Tag: ml

How AI and ML are transforming digital banking security

Jan 14, 2025 8:46 AM

Tags: ai, banking, cybersecurity, group, ml

In this Help Net Security interview, Nuno Martins da Silveira Teodoro, VP of Group Cybersecurity at Solaris, discusses the latest advancements in digital banking security. He … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/14/nuno-martins-da-silveira-teodoro-solaris-ai-digital-banking-security/
New Research Highlights Vulnerabilities in MLOps Platforms

Jan 7, 2025 7:17 PM

Tags: ai, google, intelligence, ml, risk, vulnerability

New research by Security Intelligence has revealed security risks in MLOps platforms including Azure ML, BigML and Google Vertex AI First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/vulnerabilities-mlops-platforms/
Anomaly Detection for Cybersecurity

Dec 29, 2024 7:43 PM

Tags: ai, cisa, cybersecurity, data, data-breach, defense, detection, gartner, iot, ml, network, threat, training

A long promising approach comes of age I won’t revisit the arguments for anomaly detection as a crucial piece of cybersecurity. We’ve seen waves of anomaly detection over the years”Š”, “Šand CISA, DARPA, Gartner, and others have explained the value of anomaly detection. As rules-based detections show their age and attackers adopt AI to accelerate their…
Top 7 zero-day exploitation trends of 2024

Dec 23, 2024 10:42 AM

Tags: access, ai, attack, authentication, backdoor, botnet, breach, bug-bounty, business, china, ciso, cloud, computing, control, corporate, cve, cyberespionage, cybersecurity, data, data-breach, defense, email, endpoint, exploit, firewall, flaw, framework, github, google, government, group, hacker, identity, infrastructure, injection, Internet, ivanti, kev, leak, linux, malicious, malware, ml, monitoring, moveIT, network, north-korea, open-source, password, programming, pypi, ransomware, remote-code-execution, risk, service, software, sql, supply-chain, tool, training, unauthorized, update, vpn, vulnerability, windows, zero-day

Zero-day vulnerabilities saw big growth once again in 2024. With no patch available, zero-day flaws give attackers a significant jump on cybersecurity defense teams, making them a critical weapon for attacking enterprise systems.But while all zero-days are essential for CISOs and their team to be aware of, and for vendors to remedy in a timely…
Neue Schwachstellen in Machine-Learning-Systemen – JFrog-Analyse zeigt Risiken auf

Dec 20, 2024 11:43 AM

Tags: ml, risk, vulnerability

Um Risiken zu minimieren, empfiehlt das JFrog-Team, keine nicht-vertrauenswürdigen ML-Modelle zu laden auch nicht in scheinbar sicheren Formaten wie Safetensors. Unternehmen sollten ihre ML-Nutzer für die Gefahren sensibilisieren und Sicherheitsrichtlinien entsprechend anpassen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/neue-schwachstellen-in-machine-learning-systemen-jfrog-analyse-zeigt-risiken-auf/a39362/
Die 10 häufigsten LLM-Schwachstellen

Dec 19, 2024 6:42 AM

Tags: access, ai, api, application-security, awareness, breach, cloud, control, cyberattack, data, detection, dos, encryption, injection, least-privilege, LLM, ml, monitoring, privacy, RedTeam, remote-code-execution, risk, service, tool, update, vulnerability, zero-trust
Data Security Predictions for 2025: Putting Protection and Resilience at Center Stage

Dec 17, 2024 2:42 PM

Tags: access, ai, attack, authentication, breach, business, cloud, compliance, computer, computing, credentials, crypto, cryptography, cyber, cyberattack, cybercrime, cybersecurity, data, defense, detection, dora, encryption, framework, hacker, infrastructure, international, law, ml, monitoring, network, nis-2, nist, PCI, phishing, privacy, regulation, resilience, risk, risk-management, service, skills, social-engineering, software, strategy, supply-chain, technology, threat, tool, vulnerability, zero-trust

Data Security Predictions for 2025: Putting Protection and Resilience at Center Stage madhav Tue, 12/17/2024 – 05:10 Cybersecurity is a remarkably dynamic industry. New trends, technologies, and techniques reshape the landscape at an extraordinary pace, meaning keeping up can be challenging. Protecting data, the driving force of modern businesses, will continue to be the primary…
The 7 most in-demand cybersecurity skills today

Dec 12, 2024 12:05 PM

Tags: access, ai, api, application-security, attack, backup, best-practice, breach, business, cloud, compliance, computing, control, cyber, cyberattack, cybersecurity, data, defense, encryption, exploit, framework, gartner, GDPR, google, governance, grc, group, hacker, Hardware, healthcare, incident response, infrastructure, injection, intelligence, jobs, LLM, malicious, mitigation, ml, network, penetration-testing, phishing, privacy, ransomware, risk, risk-analysis, risk-assessment, risk-management, saas, service, skills, social-engineering, software, spear-phishing, strategy, technology, threat, tool, training, update, vulnerability, zero-trust

Cybersecurity teams find themselves understaffed, overburdened, and rushing to keep up with a rapidly changing threat landscape, as cyberattackers continually devise new ways to attack organizations, and organizations accelerate their embrace of the latest technologies.As a result, security professionals must continually upskill themselves to ensure they keep pace with organizations’ latest skill demands. Unfortunately, deciding…
ML clients, ‘safe’ model formats exploitable through open-source AI vulnerabilities

Dec 7, 2024 10:07 PM

Tags: ai, ml, open-source, vulnerability

First seen on scworld.com Jump to article: www.scworld.com/news/ml-clients-safe-model-formats-exploitable-through-open-source-ai-vulnerabilities
Neue AWS-KI-Rezepte gegen Cloud-Bedrohungen

Dec 4, 2024 4:48 PM

Tags: ai, cloud, computing, cyber, incident response, ml, network, security-incident, service, tool
AWS launches tools to tackle evolving cloud security threats

Dec 2, 2024 2:28 PM

Tags: access, ai, api, attack, cio, ciso, cloud, credentials, cyber, data, detection, exploit, finance, framework, healthcare, incident response, metric, mitre, ml, ransomware, security-incident, service, tactics, theft, threat, tool, update

The increasing sophistication and scale of cyber threats pose a growing challenge for enterprises managing complex cloud environments. Security teams often face overwhelming volumes of alerts, fragmented workflows, and limited tools to identify and respond to attack patterns spanning multiple events.Amazon Web Services (AWS) is addressing these challenges with two significant updates to its cloud…
JFrog fördert sichere KI-Entwicklung mit Integration von Databricks MLflow

Dec 1, 2024 7:27 PM

Tags: ai, data, ml, open-source, software

Die neue JFrog Artifactory-Integration bietet Entwicklern und Data Scientists eine Open Source Software-Lösung, um die Entwicklung von ML-Modellen zu … First seen on infopoint-security.de Jump to article: www.infopoint-security.de/jfrog-foerdert-sichere-ki-entwicklung-mit-integration-von-databricks-mlflow/a37220/
JFrog übernimmt Qwak AI Rationalisierung von KI- & ML-Modellen

Dec 1, 2024 6:27 PM

Tags: ai, ml

Als Teil der JFrog-Plattform wird die Qwak-Technologie eine unkomplizierte und problemlose Überführung von Modellen in die Produktion bieten, basiert … First seen on infopoint-security.de Jump to article: www.infopoint-security.de/jfrog-uebernimmt-qwak-ai-rationalisierung-von-ki-ml-modellen/a37667/
It’s Near-Unanimous: AI, ML Make the SOC Better

Nov 21, 2024 2:53 PM

Tags: ai, cybersecurity, intelligence, ml, soc

Efficiency is the name of the game for the security operations center, and 91% of cybersecurity pros say artificial intelligence and machine learning are winning that game. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/survey-report-ai-ml-make-soc-better
Researchers Warn of Privilege Escalation Risks in Google’s Vertex AI ML Platform

Nov 15, 2024 2:53 PM

Tags: access, ai, cybersecurity, data, exploit, flaw, google, jobs, malicious, ml, network, risk, service, unauthorized

Cybersecurity researchers have disclosed two security flaws in Google’s Vertex machine learning (ML) platform that, if successfully exploited, could allow malicious actors to escalate privileges and exfiltrate models from the cloud.”By exploiting custom job permissions, we were able to escalate our privileges and gain unauthorized access to all data services in the project,” Palo Alto…
Kritische Schwachstellen in PyTorch, TensorFlow und ONNX gefährden maschinelles Lernen

Nov 12, 2024 11:03 AM

Tags: ml, vulnerability

Die dokumentierten Schwachstellen betreffen die wichtigsten ML-Plattformen und machen deutlich, wie böswillige Akteure durch gezielte Angriffstechniken die Vertraulichkeit, Integrität und Verfügbarkeit produktiver ML-Systeme gefährden könnten. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/kritische-schwachstellen-in-pytorch-tensorflow-und-onnx-gefaehrden-maschinelles-lernen/a38926/
Sicherheitslücken in ML-Toolkits: Zahlreiche Tools betroffen

Nov 11, 2024 3:03 PM

Tags: ai, ml, risk, tool, vulnerability

Neue Schwachstellen in ML-Toolkits: Sicherheitslücken erhöhen das Risiko von Angriffen auf ML-Systeme durch KI-Hacker. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/sicherheitsluecken-in-ml-toolkits-zahlreiche-tools-betroffen-304052.html
JFrog-Analyse zur Gefährdung Maschinellen Lernens: Kritische Schwachstellen in ML-Frameworks entdeckt

Nov 11, 2024 12:03 PM

Tags: framework, ml, vulnerability

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/jfrog-analyse-gefaehrdung-maschinelles-lernen-kritisch-schwachstellen-ml-frameworks-entdeckung
Security Flaws in Popular ML Toolkits Enable Server Hijacks, Privilege Escalation

Nov 11, 2024 12:03 PM

Tags: cybersecurity, flaw, ml, open-source, software, supply-chain, vulnerability

Cybersecurity researchers have uncovered nearly two dozen security flaws spanning 15 different machine learning (ML) related open-source projects.These comprise vulnerabilities discovered both on the server- and client-side, software supply chain security firm JFrog said in an analysis published last week.The server-side weaknesses “allow attackers to hijack important servers in the First seen on thehackernews.com Jump…
AI Recruitment Tools Prone to Bias, Privacy Issues

Nov 9, 2024 6:03 AM

Tags: ai, intelligence, jobs, ml, office, privacy, risk, tool

ML, NLP Tools Collect More Personal Information Than Required, UK Regulator Says. Artificial intelligence tools currently used by organizations in the United Kingdom to screen job applicants pose privacy risks and are susceptible to biasness and accuracy issues, the U.K. Information Commissioner’s Office found. The ICO focused on machine learning and natural language processing. First…
Researchers Uncover Vulnerabilities in Open-Source AI and ML Models

Nov 8, 2024 3:00 PM

Tags: ai, intelligence, ml, open-source, vulnerability

A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) m… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/researchers-uncover-vulnerabilities-in.html
Open-Source AI, ML Tools Plagued With Vulnerabilities

Nov 2, 2024 8:57 PM

Tags: ai, ml, open-source, tool, vulnerability

First seen on scworld.com Jump to article: www.scworld.com/brief/open-source-ai-ml-tools-plagued-with-vulnerabilities
Exploring the Transformative Potential of AI in Cybersecurity

Oct 24, 2024 6:46 PM

Tags: ai, data, ml, threat, zero-day

By continuously learning from new data, ML models can adapt to evolving threat landscapes, making them invaluable in identifying zero-day vulnerabilit… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/exploring-the-transformative-potential-of-ai-in-cybersecurity/
AI Hype Drives Demand For ML SecOps Skills

Oct 22, 2024 6:25 PM

Tags: ai, LLM, ml, skills

Companies are putting AI in just about all of their products, which opens up new security holes. LLM SecOps and ML SecOps are becoming must-have skill… First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-careers/ai-hype-drives-demand-ml-secops-skills
OT Risk Management Firm DeNexus Raises $17.5 Million

Oct 17, 2024 12:35 PM

Tags: ai, cyber, data, ml, risk, risk-management, technology

DeNexus offers an AI and ML-driven data analytics platform that focuses on managing the cyber risk to the underserved operational technology of critic… First seen on securityweek.com Jump to article: www.securityweek.com/ot-risk-management-firm-denexus-raises-17-5-million/
Cybercriminals Are Targeting AI Conversational Platforms

Oct 13, 2024 6:54 AM

Tags: ai, attack, cybercrime, ml

Resecurity reports a rise in attacks on AI Conversational platforms, targeting chatbots that use NLP and ML to enable automated, human-like interactio… First seen on securityaffairs.com Jump to article: securityaffairs.com/169580/security/cybercriminals-are-targeting-ai-conversational-platforms.html
Auditing Gradio 5, Hugging Face’s ML GUI framework

Oct 11, 2024 6:54 AM

Tags: framework, ml

This is a joint post with the Hugging Face Gradio team; read their announcement here! You can find the full report with all of the detailed findings f… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/auditing-gradio-5-hugging-faces-ml-gui-framework/
USENIX NSDI ’24 Credence: Augmenting Datacenter Switch Buffer Sharing with ML Predictions

Oct 7, 2024 4:00 PM

Tags: ml, switch

Authors/Presenters:Vamsi Addanki, Maciej Pacut, Stefan Schmid Our sincere thanks to USENIX, and the Presenters & Authors for publishing their supe… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/usenix-nsdi-24-credence-augmenting-datacenter-switch-buffer-sharing-with-ml-predictions/
Hackers Attacking AI Agents To Hijacking Customer Sessions

Oct 1, 2024 11:37 AM

Tags: ai, attack, malicious, ml

Conversational AI platforms, powered by chatbots, are witnessing a surge in malicious attacks, which leverage NLP and ML are increasingly being used b… First seen on gbhackers.com Jump to article: gbhackers.com/hackers-hijack-ai-customer-sessions/
Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense

Sep 26, 2024 6:01 PM

Tags: browser, chrome, cryptography, defense, google, ml

Google has announced that it will be switching from KYBER to ML-KEM in its Chrome web browser as part of its ongoing efforts to defend against the ris… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/google-chrome-switches-to-ml-kem-for.html