Real ID, a misguided effort by the feds to make everyone have a less easily fakeable driver’s license (notice I did not say a secure driver’s license) came out of the 9-11 attacks. For the last 20 years the feds have been trying to get the states to implement the law, with many states resisting […]
Continue reading → [DISPLAY_ACURAX_ICONS]No big surprise here. Researchers have gotten full read and write access to Meta’s Bloom, Meta-Llama and Pythia large language models in a typical example of supply chain risk. If they had been hackers or a non-friendly nation, they could have poisoned the training data, stolen the models and datasets and other unfriendly things. AI […]
Continue reading → [DISPLAY_ACURAX_ICONS]We have long reported that hackers love to break into law firms. This is in part due to the fact that many law firms do not have good cybersecurity practices, especially small firms. The other part is that breaking into a law firm is like winning the lottery. Instead of getting one customer’s data, they […]
Continue reading → [DISPLAY_ACURAX_ICONS]While basically unenforceable, the agreement is a starting point. The US, UK and 23 domestic and international cybersecurity organizations, representing more than a dozen countries, signed on to the Guidelines for Secure AI Development. The Guidelines, complementing theĀ U.S. Voluntary Commitments on Ensuring Safe, Secure, and Trustworthy AI, provide essential recommendations for AI system development and […]
Continue reading → [DISPLAY_ACURAX_ICONS]Post Quantum Crypto Isn’t The Only Problem – Pre Stone Age Crypto is Also a Problem While some folks are worried about what is going to happen to encryption when quantum computing becomes real, other companies are still using antique crypto. Unfortunately, many of the companies who are using antiques are medical devices and higher […]
Continue reading → [DISPLAY_ACURAX_ICONS]The title comes from a folk song written by Pete Seeger in the 1950s, but apparently, software developers are not into folk music. In this case, security researchers are warning that developers are leaving security credentials in public repositories. They found these creds in repositories run by IBM, Digital Ocean, AWS, Gitlab, and others. The […]
Continue reading → [DISPLAY_ACURAX_ICONS]