DNSFilter Welcomes Cisco Veteran TK Keanini As CTO

June 11, 2024 at 05:39PM DNSFilter announced the appointment of TK Keanini as Chief Technology Officer (CTO). Keanini, with over 30 years of network security experience, will lead product management, customer experience, engineering, and security intelligence. His focus is on customer needs and feedback to drive ongoing innovation and growth. DNSFilter aims to enhance security … Read more

AI Company Hugging Face Notifies Users of Suspected Unauthorized Access

June 1, 2024 at 03:48AM AI company Hugging Face detected unauthorized access to its Spaces platform, affecting users creating, hosting, and sharing AI and machine learning apps. The company is revoking tokens and investigating the breach’s impact on users. The incident underscores the increased risk to AIaaS providers, with previous security flaws exposing potential supply … Read more

How’s Uncle Sam getting on with Biden’s AI exec order? Pretty good, we’re told

May 27, 2024 at 12:59PM President Biden’s October executive order on AI focused on guiding federal agencies in the safe use of machine learning technologies. The order’s requirements have been well-implemented, with agencies appointing chief data officers and devising data plans. The executive order serves as guardrails for AI deployment, ensuring safe and reliable systems … Read more

Experts Find Flaw in Replicate AI Service Exposing Customers’ Models and Data

May 25, 2024 at 06:18AM A critical security flaw in AI-as-a-service provider Replicate allowed unauthorized access to proprietary AI models and sensitive information due to a vulnerability in its containerization process. The flaw was responsibly disclosed and addressed, and there is no evidence of exploitation. However, it highlights the potential risks of malicious models in … Read more

Google blocked 2.3M apps from Play Store last year for breaking the G law

April 29, 2024 at 06:26PM Google stopped 2.28 million potentially malicious Android apps from being published in its Play Store last year, citing improved security features, policy updates, and advanced machine learning. This was achieved through new requirements for developers and stricter app review processes. The tech giant also emphasized account data deletion and sensitive … Read more

AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead

April 15, 2024 at 09:39AM The text discusses the security implications of AI in software development, with a focus on GitHub Copilot. It highlights the potential vulnerabilities of AI-generated code and advises on secure coding practices, including strict input validation, managing dependencies, conducting regular security assessments, gradual adoption of AI suggestions, informed decision-making, and continuous … Read more

ML Model Repositories: The Next Big Supply Chain Attack Target

March 18, 2024 at 06:15PM Machine-learning model platforms, such as Hugging Face, are vulnerable to attacks similar to those experienced by npm, PyPI, and other open source repositories. These attacks have been successfully executed by threat actors for years. It seems from the meeting notes that the discussion highlighted the susceptibility of machine-learning model platforms … Read more

In the rush to build AI apps, please, please don’t leave security behind

March 17, 2024 at 07:08AM AI developers and data scientists are urged to be mindful of security and supply-chain attacks amidst the relentless progress in AI technology. With a growing threat of malware in models and libraries, cybersecurity and AI startups are emerging to address the vulnerability. Ensuring supply-chain security in the AI community is … Read more

Google gooses Safe Browsing with real-time protection that doesn’t leak to ad giant

March 14, 2024 at 02:06PM Google has upgraded Safe Browsing in Chrome for desktop, iOS, and soon Android, providing real-time protection against risky websites without sharing browsing history with Google. The enhanced service uses real-time URL lookups and machine learning, while the Standard version now supports privacy-preserving real-time data lookup. It employs a technical enhancement … Read more

Dtex Systems Snags $50M from Alphabet’s CapitalG

March 5, 2024 at 11:06AM Dtex Systems, a California-based company, has secured $50 million in late-stage funding, with a total of $138 million raised. The funding aims to accelerate the application of large language models and behavioral science research to disrupt the insider risk management market. Dtex utilizes machine learning and network monitoring to detect … Read more