Tag: ml
-
Kritische Schwachstellen in PyTorch, TensorFlow und ONNX gefährden maschinelles Lernen
Die dokumentierten Schwachstellen betreffen die wichtigsten ML-Plattformen und machen deutlich, wie böswillige Akteure durch gezielte Angriffstechniken die Vertraulichkeit, Integrität und Verfügbarkeit produktiver ML-Systeme gefährden könnten. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/kritische-schwachstellen-in-pytorch-tensorflow-und-onnx-gefaehrden-maschinelles-lernen/a38926/
-
Sicherheitslücken in ML-Toolkits: Zahlreiche Tools betroffen
Neue Schwachstellen in ML-Toolkits: Sicherheitslücken erhöhen das Risiko von Angriffen auf ML-Systeme durch KI-Hacker. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/sicherheitsluecken-in-ml-toolkits-zahlreiche-tools-betroffen-304052.html
-
JFrog-Analyse zur Gefährdung Maschinellen Lernens: Kritische Schwachstellen in ML-Frameworks entdeckt
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/jfrog-analyse-gefaehrdung-maschinelles-lernen-kritisch-schwachstellen-ml-frameworks-entdeckung
-
Security Flaws in Popular ML Toolkits Enable Server Hijacks, Privilege Escalation
Cybersecurity researchers have uncovered nearly two dozen security flaws spanning 15 different machine learning (ML) related open-source projects.These comprise vulnerabilities discovered both on the server- and client-side, software supply chain security firm JFrog said in an analysis published last week.The server-side weaknesses “allow attackers to hijack important servers in the First seen on thehackernews.com Jump…
-
AI Recruitment Tools Prone to Bias, Privacy Issues
ML, NLP Tools Collect More Personal Information Than Required, UK Regulator Says. Artificial intelligence tools currently used by organizations in the United Kingdom to screen job applicants pose privacy risks and are susceptible to biasness and accuracy issues, the U.K. Information Commissioner’s Office found. The ICO focused on machine learning and natural language processing. First…
-
Researchers Uncover Vulnerabilities in Open-Source AI and ML Models
A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) m… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/researchers-uncover-vulnerabilities-in.html
-
Open-Source AI, ML Tools Plagued With Vulnerabilities
First seen on scworld.com Jump to article: www.scworld.com/brief/open-source-ai-ml-tools-plagued-with-vulnerabilities
-
Exploring the Transformative Potential of AI in Cybersecurity
By continuously learning from new data, ML models can adapt to evolving threat landscapes, making them invaluable in identifying zero-day vulnerabilit… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/exploring-the-transformative-potential-of-ai-in-cybersecurity/
-
AI Hype Drives Demand For ML SecOps Skills
Companies are putting AI in just about all of their products, which opens up new security holes. LLM SecOps and ML SecOps are becoming must-have skill… First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-careers/ai-hype-drives-demand-ml-secops-skills
-
OT Risk Management Firm DeNexus Raises $17.5 Million
DeNexus offers an AI and ML-driven data analytics platform that focuses on managing the cyber risk to the underserved operational technology of critic… First seen on securityweek.com Jump to article: www.securityweek.com/ot-risk-management-firm-denexus-raises-17-5-million/
-
Cybercriminals Are Targeting AI Conversational Platforms
Resecurity reports a rise in attacks on AI Conversational platforms, targeting chatbots that use NLP and ML to enable automated, human-like interactio… First seen on securityaffairs.com Jump to article: securityaffairs.com/169580/security/cybercriminals-are-targeting-ai-conversational-platforms.html
-
Auditing Gradio 5, Hugging Face’s ML GUI framework
This is a joint post with the Hugging Face Gradio team; read their announcement here! You can find the full report with all of the detailed findings f… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/auditing-gradio-5-hugging-faces-ml-gui-framework/
-
USENIX NSDI ’24 Credence: Augmenting Datacenter Switch Buffer Sharing with ML Predictions
Authors/Presenters:Vamsi Addanki, Maciej Pacut, Stefan Schmid Our sincere thanks to USENIX, and the Presenters & Authors for publishing their supe… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/usenix-nsdi-24-credence-augmenting-datacenter-switch-buffer-sharing-with-ml-predictions/
-
Hackers Attacking AI Agents To Hijacking Customer Sessions
Conversational AI platforms, powered by chatbots, are witnessing a surge in malicious attacks, which leverage NLP and ML are increasingly being used b… First seen on gbhackers.com Jump to article: gbhackers.com/hackers-hijack-ai-customer-sessions/
-
Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense
Google has announced that it will be switching from KYBER to ML-KEM in its Chrome web browser as part of its ongoing efforts to defend against the ris… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/google-chrome-switches-to-ml-kem-for.html
-
Cybersecurity Snapshot: Critical Infrastructure Orgs Found Vulnerable to Basic Hacks, While New MITRE Tool Uses ML to Predict Attack Chains
Report finds that many critical infrastructure networks can be breached using simple attacks. Plus, a new MITRE Engenuity tool uses machine learning t… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/cybersecurity-snapshot-critical-infrastructure-orgs-found-vulnerable-to-basic-hacks-while-new-mitre-tool-uses-ml-to-predict-attack-chains/
-
SC Award Winners 2024 Onyxia Cyber Best AI,ML Data Analytics Security Solution
First seen on scmagazine.com Jump to article: www.scmagazine.com/news/sc-award-winners-2024-onyxia-cyber-best-aiml-data-analytics-security-solution
-
Chrome switching to NIST-approved ML-KEM quantum encryption
Google announced updates in the post-quantum cryptographic key encapsulation mechanism used in the Chrome browser, specifically, the swap of Kyber use… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chrome-switching-to-nist-approved-ml-kem-quantum-encryption/
-
Nvidia AI security architect discusses top threats to LLMs
Richard Harang, Nvidia’s principal AI and ML security architect, said two of the biggest pain points for LLMs right now are insecure plugins and indir… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366599855/Nvidia-AI-security-architect-discusses-top-threats-to-LLMs
-
The Weaponization of AI and ML is Complicating the Digital Battlefield
Zero-trust architecture is increasingly seen as a solution to the challenges posed by AI and ML. Initial training must focus on standardizing basic te… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/the-weaponization-of-ai-and-ml-is-complicating-the-digital-battlefield/
-
Researchers Disclosed 20 Vulnerabilities Exploited To Attack ML Used In Orgs
The MLOps pipeline automates the machine learning lifecycle, from model training to deployment, which involves defining the pipeline using Python code… First seen on gbhackers.com Jump to article: gbhackers.com/20ml-vulnerabilities-exposed/
-
How to Maximize Network Security With AI and ML
First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/how-to-maximize-network-security-with-ai-and-ml/
-
Protect AI Raises $60 Million in Series B Funding
AI and ML security provider Protect AI has raised $60 million in a Series B funding round led by Evolution Equity Partners. The post Protect AI Raises… First seen on securityweek.com Jump to article: www.securityweek.com/protect-ai-raises-60-million-in-series-b-funding/
-
How U.S. Businesses can Fight the Deepfake Threat
While it’s unclear how new, advanced technologies like AI and ML will ultimately change the data security landscape, now is not the time to stand stil… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/how-u-s-businesses-can-fight-the-deepfake-threat/
-
Diversifying cyber teams to tackle complex threats
Technologies such as GenAI, ML and IoT are giving threat actors new tools that make it easier to target consumers and organizations. From Savvy Seahor… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/10/diverse-cyber-workforce/
-
CVSS 10: Lücke in KI-Framework PyTorch gefährdet Netzwerke – ML-Framework PyTorch ermöglicht Cyberattacken
First seen on security-insider.de Jump to article: www.security-insider.de/kritische-luecke-pytorch-sicherheitstipps-updates-a-b036731dce3c4657d3070df45865f02e/
-
Balancing AI Performance and Safety: Lessons from PyData Berlin
Would you trust AI to call 911? GitGuardian’s ML engineer Nicolas posed this question at PyData Berlin, sparking a discussion on integrating ML into c… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/balancing-ai-performance-and-safety-lessons-from-pydata-berlin/
-
‘Sleepy Pickle’ Exploit Subtly Poisons ML Models
First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/sleepy-pickle-exploit-subtly-poisons-ml-models
-
Sleepy Pickle Exploit Let Attackers Exploit ML Models And Attack End-Users
Hackers are targeting, attacking, and exploiting ML models. They want to hack into these systems to steal sensitive data, interrupt services, or manip… First seen on gbhackers.com Jump to article: gbhackers.com/sleepy-pickle-exploit-ml-models/