Cyber Security Informer

Smuggling Gold by Disguising it as Machine Parts

Schneier on Security

APRIL 12, 2024

It was disguised as machine parts: On March 27, customs officials x-rayed two air compressors and discovered that they contained gold that had been “concealed in the integral parts” of the compressors. Someone got caught trying to smuggle 322 pounds of gold (that’s about 1/4 of a cubic foot) out of Hong Kong.

Credible Handwriting Machine

Schneier on Security

MAY 23, 2023

In case you don’t have enough to worry about, someone has built a credible handwriting machine: This is still a work in progress, but the project seeks to solve one of the biggest problems with other homework machines, such as this one that I covered a few months ago after it blew up on social media.

Media

Media Software Artificial Intelligence

Inserting a Backdoor into a Machine-Learning System

Schneier on Security

OCTOBER 11, 2022

Interesting research: “ ImpNet: Imperceptible and blackbox-undetectable backdoors in compiled neural networks , by Tim Clifford, Ilia Shumailov, Yiren Zhao, Ross Anderson, and Robert Mullins: Abstract : Early backdoor attacks against machine learning set off an arms race in attack and defence development.

Architecture

Architecture Software

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

The Future of Machine Learning and Cybersecurity

Schneier on Security

JUNE 21, 2021

The Center for Security and Emerging Technology has a new report: “ Machine Learning and Cybersecurity: Hype and Reality.” ” Here’s the bottom line: The report offers four conclusions: Machine learning can help defenders more accurately detect and triage potential attacks.

Cybersecurity

Cybersecurity Technology

The Machine Learning Cybersecurity Revolution

Security Boulevard

NOVEMBER 24, 2023

Balancing the promise and pitfalls of machine learning cybersecurity The integration of machine learning (ML) has opened up new frontiers for defending against complex and evolving cyber threats. However, machine learning cybersecurity integration is not without its challenges.

Cybersecurity

Cybersecurity Cyber threats

Attacking the Performance of Machine Learning Systems

Schneier on Security

JUNE 16, 2022

We show how adversaries can exploit carefully-crafted sponge examples, which are inputs designed to maximise energy consumption and latency, to drive machine learning (ML) systems towards their worst-case performance. Sponge examples are, to our knowledge, the first denial-of-service attack against the ML components of such systems.

Machine-Learning Python package compromised in supply chain attack

Tech Republic Security

JANUARY 4, 2023

A nightly build version of a machine-learning framework dependency has been compromised. The post Machine-Learning Python package compromised in supply chain attack appeared first on TechRepublic. The package ran malicious code on affected systems and stole data from unsuspecting users.

Securing Virtual Machines in QEMU on Linux

Security Boulevard

MAY 8, 2024

QEMUCare enables live patching of the QEMU/KVM hypervisors, without needing to reboot them or migrate the virtual machines. QEMU, a powerful open-source tool, goes beyond simple emulation. […] The post Securing Virtual Machines in QEMU on Linux appeared first on TuxCare.

Education

Attacking Machine Learning Systems

Schneier on Security

FEBRUARY 6, 2023

The field of machine learning (ML) security—and corresponding adversarial ML—is rapidly advancing as researchers develop sophisticated techniques to perturb, disrupt, or steal the ML model or data.

Encryption

Encryption Software Hacking Social Engineering

Using Machine Learning to Guess PINs from Video

Schneier on Security

OCTOBER 19, 2021

Researchers trained a machine-learning system on videos of people typing their PINs into ATMs: By using three tries, which is typically the maximum allowed number of attempts before the card is withheld, the researchers reconstructed the correct sequence for 5-digit PINs 30% of the time, and reached 41% for 4-digit PINs.

Malicious AI models on Hugging Face backdoor users’ machines

Bleeping Computer

FEBRUARY 28, 2024

At least 100 instances of malicious AI ML models were found on the Hugging Face platform, some of which can execute code on the victim's machine, giving attackers a persistent backdoor. [.]

Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines

The Hacker News

MAY 16, 2024

The impacts enabled by these flaws are manifold: from the implant of ransomware on the ultrasound machine to the access and manipulation of

Healthcare

Healthcare Ransomware

Machine learning: A cheat sheet

Tech Republic Security

DECEMBER 10, 2020

From Apple to Google to Toyota, companies across the world are pouring resources into developing AI systems with machine learning. This comprehensive guide explains what machine learning really means.

Enigma Machine Recovered from the Baltic Sea

Schneier on Security

DECEMBER 4, 2020

Neat story : German divers searching the Baltic Sea for discarded fishing nets have stumbled upon a rare Enigma cipher machine used by the Nazi military during World War Two which they believe was thrown overboard from a scuttled submarine.

The Week in Ransomware - April 5th 2024 - Virtual Machines under Attack

Bleeping Computer

APRIL 5, 2024

Ransomware attacks targeting VMware ESXi and other virtual machine platforms are wreaking havoc among the enterprise, causing widespread disruption and loss of services. [.]

Ransomware

Entro Streamlines Machine Identity Life Cycle Management

Security Boulevard

MARCH 4, 2024

Entro has added a life cycle management capability to its namesake platform for discovering and managing machine identities. The post Entro Streamlines Machine Identity Life Cycle Management appeared first on Security Boulevard.

Risk

Risk Government Cybersecurity

Designing user management for machine-to-machine interactions

InfoWorld on Security

APRIL 20, 2023

The user might be a machine. Today, more than 90% of internet traffic is between machines. In reality, machines that consume your B2B SaaS application are also users—just a different kind of user. If a user lacks human traits and doesn’t have much of a personality, there might be a good reason for this. Let’s dive in.

B2B

B2B Internet Internet

Processing Machine Data With Machine Learning | Avast

Security Boulevard

JULY 9, 2021

One of the biggest unaddressed challenges in machine learning (ML) for security is how to process large-scale and dynamically created machine data. In security, machine data is the primary source of information about attacks and other anomalous behavior on the internet. Gardner, Avast VP Research & AI. ek, Avast CTO.

Internet

Internet Internet Artificial Intelligence

Artificial Intelligence vs Machine Learning: Understanding the Differences

CyberSecurity Insiders

MARCH 26, 2023

Artificial intelligence (AI) and machine learning (ML) are two terms that are often used interchangeably, but they are not the same. The goal of AI is to create machines that can think and act like humans. What is Machine Learning? The goal of ML is to enable machines to learn from data and improve their performance overtime.

Artificial Intelligence

Artificial Intelligence Healthcare Retail Technology

What is Machine Learning?

Security Boulevard

APRIL 18, 2022

The post What is Machine Learning? The post What is Machine Learning? This big data discipline of artificial intelligence gives systems the freedom to automatically gain information. appeared first on Gurucul. appeared first on Security Boulevard.

Artificial Intelligence

Artificial Intelligence Big data Risk

The State of Machine Identity Management: More Machines, More Certificates … More Problems?

Security Boulevard

MAY 1, 2023

The post The State of Machine Identity Management: More Machines, More Certificates … More Problems? The post The State of Machine Identity Management: More Machines, More Certificates … More Problems? appeared first on Keyfactor. appeared first on Security Boulevard.

What are Machine Credentials, And Why Are They Important to Secure in Your Organization?

Security Boulevard

MAY 14, 2024

WHAT are Machine Credentials? Machine Credentials are a collective noun for Non-human Identities that operate as digital access keys used by systems. By verifying a machine’s unique identity, machine credentials allow safe, agreed-upon interaction. appeared first on Astrix Security.

Authentication

Buying Used Voting Machines on eBay

Schneier on Security

NOVEMBER 1, 2018

This is not surprising : This year, I bought two more machines to see if security had improved. To my dismay, I discovered that the newer model machines -- those that were used in the 2016 election -- are running Windows CE and have USB ports, along with other components, that make them even easier to exploit than the older ones.

Hacking

Kasada Embraces Machine Learning to Reduce Bot Traffic

Security Boulevard

JANUARY 10, 2024

Kasada has updated its bot defense platform to add sensors and ML algorithms that detect, in real-time, machine-generated traffic. The post Kasada Embraces Machine Learning to Reduce Bot Traffic appeared first on Security Boulevard.

IoT

IoT Malware Cybersecurity Network Security

History of the HX-63 Rotor Machine

Schneier on Security

SEPTEMBER 3, 2021

Paul has written the fascinating story of the HX-63, a super-complicated electromechanical rotor cipher machine made by Crypto AG.

Encryption

Machine Learning Tackles Ransomware Attacks

Security Boulevard

JUNE 22, 2022

“Ransomware infection is just the final step; these modern attacks take some time to prepare and threat actors will try to thoroughly prepare before launching an attack,” Martin Zugec, technical solutions director at Bitdefender, The post Machine Learning Tackles Ransomware Attacks appeared first on Security Boulevard.

Ransomware

Ransomware Security Awareness Cybersecurity Network Security

Nosey Parker’s Ongoing Machine Learning Development

Security Boulevard

NOVEMBER 14, 2023

It combines regular expression-based detection with machine learning (ML) to find misplaced secrets in source code and web data. We originally wrote a blog post in March, 2022, detailing our approach to integrating machine learning into secrets detection.

BrandPost: The Future of Machine Learning in Cybersecurity

CSO Magazine

FEBRUARY 15, 2023

Machine learning (ML) is a commonly used term across nearly every sector of IT today. This article will share reasons why ML has risen to such importance in cybersecurity, share some of the challenges of this particular application of the technology and describe the future that machine learning enables.

Cybersecurity

Cybersecurity Big data IoT Internet

LayerX Platform Secures Browsers Using Machine Learning

Security Boulevard

OCTOBER 5, 2022

LayerX this week emerged from stealth to launch a modern browser extension that leverages machine learning algorithms to ensure connections made to applications are secure. The post LayerX Platform Secures Browsers Using Machine Learning appeared first on Security Boulevard.

Malware

Malware Cybersecurity Network Security

Enigma Machine for Sale

Schneier on Security

JULY 14, 2020

A four-rotor Enigma machine -- with rotors -- is up for auction.

Encryption

NETSCOUT Uses Machine Learning to Help Thwart DDoS Attacks

Security Boulevard

JULY 12, 2023

NETSCOUT Systems is is dynamically applying machine learning algorithms to combat distributed denial-of-service (DDoS) attacks. The post NETSCOUT Uses Machine Learning to Help Thwart DDoS Attacks appeared first on Security Boulevard.

DDOS

DDOS Cybersecurity Network Security

Vulnerability Finding Using Machine Learning

Schneier on Security

APRIL 20, 2020

Microsoft is training a machine-learning system to find software bugs : At Microsoft, 47,000 developers generate nearly 30 thousand bugs a month. However, large volumes of semi-curated data are perfect for machine learning. However, large volumes of semi-curated data are perfect for machine learning.

Software

Software IoT Engineering Internet

Machine Learning is a Must for API Security

IT Security Guru

SEPTEMBER 13, 2023

Machine learning (ML) and artificial intelligence (AI) become helpful allies in stopping API attacks. The depth and breadth of the dataset and the number of features utilised for detection purposes form the basis of every machine learning algorithm.

Digital transformation

Digital transformation Data breaches Artificial Intelligence Firewall

Lacework Employs Machine Learning to Consolidate Alerts

Security Boulevard

APRIL 7, 2023

Kate MacLean, senior director of product marketing for Lacework, said the updates to the company’s Polygraph Data Platform for anomaly detection uses machine learning algorithms and behavioral analytics. The post Lacework Employs Machine Learning to Consolidate Alerts appeared first on Security Boulevard.

Marketing

Marketing Cybersecurity

Adversarial Machine Learning and the CFAA

Schneier on Security

JULY 23, 2020

I just co-authored a paper on the legal risks of doing machine learning research, given the current state of the Computer Fraud and Abuse Act: Abstract: Adversarial Machine Learning is booming with ML researchers increasingly targeting commercial ML systems such as those used in Facebook, Tesla, Microsoft, IBM, Google to demonstrate vulnerabilities. (..)

Risk

Risk Hacking

NEW TECH: Silverfort helps companies carry out smarter human and machine authentications

The Last Watchdog

MAY 26, 2020

Digital commerce would fly apart if businesses could not reliably affirm the identities of all humans and all machines, that is, computing instances, that are constantly connecting to each other across the Internet. Tamir: Service accounts (machine-to-machine connections) are a big problem.

Authentication

Authentication Cloud Migration Accountability Digital transformation

Unveiling The Applications and Distinctions of Machine Learning and Artificial Intelligence in Cybersecurity

Security Boulevard

MARCH 12, 2024

The terms "machine learning" and "artificial intelligence" are frequently used in cybersecurity, often interchangeably, leading to confusion about their precise meanings and applications. What are the disparities between them? And how do these technologies converge to bolster cyber resilience?

Artificial Intelligence

Artificial Intelligence Cybersecurity Technology

JFrog, AWS team up for machine learning in the cloud

InfoWorld on Security

JANUARY 17, 2024

Software supply chain provider JFrog is integrating with the Amazon SageMaker cloud-based machine learning platform to incorporate machine learning models into the software development lifecycle. To read this article in full, please click here

Software

7 machine identity management best practices

CSO Magazine

MAY 24, 2022

Machine identities are a large, and fast-growing part of the enterprise attack surface. The number of machines—servers, devices, and services—is growing rapidly and efforts to secure them often fall short. Research firm Gartner named machine identity as one of the top cybersecurity trends of the year, in a report released last fall.

Cybersecurity

Cyber security and AI: Should machines be included in your training program?

Security Boulevard

JANUARY 26, 2024

The post Cyber security and AI: Should machines be included in your training program? The post Cyber security and AI: Should machines be included in your training program? appeared first on Click Armor. appeared first on Security Boulevard.

Artificial Intelligence

Artificial Intelligence Security Awareness CISO Risk

Threat Spotlight: AI and Machine Learning

Security Boulevard

FEBRUARY 6, 2023

Executive Summary Check out our full webinar recording, AI and Machine Learning: The Future of Cybersecurity in 2023, and/or keep reading for the highlights. AI and Cybersecurity Applications There’s a misconception that using AI means that the machine is analyzing larger quantities of data.

Cyber threats

Cyber threats Risk Cybersecurity

Daniel Stori’s ‘jr developer vs machine learning’

Security Boulevard

FEBRUARY 9, 2024

Permalink The post Daniel Stori’s ‘jr developer vs machine learning’ appeared first on Security Boulevard. via the webcomic talent of the inimitable Daniel Stori at Turnoff.US.

How to Protect Your Machine Learning Models

Thales Cloud Protection & Licensing

FEBRUARY 14, 2024

How to Protect Your Machine Learning Models madhav Thu, 02/15/2024 - 07:20 Contributors: Dr. Werner Dondl and Michael Zunke Introduction In computer technology, few fields have garnered as much attention as artificial intelligence ( AI) and machine learning (ML).

Encryption

Encryption Engineering Software Mobile

Zero Trust Is (also) About Protecting Machine Identities

Security Boulevard

SEPTEMBER 30, 2022

Zero Trust Is (also) About Protecting Machine Identities. Machine identity is key component of Zero Trust. Hence, device-to-device, API-to-API, container-to-container, or, in a word, machine-to-machine communications must be authenticated. The challenges of managing machine identities. brooke.crothers. Scale: 39%.

IoT

IoT Authentication Encryption Architecture

Smuggling Gold by Disguising it as Machine Parts

Credible Handwriting Machine

Webinars

Trending Sources

Inserting a Backdoor into a Machine-Learning System

Webinars

The Future of Machine Learning and Cybersecurity

The Machine Learning Cybersecurity Revolution

Attacking the Performance of Machine Learning Systems

Machine-Learning Python package compromised in supply chain attack

Securing Virtual Machines in QEMU on Linux

Attacking Machine Learning Systems

Using Machine Learning to Guess PINs from Video

Malicious AI models on Hugging Face backdoor users’ machines

Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines

Machine learning: A cheat sheet

Enigma Machine Recovered from the Baltic Sea

The Week in Ransomware - April 5th 2024 - Virtual Machines under Attack

Entro Streamlines Machine Identity Life Cycle Management

Designing user management for machine-to-machine interactions

Processing Machine Data With Machine Learning | Avast

Artificial Intelligence vs Machine Learning: Understanding the Differences

What is Machine Learning?

The State of Machine Identity Management: More Machines, More Certificates … More Problems?

What are Machine Credentials, And Why Are They Important to Secure in Your Organization?

Buying Used Voting Machines on eBay

Kasada Embraces Machine Learning to Reduce Bot Traffic

History of the HX-63 Rotor Machine

Machine Learning Tackles Ransomware Attacks

Nosey Parker’s Ongoing Machine Learning Development

BrandPost: The Future of Machine Learning in Cybersecurity

LayerX Platform Secures Browsers Using Machine Learning

Enigma Machine for Sale

NETSCOUT Uses Machine Learning to Help Thwart DDoS Attacks

Vulnerability Finding Using Machine Learning

Machine Learning is a Must for API Security

Lacework Employs Machine Learning to Consolidate Alerts

Adversarial Machine Learning and the CFAA

NEW TECH: Silverfort helps companies carry out smarter human and machine authentications

Unveiling The Applications and Distinctions of Machine Learning and Artificial Intelligence in Cybersecurity

JFrog, AWS team up for machine learning in the cloud

7 machine identity management best practices

Cyber security and AI: Should machines be included in your training program?

Threat Spotlight: AI and Machine Learning

Daniel Stori’s ‘jr developer vs machine learning’

How to Protect Your Machine Learning Models

Zero Trust Is (also) About Protecting Machine Identities

Stay Connected