Team Sleep Better at Night by Reducing False Positives

CyberSecurity Insiders

APRIL 9, 2021

As we deploy more and more Web applications, we run the risk of overwhelming our security teams if we don’t give them the tools they need. Specifically, if your applications sit behind legacy web application firewall (WAF) technologies, the demands on your security team can quickly become unmanageable. The result?

B2B

B2B Mobile Internet Internet

How AI is Advancing Cybersecurity

eSecurity Planet

JUNE 18, 2021

There’s a never ending cycle between the measures cybersecurity providers introduce to prevent or remediate cyber threats and the tactics cyber criminals use to get around these security measures. As soon as a security company develops a way to mitigate the latest threat, attackers develop a new threat to take its place.

Artificial Intelligence

Artificial Intelligence Cybersecurity Engineering Risk

5 Best Bot Protection Solutions and Software for 2023

eSecurity Planet

APRIL 14, 2023

The main purpose of bot protection is to ensure the security and integrity of online systems as well as to prevent unfair or harmful activities such as spamming, click fraud, scraping, and credential stuffing. The company offers real-time detection and mitigation of bots using behavioral analysis and machine learning algorithms.

Software

Software DDOS Accountability Firewall

Enabling GenAI with AI-infused API Security

Security Boulevard

MAY 7, 2024

GenAI has the promise to transform companies, and introduce a lot of security risk. APIs essentially power modern applications. But how do you develop modern apps in modern times? But how do you develop modern apps in modern times? It is a nightmare for security teams. At the core of this modernization are APIs.

Surveillance

Surveillance Government Healthcare Threat Detection

The AI Attack Surface Map v1.0

Daniel Miessler

MAY 15, 2023

Introduction Purpose Components Attacks Discussion Summary Introduction This resource is a first thrust at a framework for thinking about how to attack AI systems. There has been, of course, much content on attacking pre-ChatGPT AI systems, namely how to attack machine learning implementations. So things are very early.

Technology

Technology Internet Internet Mobile

MY TAKE: What if Big Data and AI could be intensively focused on health and wellbeing?

The Last Watchdog

JANUARY 11, 2022

The blue-sky mission is to bring modern data mining and machine learning technologies to bear delivering personalized services that ameliorate not just physical ailments, but also mental and even emotional ones. I had a lively discussion with Craig Hinkley, CEO of NTT Application Security , about the thinking behind this crusade.

Big data

Big data Healthcare Technology Government

Duo vs. Fraudulent Device Registration

Duo's Security Blog

APRIL 8, 2024

It is a well-known and established point that a password alone is not enough to secure an account. Typically, a user confirms their identity using an application on their phone and accepts a push notification. That’s where multi-factor authentication (MFA) comes in.

Authentication

Authentication Accountability Risk Phishing

Neural Fuzzing: A Faster Way to Test Software Security

eSecurity Planet

AUGUST 25, 2021

Software vulnerabilities are a grave threat to the security of computer systems. In order to find these weaknesses, software security testers and developers often have to manually test the entire codebase and determine if any vulnerabilities exist. This is to see how it responds and then identify potential bugs.

Software

Software Artificial Intelligence Network Security Risk

Episode 245: How AI is remaking knowledge-based authentication

The Security Ledger

NOVEMBER 1, 2022

We talk with Matt Salisbury of Honeybadger HQ, which is using AI and machine learning to re-imagine knowledge-based authentication. The post Episode 245: How AI is remaking knowledge-based authentication appeared first on The Security. Read the whole entry. » » Click the icon below to listen. Passwordless?

Authentication

Authentication Passwords Technology Accountability

How to Remove Malware: Removal Steps for Windows & Mac

eSecurity Planet

OCTOBER 26, 2023

If you discover that you are unable to access these critical functions, this might be an indication of a malware infestation preventing you from making any changes to regain control of your machine. We’ll go over malware removal tools and steps, and offer some tips to keep your devices from getting reinfected.

Malware

Malware Antivirus Adware Software

PRODUCT REVIEW: FortiWeb Cloud WAF-as-a-Service

CyberSecurity Insiders

MAY 13, 2021

Today, we are reviewing FortiWeb Cloud WAF-as-a-Service by Fortinet, a Web Application Firewall solution to protect organizations against a broad range of attacks. How does the solution address the security problem it solves? The FortiWeb Cloud dashboard provides an overview of the current threats to your application.

DDOS

DDOS DNS Firewall Engineering

API Security in 2024: Imperva Report Uncovers Rising Threats and the Urgent Need for Action

Thales Cloud Protection & Licensing

MARCH 6, 2024

API Security in 2024: Imperva Report Uncovers Rising Threats and the Urgent Need for Action madhav Thu, 03/07/2024 - 04:56 APIs (Application Programming Interfaces) are the backbone of modern digital innovation. They drive seamless connectivity, enable rapid development, and power countless business-critical applications.

Risk

Risk Financial Services Authentication DDOS

Mockingjay Attack Evades EDR Tools with Code Injection Technique

eSecurity Planet

JUNE 30, 2023

Security researchers have identified a new sophisticated hacking technique, dubbed “Mockingjay,” that can bypass enterprise detection and response (EDR) tools by injecting malicious code into trusted memory space. The attack technique — identified by researchers at Security Joes — is a challenge to EDR vendors and security teams alike.

Technology

Technology Software Hacking Cybersecurity

Don’t Drown your Security Team in Low-Value WAF Alerts

CyberSecurity Insiders

APRIL 6, 2021

Today’s business run on applications. So, if your organization is like most, you’re deploying more business-critical Web applications than ever before. However, as you scale up your use of web applications, you should take the time to reassess your approach to protecting those applications. You need something better.

B2B

B2B Mobile Internet Internet

What is AI Governance? Principles, Types, and Benefits Explained

Centraleyes

MAY 14, 2024

It defines the principles, norms, and standards driving AI research, development, and application while safeguarding safety, fairness, and human rights. AI is susceptible to human biases and flaws since it is built from human-created, extremely sophisticated code and machine learning. Who Holds the Moral Compass of AI?

Government

Government Artificial Intelligence Risk Accountability

Improving Text Classification Resilience and Efficiency with RETVec

Google Security

NOVEMBER 29, 2023

These types of texts are harder for machine learning models to classify because bad actors rely on adversarial text manipulations to actively attempt to evade the classifiers. Today, we’re sharing how RETVec has been used to help protect Gmail inboxes. Today, we’re sharing how RETVec has been used to help protect Gmail inboxes.

Architecture

Architecture Scams Mobile Engineering

2023 Phishing Report Reveals 47.2% Surge in Phishing Attacks Last Year

Security Boulevard

APRIL 18, 2023

Based on the analysis of 280 billion daily transactions and 8 billion daily blocked attacks, the report highlights the growing use of phishing kits and AI tools to launch highly effective campaigns that bypass traditional security models, including MFA.

Phishing

Phishing Social Engineering Education Retail

How to Achieve Fast and Secure Continuous Delivery of Cloud-Native Applications

Security Boulevard

JULY 5, 2022

How to Achieve Fast and Secure Continuous Delivery of Cloud-Native Applications. Security is a Key Challenge of Continuous Delivery at Scale. Security and visibility. brooke.crothers. Tue, 07/05/2022 - 16:11. What is Continuous Delivery?

Software

Software Marketing Risk Architecture

Vulnerability Recap 4/29/24 – Cisco, Microsoft, Palo Alto & More

eSecurity Planet

APRIL 29, 2024

The problem: Microsoft Threat Intelligence published a report on how a Russian threat group, known as APT28 or Forest Blizzard, used customized malware to exploit the CVE-2022-38028 vulnerability in the Windows Print Spooler to gain elevated permissions. Consider reading more about forensic tools and processes to investigate attacks.

Firewall

Firewall Software Ransomware Penetration Testing

Italian agency warns ransomware targets known VMware vulnerability

CyberSecurity Insiders

MARCH 20, 2023

The ACN urges VMware users to ensure their systems are backed up and updated with the most recent security patches available. With ransomware on the rise, it’s crucial that businesses take the necessary steps to protect their data and applications. But how were they able to work so fast? But it doesn’t stop there.

Ransomware

Ransomware Software Internet Internet

API Security Takes Center Stage: Key Insights from RSA 2023

CyberSecurity Insiders

MAY 1, 2023

The RSA Conference 2023 witnessed a surge of interest in API security, with experts and industry leaders focusing on the increasing need to secure APIs and address vulnerabilities. Several vendors showcased their API security solutions at the conference. Another participant, Noname Security, introduced version 3.0

Threat Detection

Threat Detection Artificial Intelligence CISO Cyber threats

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

eSecurity Planet

APRIL 15, 2024

Typically, these vulnerabilities result in remote code execution or denial-of-service attacks, posing major dangers to users’ data security. In addition to securing internal assets, you also need to ensure SaaS data is protected. Check out our article on SaaS security checklist and learn how to create one.

Firewall

Firewall VPN Software Risk

Ask These 5 AI Cybersecurity Questions for a More Secure Approach to Adversarial Machine Learning

NetSpi Executives

FEBRUARY 21, 2024

Artificial Intelligence (AI) and Machine Learning (ML) present limitless possibilities for enhancing business processes, but they also expand the potential for malicious actors to exploit security risks. Like many technologies that came before it, AI is advancing faster than security standards can keep up with.

Penetration Testing

Penetration Testing Artificial Intelligence Cybersecurity Architecture

From Scanners to Strategies: How Attack Surface Management Enhances Vulnerability Scanning

NetSpi Executives

MARCH 19, 2024

Pairing vulnerability scanners with attack surface management (ASM) gives security teams high-fidelity analysis and prioritization of assets and exposures, while limiting noise and false positives commonly associated with technology-only platforms. How do we go about enriching asset discovery? That’s where NetSPI ASM comes in.

Penetration Testing

Penetration Testing DNS Technology Internet

Announcing General Availability of Server Message Block Protocol Support for Duo Network Gateway

Duo's Security Blog

JANUARY 11, 2023

For those unfamiliar with DNG , it is a remote access proxy security solution that enables organizations to provide zero-trust remote access to a broad variety of applications hosted on premises. It also eliminates the need for full VPN and avoids exposing those applications directly to the internet. Why do I need DNG?

VPN

VPN Firewall Authentication Internet

The Benefits of Employing AI in GRC

Centraleyes

JANUARY 1, 2024

The application of Artificial Intelligence in GRC integration and cybersecurity holds immense promise. To further explore the advantages of AI and GRC evolution, let’s delve into how AI is revolutionizing this industry. Here’s how AI plays a pivotal role: 1.

Artificial Intelligence

Artificial Intelligence Risk Government Technology

Think Outside the Prompt: Creative Approaches to Attacking AI

NetSpi Technical

JUNE 8, 2023

The practitioners of machine learning were recently reminded that we are not isolated from security threats. According to its website, PyTorch is “an open source machine learning framework that accelerates the path from research prototyping to production deployment.” So, how can one hack an artificial intelligence?

Artificial Intelligence

Artificial Intelligence Engineering Encryption Software

Episode 180: Gary McGraw on Machine Learning Security Risks

The Security Ledger

MARCH 31, 2020

In this episode of the podcast (#180), Gary McGraw of the Berryville Institute of Machine Learning joins us to talk about the top security threats facing machine learning systems. The post Episode 180: Gary McGraw on Machine Learning Security Risks appeared first on The Security Ledger.

Risk

Risk Digital transformation Technology Architecture

Episode 256: Recursive Pollution? Data Feudalism? Gary McGraw On LLM Insecurity

Unveiling The Applications and Distinctions of Machine Learning and Artificial Intelligence in Cybersecurity

Webinars

Trending Sources

RSAC Fireside Chat: Extending ‘shift left’ to achieve SSCS — ‘software supply chain security’

Webinars

Tackling Cyber Threats: Is AI Cybersecurity Our Only Hope?

GUEST ESSAY: A primer on why AI could be your company’s cybersecurity secret weapon in 2022

Black Hat Fireside Chat: Easy come, easy go access strengthens ‘Identity Threat Detection & Response’

How to Protect Your Machine Learning Models

Machine Learning is a Must for API Security

How to protect your machinelearning Models

Ask These 5 AI Cybersecurity Questions for a More Secure Approach to Adversarial Machine Learning

How to protect your machinelearning Models

How to protect your machinelearning Models

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

Adversarial Machine Learning and the CFAA

GUEST ESSAY: The many benefits of infusing application security during software ‘runtime’

What is real-time protection and why do you need it?

Help Your Security Team Sleep Better at Night by Reducing False Positives

How AI is Advancing Cybersecurity

5 Best Bot Protection Solutions and Software for 2023

Enabling GenAI with AI-infused API Security

The AI Attack Surface Map v1.0

MY TAKE: What if Big Data and AI could be intensively focused on health and wellbeing?

Duo vs. Fraudulent Device Registration

Neural Fuzzing: A Faster Way to Test Software Security

Episode 245: How AI is remaking knowledge-based authentication

How to Remove Malware: Removal Steps for Windows & Mac

PRODUCT REVIEW: FortiWeb Cloud WAF-as-a-Service

API Security in 2024: Imperva Report Uncovers Rising Threats and the Urgent Need for Action

Mockingjay Attack Evades EDR Tools with Code Injection Technique

Don’t Drown your Security Team in Low-Value WAF Alerts

What is AI Governance? Principles, Types, and Benefits Explained

Improving Text Classification Resilience and Efficiency with RETVec

2023 Phishing Report Reveals 47.2% Surge in Phishing Attacks Last Year

How to Achieve Fast and Secure Continuous Delivery of Cloud-Native Applications

Vulnerability Recap 4/29/24 – Cisco, Microsoft, Palo Alto & More

Italian agency warns ransomware targets known VMware vulnerability

API Security Takes Center Stage: Key Insights from RSA 2023

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

Ask These 5 AI Cybersecurity Questions for a More Secure Approach to Adversarial Machine Learning

From Scanners to Strategies: How Attack Surface Management Enhances Vulnerability Scanning

Announcing General Availability of Server Message Block Protocol Support for Duo Network Gateway

The Benefits of Employing AI in GRC

Think Outside the Prompt: Creative Approaches to Attacking AI

Episode 180: Gary McGraw on Machine Learning Security Risks

Stay Connected