cyberattack – Page 3 – SSL and internet security news

Prompt Injection Attacks on Large Language Models

March 7, 2023 infossl

academic papers, ChatGPT, cyberattack, Security technology, Uncategorized

This is a good survey on prompt injection attacks on large language models (like ChatGPT). Abstract: We are currently witnessing dramatic advances in the capabilities of Large Language Models (LLMs). They are already being adopted in practice and integrated into many systems, including integrated development environments (IDEs) and search engines. The functionalities of current LLMs … Read More “Prompt Injection Attacks on Large Language Models” »

Cyberwar Lessons from the War in Ukraine

February 23, 2023 infossl

cyberattack, cyberwar, defense, infrastructure, reports, russia, Security technology, ukraine, Uncategorized

The Aspen Institute has published a good analysis of the successes, failures, and absences of cyberattacks as part of the current war in Ukraine: “The Cyber Defense Assistance Imperative Lessons from Ukraine.” Its conclusion: Cyber defense assistance in Ukraine is working. The Ukrainian government and Ukrainian critical infrastructure organizations have better defended themselves and … Read More “Cyberwar Lessons from the War in Ukraine” »

Attacking Machine Learning Systems

February 6, 2023 infossl

cryptography, cyberattack, cybersecurity, essays, machine learning, Security technology, Uncategorized, vulnerabilities

The field of machine learning (ML) security—and corresponding adversarial ML—is rapidly advancing as researchers develop sophisticated techniques to perturb, disrupt, or steal the ML model or data. It’s a heady time; because we know so little about the security of these systems, there are many opportunities for new researchers to publish in this field. In … Read More “Attacking Machine Learning Systems” »

A Guide to Phishing Attacks

January 27, 2023 infossl

cyberattack, phishing, Security technology, Uncategorized

This is a good list of modern phishing techniques. Powered by WPeMatico

US Cyber Command Operations During the 2022 Midterm Elections

January 25, 2023 infossl

cyberattack, cybersecurity, hacking, national security policy, Security technology, Uncategorized, voting

The head of both US Cyber Command and the NSA, Gen. Paul Nakasone, broadly discussed that first organization’s offensive cyber operations during the runup to the 2022 midterm elections. He didn’t name names, of course: We did conduct operations persistently to make sure that our foreign adversaries couldn’t utilize infrastructure to impact us,” said Nakasone. … Read More “US Cyber Command Operations During the 2022 Midterm Elections” »

Arresting IT Administrators

December 27, 2022 infossl

antivirus, cyberattack, law enforcement, patching, Security technology, Uncategorized

This is one way of ensuring that IT keeps up with patches: Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by alleged Iranian hackers. Prosecutors said the five IT officials of the public administration department had failed to check the … Read More “Arresting IT Administrators” »

Successful Hack of Time-Triggered Ethernet

November 18, 2022 infossl

cyberattack, embedded systems, hardware, Security technology, spoofing, Uncategorized

Time-triggered Ethernet (TTE) is used in spacecraft, basically to use the same hardware to process traffic with different timing and criticality. Researchers have defeated it: On Tuesday, researchers published findings that, for the first time, break TTE’s isolation guarantees. The result is PCspooF, an attack that allows a single non-critical device connected to a single … Read More “Successful Hack of Time-Triggered Ethernet” »

The Conviction of Uber’s Chief Security Officer

November 7, 2022 infossl

courts, cover-ups, cyberattack, cybersecurity, data breaches, data protection, Security technology, uber, Uncategorized

I have been meaning to write about Joe Sullivan, Uber’s former Chief Security Officer. He was convicted of crimes related to covering up a cyberattack against Uber. It’s a complicated case, and I’m not convinced that he deserved a guilty ruling or that it’s a good thing for the industry. I may still write something, … Read More “The Conviction of Uber’s Chief Security Officer” »

Australia Increases Fines for Massive Data Breaches

October 26, 2022 infossl

australia, cyberattack, data breaches, incentives, Security technology, Uncategorized

After suffering two large, and embarrassing, data breaches in recent weeks, the Australian government increased the fine for serious data breaches from $2.2 million to a minimum of $50 million. (That’s $50 million AUD, or $32 million USD.) This is a welcome change. The problem is one of incentives, and Australia has now increased the … Read More “Australia Increases Fines for Massive Data Breaches” »

Prompt Injection/Extraction Attacks against AI Systems

September 22, 2022 infossl

artificial intelligence, cyberattack, security engineering, Security technology, Uncategorized

This is an interesting attack I had not previously considered. The variants are interesting, and I think we’re just starting to understand their implications. Powered by WPeMatico