May 27, 2024 at 12:59PM President Biden’s October executive order on AI focused on guiding federal agencies in the safe use of machine learning technologies. The order’s requirements have been well-implemented, with agencies appointing chief data officers and devising data plans. The executive order serves as guardrails for AI deployment, ensuring safe and reliable systems … Read more
May 25, 2024 at 06:18AM A critical security flaw in AI-as-a-service provider Replicate allowed unauthorized access to proprietary AI models and sensitive information due to a vulnerability in its containerization process. The flaw was responsibly disclosed and addressed, and there is no evidence of exploitation. However, it highlights the potential risks of malicious models in … Read more
April 29, 2024 at 06:26PM Google stopped 2.28 million potentially malicious Android apps from being published in its Play Store last year, citing improved security features, policy updates, and advanced machine learning. This was achieved through new requirements for developers and stricter app review processes. The tech giant also emphasized account data deletion and sensitive … Read more
April 15, 2024 at 09:39AM The text discusses the security implications of AI in software development, with a focus on GitHub Copilot. It highlights the potential vulnerabilities of AI-generated code and advises on secure coding practices, including strict input validation, managing dependencies, conducting regular security assessments, gradual adoption of AI suggestions, informed decision-making, and continuous … Read more
March 18, 2024 at 06:15PM Machine-learning model platforms, such as Hugging Face, are vulnerable to attacks similar to those experienced by npm, PyPI, and other open source repositories. These attacks have been successfully executed by threat actors for years. It seems from the meeting notes that the discussion highlighted the susceptibility of machine-learning model platforms … Read more
March 17, 2024 at 07:08AM AI developers and data scientists are urged to be mindful of security and supply-chain attacks amidst the relentless progress in AI technology. With a growing threat of malware in models and libraries, cybersecurity and AI startups are emerging to address the vulnerability. Ensuring supply-chain security in the AI community is … Read more
March 14, 2024 at 02:06PM Google has upgraded Safe Browsing in Chrome for desktop, iOS, and soon Android, providing real-time protection against risky websites without sharing browsing history with Google. The enhanced service uses real-time URL lookups and machine learning, while the Standard version now supports privacy-preserving real-time data lookup. It employs a technical enhancement … Read more
March 5, 2024 at 11:06AM Dtex Systems, a California-based company, has secured $50 million in late-stage funding, with a total of $138 million raised. The funding aims to accelerate the application of large language models and behavioral science research to disrupt the insider risk management market. Dtex utilizes machine learning and network monitoring to detect … Read more
February 21, 2024 at 01:40AM Large language models (LLMs) show potential in speeding up software development by detecting and addressing common bugs. Google’s Gemini LLM can fix 15% of bugs found using dynamic application security testing (DAST), helping prioritize vulnerabilities often overlooked by developers. AI-powered bug-fixing systems are crucial as machine learning models produce more … Read more
February 19, 2024 at 07:27AM Network Detection and Response (NDR) has become the most effective technology for detecting cyber threats, offering adaptive cybersecurity with reduced false alerts and efficient threat response. NDR uses risk-based alerting to prioritize alerts based on potential risk, enabling more efficient resource allocation, prompt response to high-risk alerts, and better decision-making. … Read more