December 5, 2023 at 10:09AM Advocates see generative AI as a tool for cybersecurity, aiding in automation and strategic tasks, while skeptics fear it may increase complacency and security incidents. AI can help detect vulnerabilities but lacks context, potentially leading to false recommendations. Human oversight remains crucial, as AI-generated code can hide vulnerabilities and humans … Read more
December 4, 2023 at 09:06AM Lasso Security researchers found over 1,500 API tokens, including those of Meta and Google, exposed on Hugging Face, risking supply chain attacks and allowing access to 723 organizations. Exposed tokens with write permissions could alter files, steal private models, or poison data, affecting over a million users. All affected parties … Read more
November 30, 2023 at 10:07AM AI and ML technologies offer substantial productivity gains but carry risks like data misuse and inaccurate results. To use AI securely, companies must examine legal agreements, guard sensitive data, validate vendor security, use local open-source tools, track AI usage, and create tailored AI policies. Meeting Takeaways: 1. **AI/ML Benefits and … Read more
November 30, 2023 at 08:30AM Google launched RETVec, a multilingual text vectorizer to enhance Gmail’s detection of harmful content such as spam and phishing emails. RETVec counters evasion tactics like typos or homoglyphs and supports over 100 languages. It improved spam detection by 38%, reduced false positives, and cut computational costs. Here are the key … Read more
November 30, 2023 at 06:06AM Google’s new RETVec, a multilingual text vectorizer, has improved Gmail’s spam detection by 38%, reducing false positives/negatives while enhancing performance. RETVec, efficient and resilient, requires no text preprocessing, works with all languages, and is now open source with a tutorial available. Takeaways from the Meeting Notes: 1. Google has developed … Read more
November 28, 2023 at 05:08PM Researchers have discovered three unpatched vulnerabilities in Ray, an open source framework used for scaling AI and machine learning workloads. These vulnerabilities could allow attackers to gain operating system access, execute remote code, and escalate privileges. Anyscale, the company that sells a managed version of Ray, has not yet addressed … Read more
November 16, 2023 at 12:49PM Researchers have discovered critical vulnerabilities in the infrastructure used for AI models, putting companies at risk. The affected platforms include Ray, MLflow, ModelDB, and H20 version 3. These vulnerabilities could potentially give unauthorized access to AI models and the rest of the network. Protect AI disclosed the results and informed … Read more
November 10, 2023 at 11:30AM Canadian cybersecurity startup Cavelo has secured CA$5 million in seed funding, bringing its total raised to CA$6.3 million. The funding round was led by Inovia Capital, with participation from Graphite Ventures and existing investors. Cavelo’s solution leverages machine learning to continuously scan an organization’s assets, identify sensitive data, and provide … Read more
November 7, 2023 at 08:06AM The AI industry has seen a surge in investment and attention in recent months, with companies like Amazon, Microsoft, Meta, and Google leading the way. Machine learning and data science have become integral to the development of AI, and universities and corporations have invested in the necessary resources. While Gartner … Read more
October 30, 2023 at 03:08AM The Dartmouth Conference in 1955 predicted that machines could simulate aspects of intelligence through precise descriptions. AI research progressed slowly until language tools like ChatGPT emerged, presenting both risks and benefits. IT professionals are concerned about cybercriminals using these tools, but still plan to integrate AI into their security programs. … Read more