May 30, 2024 at 08:48AM GenAI is a key focus for enterprise IT strategies, with security teams working to establish best practices. They must ensure data privacy, content accuracy, responsible usage, and security-focused design and development. By addressing these four areas, security teams can understand and enhance the safety and reliability of GenAI technology. Based … Read more
May 28, 2024 at 03:08PM OpenAI forms a safety and security committee led by company directors Bret Taylor, Adam D’Angelo, Nicole Seligman, and CEO Sam Altman. The committee will make safety and security recommendations for OpenAI’s projects and operations, starting with a 90-day evaluation period. Concerns have been raised about the potential impact on societal … Read more
May 28, 2024 at 09:31AM Generative artificial intelligence (GenAI) is being adopted by over 55% of organizations, yet concerns remain about secure implementation. A recent poll found five main concerns, and recommends steps to ensure safe implementation. These include implementing a Zero-Trust Security Model, adopting Cyber Hygiene Standards, establishing a Data Security and Protection Plan, … Read more
May 27, 2024 at 06:06AM Researchers have identified phishing campaigns abusing Cloudflare Workers to serve phishing sites targeting Microsoft, Gmail, Yahoo!, and cPanel Webmail users. The phishing method, called transparent phishing, utilizes Cloudflare Workers as a reverse proxy server. The attacks predominantly target Asia, North America, and Southern Europe, using HTML smuggling to deploy the … Read more
May 22, 2024 at 06:30AM Customer chatbots based on gen-AI engines are growing, easy to develop but challenging to secure. Recent incidents expose vulnerabilities, with one chatbot being manipulated into unconventional behavior. A study by Immersive Labs further reveals the susceptibility of chatbots to prompt engineering, raising concerns about the adequacy of existing guardrails and … Read more
May 9, 2024 at 04:22PM CyberProof, a UST company, has extended its partnership with Google Cloud to enhance its managed XDR services. By integrating Google Chronicle Security Operations, CyberProof offers an end-to-end solution to visualize and mitigate cyber risk for enterprises migrating to the cloud. This collaboration aims to provide intel-led cybersecurity solutions at cloud … Read more
May 2, 2024 at 11:27AM Israeli AI security startup Apex emerged from stealth mode with $7 million in seed funding. The funding round was led by Sequoia Capital and Index Ventures, with participation from angel investors, including Sam Altman. Founded in 2023, Apex aims to address security issues introduced by the increasing use of generative-AI … Read more
April 29, 2024 at 10:07AM GenAI is transforming work processes, but its implementation poses risks including data security and misuse. Red teaming, especially for GenAI, requires considering responsible AI risks and dealing with probabilistic outputs. Microsoft employs an open automation framework, PyRIT, to red team its GenAI systems, ensuring proactive security and responsible innovation. The … Read more
April 23, 2024 at 10:05AM The OWASP released its top 10 list for large language model (LLM) applications, addressing security threats. This framework educates and aligns the industry on potential risks, emphasizing the need for effective authentication and authorization of LLM technologies. The list highlights the importance of preventing misuse and compromise, urging security leaders … Read more
April 19, 2024 at 10:05AM Foreign adversaries have a history of disrupting US elections through tactics like espionage and “hack and leak” campaigns. Generative AI (GenAI) is now a concern for election security, as it can facilitate misinformation and disinformation. The 2024 election faces potential threats from nation-state adversaries and sophisticated cyber-threat actors, and combating … Read more