Friday Squid Blogging: Squid-A-Rama in Des Moines
November 9 2024Squid-A-Rama will be in Des Moines at the end of the month. Visitors will be able to dissect squid, explore fascinating facts about the species, and witness a live squid...
Read morePrompt Injection Defenses Against LLM Cyberattacks
November 8 2024Interesting research: “Hacking Back the AI-Hacker: Prompt Injection as a Defense Against LLM-driven Cyberattacks“:
Large language models (LLMs) are increasingly being harnessed to automate cyberattacks, making sophisticated exploits more...
Read more
Subverting LLM Coders
November 7 2024Really interesting research: “An LLM-Assisted Easy-to-Trigger Backdoor Attack on Code Completion Models: Injecting Disguised Vulnerabilities against Strong Detection“:
Abstract: Large Language Models (LLMs) have transformed code completion tasks, providing...
Read more
IoT Devices in Password-Spraying Botnet
November 6 2024Microsoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. Not sure about the “highly evasive” part; the techniques seem...
Read moreAIs Discovering Vulnerabilities
November 5 2024I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning,...
Read moreSophos Versus the Chinese Hackers
November 4 2024Really interesting story of Sophos’s five-year war against Chinese hackers.
Read moreFriday Squid Blogging: Squid Sculpture in Massachusetts Building
November 2 2024Great blow-up sculpture. Blog moderation policy.
Read moreRoger Grimes on Prioritizing Cybersecurity Advice
October 31 2024This is a good point:
Part of the problem is that we are constantly handed lists…list of required controls…list of things we are being asked to fix or improve…lists...
Read more
Recent Comments