October 16, 2024 at 09:04AM DeRisk is an AI and ML-based analytics platform designed to address cyber risks in operational technology for critical industries. The firm DeNexus, which specializes in operational technology risk management, has raised $17.5 million to enhance its offerings. **Meeting Takeaways:** 1. **Company Overview**: DeRisk is an AI and ML-driven data analytics … Read more
June 3, 2024 at 04:07AM Hugging Face, an AI tool development company, reported unauthorized access to its Spaces platform, potentially exposing a subset of Spaces’ secrets. The company has revoked compromised tokens, advised users to refresh keys and switch to fine-grained access tokens, and engaged external forensics experts. It has also made significant security improvements … Read more
May 7, 2024 at 08:42AM The 2024 RSA Conference in San Francisco featured numerous technology announcements. Arctic Wolf introduced a risk assessment tool and integration with SSE solutions. ArmorCode launched an AI Correlation feature. Cisco announced Splunk integrations. Checkmarx unveiled an AI security offering. Various companies released new products and services, enhancing AI and security … Read more
March 12, 2024 at 11:32PM Summary: HUD encountered operational challenges during the US Government shutdown leading to the deployment of Robotic Process Automation (RPA) and Artificial Intelligence/Machine Learning (AI/ML). RPA was used to automate monitoring of housing contracts, addressing fragilities in HUD’s legacy systems. AI/ML and big data analysis were employed to understand federal regulation … Read more
February 16, 2024 at 08:09AM Cybersecurity startup Protect AI disclosed eight vulnerabilities in the open source supply chain used for in-house AI/ML models, including critical and high-severity ones with CVE numbers. Protect AI emphasized the need for an AI/ML BOM to address unique AI risks. Their vulnerability detection methods include a bug bounty program and … Read more
January 26, 2024 at 09:08AM CISO Corner is a weekly digest of articles tailored to security operations readers and leaders, providing a diverse set of perspectives on operationalizing cybersecurity strategies. This issue covers topics including the struggle for C-suite status, rising cyber-insurance premiums, missing cybersecurity measures, budget constraints, securing AI/ML tools, top priorities for CISOs … Read more
January 19, 2024 at 12:24PM Members of the Huntr bug bounty platform discovered critical vulnerabilities in MLflow and Hugging Face. The vulnerabilities in MLflow, with a CVSS score of 10, enabled attackers to delete files, access sensitive information, or execute remote code. Hugging Face also had a flaw allowing the injection of malicious code. ClearML … Read more
December 29, 2023 at 07:04AM The UAE faces relentless cyberattacks due to its aggressive push for a digitized economy. To counter this, it has strengthened its digital borders, forming cybersecurity partnerships with the US, Morocco, and Chad. With a focus on AI, the UAE is also addressing the need for skilled professionals and the potential … Read more
December 11, 2023 at 10:02AM C-suite leaders are keen on leveraging generative AI for competitive advantage and automation, despite security concerns. While generative AI has positive applications in conversational interfaces and solving complex problems, it also poses security risks, as attackers use it to enhance their capabilities. Organizations must responsibly implement and manage AI to … Read more