2024-10-06
You can stack cyber risk management frameworks to the sky if you'd like. But at the end of the day if your adversary has studied your system to the point they know it better than you do, you're going to lose. https://www.wsj.com/...
Wall Street Journal
Sources: China-linked “Salt Typhoon” hacking campaign potentially accessed US wiretap systems after breaching networks of US ISPs like Verizon, AT&T, and Lumen
AT&T, Verizon are among broadband providers breached in China-linked ‘Salt Typhoon’ hack
2024-10-05
You can stack cyber risk management frameworks to the sky if you'd like. But at the end of the day if your adversary has studied your system to the point they know it better than you do, you're going to lose. https://www.wsj.com/...
Wall Street Journal
Sources: China-linked “Salt Typhoon” hacking campaign breached networks of US ISPs like Verizon and AT&T, potentially gaining access to US wiretap systems
AT&T, Verizon are among broadband providers breached in China-linked ‘Salt Typhoon’ hack Mastodon: @fj@mastodon.social , @adamgurri@mastodon.social , @HackyScientress@chaos.social ...
2024-06-16
Woah! Did not expect to see NVIDIA releasing an open model for the purpose of generating synthetic data to build other LLMs. Perhaps ‘model collapse’ isn't as close as feared?
NVIDIA Blog
Nvidia announces Nemotron-4 340B, a family of models that developers can use to generate synthetic data for training LLMs for commercial applications
Nemotron-4 340B, a family of models optimized for NVIDIA NeMo and NVIDIA TensorRT-LLM, includes cutting-edge instruct and reward models, and a dataset for generative AI training.
2024-06-15
Woah! Did not expect to see NVIDIA releasing an open model for the purpose of generating synthetic data to build other LLMs. Perhaps ‘model collapse’ isn't as close as feared?
NVIDIA Blog
Nvidia announces Nemotron-4 340B, a family of models that developers can use to generate synthetic data for training LLMs for commercial applications
Nemotron-4 340B, a family of models optimized for NVIDIA NeMo and NVIDIA TensorRT-LLM, includes cutting-edge instruct and reward models, and a dataset for generative AI training.
2024-05-29
Having both @RGB_Lights and @embeddedsec on this committee should give anyone confidence that cyber security issues will get the proper attention they deserve.
New York Times
OpenAI creates a Safety and Security Committee to explore AI risks and begins training its new flagship AI model, which won't arrive for at least nine months
Having both @RGB_Lights and @embeddedsec on this committee should give anyone confidence that cyber security issues will get the proper attention they deserve.
Bloomberg
In a podcast, ex-OpenAI board member Helen Toner says the board learned of ChatGPT's launch on Twitter, criticizes Sam Altman's leadership on safety, and more
- Helen Toner spoke about Sam Altman's firing in a new podcast — Toner has called for more regulation around AI safety
2023-05-04
Great to see work by our teams to disrupt APTs and share threat research and malware analysis with our peers in the industry. In addition to threat disruptions, our teams are constantly working to harden our apps against targeting by various threats looking for any defense gaps... https://twitter.com/...
Wired
Meta warns malware actors are increasingly spreading their infrastructure across platforms and has blocked 1,000+ ChatGPT-themed malicious URLs since March 2023
Lily Hay Newman / Wired :
2023-03-29
This is a great use of ‘AI’ to help automate tasks that usually require expensive and difficult to scale humans. https://www.cnbc.com/...
The Verge
Microsoft launches Security Copilot, a GPT-4-powered assistant to help security professionals with incident investigations, event summaries, reporting, and more
Tom Warren / The Verge :
2021-03-29
I am not convinced we need a cyber czar, and this reads like we envision the role as more of a national cyber incident response position. There is more to defense than just reacting. https://www.politico.com/... https://twitter.com/...
Politico
National cyber director position, which Congress mandated in a defense bill last year, remains unfilled two months into Biden's admin due to political turf wars
Natasha Bertrand / Politico :
2021-03-26
This a great step in the right direction. The federal acquisition process is a powerful tool. The effects of vendors pushing these requirements to their own suppliers will eventually result in a higher baseline even for simple controls like authentication. https://twitter.com/...
Reuters
Source: Biden EO draft would require many software vendors to notify their federal govt. clients of cybersecurity breaches and preserve accompanying data logs
SAN FRANCISCO (Reuters) - A planned Biden administration executive order will require many software vendors to notify …
2021-01-07
It's almost like people should sit down & understand the technologies before jumping to conclusions. FWIW I explicitly pointed out CI/CD as a scalable vector for supply chain attacks in 2015, and even then I was probably a few years too late to the party. https://blog.jetbrains.com/...
New York Times
Sources: US intel agencies are investigating JetBrains as possible entry point for SolarWinds hackers; JetBrains isn't aware of any investigation or compromise
Russian hackers may have piggybacked on a tool developed by JetBrains, which is based in the Czech Republic …