February 16, 2024 at 09:19PM Google has open sourced Magika, a machine-learning-powered file identifier, as part of its AI Cyber Defense Initiative. It aims to provide better automated tools for IT network defenders. Magika uses a trained model to rapidly identify file types from file data, enhancing security. Google also plans to partner with startups … Read more
January 25, 2024 at 11:48AM The growing use of open source software expands into the AI market. Venafi offers Stop Unauthorized Code Solution for traditional OSS, while Protect AI’s Guardian secures open source machine learning models. Both products aim to tackle the unique security challenges of their respective markets. They operate as crucial security measures … Read more
January 24, 2024 at 09:07AM The heart of large language models (LLMs) is a black box, leading to risks from lack of transparency in AI decision-making. A report from BIML outlines 81 risks and aims to help security practitioners understand and address these challenges. NIST also emphasizes the need for a common language to discuss … Read more
January 8, 2024 at 08:36AM NIST’s report cautions on the vulnerability of AI to adversarial machine learning attacks and emphasizes the absence of foolproof defenses. It covers attack types, including evasion, poisoning, privacy, and abuse, and urges the community to develop better safeguards. Industry experts acknowledge the report’s depth and importance in understanding and mitigating … Read more
January 8, 2024 at 04:27AM NIST highlights AI’s security and privacy challenges, including adversarial manipulation of training data, exploitation of model vulnerabilities, and exfiltration of sensitive information. Rapid integration of AI into online services exposes models to threats like corrupted training data and privacy breaches. NIST urges the tech community to develop better defenses against … Read more
December 11, 2023 at 05:20AM VictoriaMetrics, an unusual monitoring company, has yet to accept external investment and is committed to growing organically. Co-founder Roman Khavronenko emphasizes the negative impact of investor pressure on startups. The company prioritizes open source offerings, embracing the Apache 2 license and providing enterprise tools under a free trial. Khavronenko also … Read more
December 6, 2023 at 01:12PM In 2023, the Bank of England plans to review the potential risks artificial intelligence and machine learning may present to the financial stability of the UK. Meeting Takeaways: 1. The Bank of England has scheduled an assessment for next year. 2. The focus of the assessment will be on the … Read more
December 5, 2023 at 10:09AM Advocates see generative AI as a tool for cybersecurity, aiding in automation and strategic tasks, while skeptics fear it may increase complacency and security incidents. AI can help detect vulnerabilities but lacks context, potentially leading to false recommendations. Human oversight remains crucial, as AI-generated code can hide vulnerabilities and humans … Read more
December 4, 2023 at 09:06AM Lasso Security researchers found over 1,500 API tokens, including those of Meta and Google, exposed on Hugging Face, risking supply chain attacks and allowing access to 723 organizations. Exposed tokens with write permissions could alter files, steal private models, or poison data, affecting over a million users. All affected parties … Read more
November 30, 2023 at 10:07AM AI and ML technologies offer substantial productivity gains but carry risks like data misuse and inaccurate results. To use AI securely, companies must examine legal agreements, guard sensitive data, validate vendor security, use local open-source tools, track AI usage, and create tailored AI policies. Meeting Takeaways: 1. **AI/ML Benefits and … Read more