DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Members of the health care and financial industries, along with other industries that hold sensitive data, are warned that a ChatGPT vulnerability is being actively exploited by threat actors to attack security flaws in AI...more
The “Bad Likert Judge” jailbreaking technique boasts a high attack success rate by using a three-step approach which employs the target LLM’s own understanding of harmful content to bypass the target LLM’s safety guardrails....more
On November 13, 2024, the Financial Crimes Enforcement Network (FinCEN) issued FIN-2024-Alert004 to help financial institutions identify fraud schemes associated with the use of deepfake media created with generative...more
A critical vulnerability, CVE-2024-0132, has surfaced in NVIDIA’s Container Toolkit, placing a substantial portion of cloud environments at risk. Discovered by researchers at Wiz, the flaw affects both the NVIDIA Container...more
Gone are the days where technological solutions were “nice to have” options to provide us with better access to resources and improved process efficiencies. Nowadays, technological solutions – and specifically those that...more
CYBERSECURITY - City of Pensacola Services Disrupted by Cyber-Attack - Adding to the list of many other municipalities, the city of Pensacola, Florida, was hit with a cyber-attack last weekend that affected services to...more
CYBERSECURITY CISOs: New Report Outlines Risks of LLMs - I hang out with a lot of Chief Information Security Officers (CISOs), so this piece is for them. Of course, it will be of interest to all security professionals...more
Because technology develops so rapidly, and “trends” are fast and furious, it is always hard to predict what the big issues will be for the next year. A year is a long time in the tech field. Just look at how fast ChatGPT...more
As a follow up to last week's article about the Biden executive order on artificial intelligence (AI), this is a brief overview of one of its provisions that has proven to be controversial -- namely, the additional scrutiny...more
The development of artificial intelligence (AI) and particularly Generative Artificial Intelligence (GenAI) has exploded in recent years, prompting government officials including the Biden administration to call for studies...more
CYBERSECURITY - CISA Issues Four More Industrial Control Systems Advisories - On August 22, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) issued four more advisories related to industrial control...more
CISA released a blog post last week reminding software designers that artificial intelligence (AI) tools are software and that they “must consider the security of the customers as a core business requirement, not just a...more
CYBERSECURITY - Patch Adobe ColdFusion Vulnerabilities Being Exploited in the Wild ASAP - Adobe has issued alerts on three vulnerabilities affecting its ColdFusion product. The first alert, issued on July 11, 2023,...more
CYBERSECURITY - Joint Advisory on MOVEit Transfer Vulnerability Published - CISA and FBI have issued a joint advisory on the MOVEit transfer vulnerability that should be on the radar of CISOs and IT professionals. The...more
Just last week, researchers at Robust Intelligence were able to manipulate NVIDIA’s artificial intelligence software, the “NeMo Framework,” to ignore safety restraints and reveal private information. According to reports, it...more
Researchers at Meta, the owner of Facebook released a report this week that indicated that, since March 2023, Meta “has blocked and shared with our industry peers more than 1,000 malicious links from being shared across our...more