Apple Intelligence Could Introduce Device Security Risks

June 14, 2024 at 03:45PM Apple’s announcement of its generative AI capabilities, called Apple Intelligence, emphasized data security and privacy. The system enables context-sensitive searches, email tone editing, and graphics creation locally on devices. While Apple detailed privacy and security measures, challenges with large language models and app interactions remain. Companies need to address potential … Read more

Mozilla Launches 0Din Gen-AI Bug Bounty Program

June 7, 2024 at 09:15AM Mozilla launches new bug bounty program called 0Day Investigative Network (0Din) focusing on large language models and deep learning technologies. The program aims to improve the security of the gen-AI ecosystem by addressing various security issues. Researchers can submit findings to ‘0din at mozilla.com’, allowing them an opportunity for contribution … Read more

Data Privacy in the Age of GenAI

May 31, 2024 at 10:07AM The American Privacy Rights Act of 2024 (APRA) is a comprehensive national legislation aiming to hold organizations accountable for privacy. It includes requirements like CEO-signed compliance certification, biennial audits, and publishing privacy policies. However, concerns remain about transparency, ethics, and the impact of GenAI models, indicating the need for further … Read more

OpenAI, Meta, TikTok Disrupt Multiple AI-Powered Disinformation Campaigns

May 31, 2024 at 04:21AM OpenAI revealed five covert influence operations from China, Iran, Israel, and Russia, utilizing AI to manipulate public discourse. These operations involved generating and posting comments, articles, and social media content across various platforms to influence audiences in different regions. Meta also disclosed details of additional influence operations targeting users in … Read more

4 Security Questions to Ask Your Enterprise Generative AI Provider

May 30, 2024 at 08:48AM GenAI is a key focus for enterprise IT strategies, with security teams working to establish best practices. They must ensure data privacy, content accuracy, responsible usage, and security-focused design and development. By addressing these four areas, security teams can understand and enhance the safety and reliability of GenAI technology. Based … Read more

OpenAI Forms Another Safety Committee After Dismantling Prior Team

May 28, 2024 at 03:08PM OpenAI forms a safety and security committee led by company directors Bret Taylor, Adam D’Angelo, Nicole Seligman, and CEO Sam Altman. The committee will make safety and security recommendations for OpenAI’s projects and operations, starting with a 90-day evaluation period. Concerns have been raised about the potential impact on societal … Read more

Looking to Leverage Generative AI? Prep for Success With These 4 Tips

May 28, 2024 at 09:31AM Generative artificial intelligence (GenAI) is being adopted by over 55% of organizations, yet concerns remain about secure implementation. A recent poll found five main concerns, and recommends steps to ensure safe implementation. These include implementing a Zero-Trust Security Model, adopting Cyber Hygiene Standards, establishing a Data Security and Protection Plan, … Read more

New Tricks in the Phishing Playbook: Cloudflare Workers, HTML Smuggling, GenAI

May 27, 2024 at 06:06AM Researchers have identified phishing campaigns abusing Cloudflare Workers to serve phishing sites targeting Microsoft, Gmail, Yahoo!, and cPanel Webmail users. The phishing method, called transparent phishing, utilizes Cloudflare Workers as a reverse proxy server. The attacks predominantly target Asia, North America, and Southern Europe, using HTML smuggling to deploy the … Read more

Beware – Your Customer Chatbot is Almost Certainly Insecure: Report

May 22, 2024 at 06:30AM Customer chatbots based on gen-AI engines are growing, easy to develop but challenging to secure. Recent incidents expose vulnerabilities, with one chatbot being manipulated into unconventional behavior. A study by Immersive Labs further reveals the susceptibility of chatbots to prompt engineering, raising concerns about the adequacy of existing guardrails and … Read more

CyberProof Announces Strategic Partnership With Google Cloud

May 9, 2024 at 04:22PM CyberProof, a UST company, has extended its partnership with Google Cloud to enhance its managed XDR services. By integrating Google Chronicle Security Operations, CyberProof offers an end-to-end solution to visualize and mitigate cyber risk for enterprises migrating to the cloud. This collaboration aims to provide intel-led cybersecurity solutions at cloud … Read more