Trustero Secures $10 Million in Funding to Grow AI-Powered Security and Compliance Platform

November 21, 2024 at 09:20PM Trustero, which exited stealth mode in March 2022, aims to reduce compliance costs and streamline GRC tasks for companies. The organization recently secured $10 million in funding to expand its AI-powered security and compliance platform, enhancing its capabilities in the industry. ### Meeting Takeaways: 1. **Company Background**: – The company … Read more

First ChatGPT Jailbreak Disclosed via Mozilla’s New AI Bug Bounty Program

October 29, 2024 at 05:12AM A new ChatGPT jailbreak has been revealed through Mozilla’s newly launched 0Din gen-AI bug bounty program, as reported by SecurityWeek. **Meeting Notes Takeaways:** 1. **New Development**: A new jailbreak for ChatGPT has been disclosed. 2. **Source**: The information was shared through Mozilla’s 0Din gen-AI bug bounty program. 3. **Publication**: The … Read more

New Scoring System Helps Secure the Open Source AI Model Supply Chain

October 24, 2024 at 06:09AM AI models from Hugging Face may harbor hidden issues similar to open-source software from platforms like GitHub. A new scoring system has been introduced to enhance the security of the open-source AI model supply chain. This aims to address potential vulnerabilities in AI models. **Meeting Takeaways:** 1. **Similarity in Issues**: … Read more

Google to let businesses create curated Chrome Web Stores for extensions

October 23, 2024 at 12:06PM Google will soon introduce an “Enterprise Web Store” for Chrome and ChromeOS, allowing organizations to curate browser extensions for improved productivity and security. The platform enables better management, standardizes tools, and offers insights into extension usage, alongside new AI features and security controls for Chrome Enterprise users. ### Meeting Takeaways: … Read more

Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws

October 8, 2024 at 02:18PM The text lists numerous CVE IDs and their associated vulnerabilities, including remote code execution, denial of service, elevation of privilege, and information disclosure. These vulnerabilities impact various Microsoft products such as .NET, Visual Studio, Azure, Windows, and Office, among others. The severity ranges from critical to moderate. Based on the … Read more

Single HTTP Request Can Exploit 6M WordPress Sites

October 8, 2024 at 08:36AM A popular WordPress plug-in, LiteSpeed Cache, containing a cross-site scripting flaw (CVE-2024-47374), has been exploited by attackers, potentially enabling privilege escalation and malicious code installation on affected websites. A simple patch has been issued by Patchstack, allowing administrators to update to the fixed version 6.5.1 immediately to prevent vulnerabilities. After … Read more

Microsoft Unveils Copilot Vision AI Tool, but Highlights Security After Recall Debacle

October 1, 2024 at 10:27AM Microsoft has launched a new AI-based web content analysis tool, emphasizing safety and security to address potential concerns. This comes after a recall debacle, highlighting the importance of security. It seems like the meeting notes are highlighting the unveiling of Microsoft’s new AI-based web content analysis tool, which is referred … Read more

Automattic blocks WP Engine’s access to WordPress resources

September 26, 2024 at 09:56AM WordPress.org has banned WP Engine from accessing its resources and delivering plugin updates, leaving end-users vulnerable to potential hacks. The conflict between the two involves alleged alteration of WordPress core feature for profit, legal disputes, and criticism. Users are advised to seek alternative hosting providers due to the uncertain resolution. … Read more

AI-Generated Malware Found in the Wild

September 24, 2024 at 01:07PM HP identified a new email campaign distributing AI-generated malware. The malware involves an encrypted HTML attachment and employs uncommon techniques, indicating potential use of generative AI. Researchers found the malware payload to be basic, raising concerns that novice attackers are leveraging AI. This development signals the increasing threat of AI-generated … Read more

Google Now Syncing Passkeys Across Desktop, Android Devices

September 20, 2024 at 09:48AM Google introduced passkey support in 2022 for Android and Chrome, allowing users to authenticate with biometric instead of passwords. Users can now save passkeys to Google Password Manager from Windows, macOS, Linux, and Android, syncing them across devices for easier sign-ins. End-to-end encryption and a new Google Password Manager PIN … Read more