About

Latest machine learning (ML) security news


ChatGPT

AI-assisted bid for bogus crypto bug bounty is thwarted09 December 2022ChatGPTAI-assisted bid for bogus crypto bug bounty is thwarted

DNS amplification

Adversarial attacks can cause denial of service and fool network defense systems25 July 2022DNS amplificationAdversarial attacks can cause denial of service and fool network defense systems

‘We’re still fighting last decade’s battle’

Sonatype CTO Brian Fox on the struggle to secure the neglected software supply chain22 July 2022‘We’re still fighting last decade’s battle’Sonatype CTO Brian Fox on the struggle to secure the neglected software supply chain

ML security

A new white paper details the myriad security threats associated with machine learning models12 July 2022ML securityA new white paper details the myriad security threats associated with machine learning models

Latest web hacking tools – Q3 2022

01 July 2022Latest web hacking tools – Q3 2022We take a look at the latest additions to security researchers’ armory

Black Hat Asia

‘If democracy is to survive, technology will have to be tamed’13 May 2022Black Hat Asia‘If democracy is to survive, technology will have to be tamed’

Regulatory priorities

FTC set to ramp up privacy compliance activity in 202209 February 2022Regulatory prioritiesFTC set to ramp up privacy compliance activity in 2022

Raimund Genes Cup

Trio of near misses ends as PwnThyBytes finally claims CTF title24 December 2021Raimund Genes CupTrio of near misses ends as PwnThyBytes finally claims CTF title

UK armed forces confirm cyber as fifth dimension of warfare

16 September 2021UK armed forces confirm cyber as fifth dimension of warfareArmed forces needs to adapt to recruit more digital quartermasters rather than conventional soldiers, conference attendees told

Visualize this

Machine learning technique detects phishing sites based on markup visualization08 September 2021Visualize thisMachine learning technique detects phishing sites based on markup visualization

ML security

Deserialization bug in TensorFlow allowed arbitrary code execution31 August 2021ML securityDeserialization bug in TensorFlow allowed arbitrary code execution

Hopper

Researchers develop tool to detect lateral movement attacks30 July 2021HopperResearchers develop tool to detect lateral movement attacks

‘Deeply concerning’

Data breaches are costing more than ever, as organizations take longer to detect attacks and apply patches28 July 2021‘Deeply concerning’Data breaches are costing more than ever, as organizations take longer to detect attacks and apply patches

DevSecAI

GitHub Copilot prone to writing security flaws14 July 2021DevSecAIGitHub Copilot prone to writing security flaws

Digital paper trail

Binance reveals how data analytics led to ransomware-linked money laundering bust28 June 2021Digital paper trailBinance reveals how data analytics led to ransomware-linked money laundering bust

DeepSloth

Researchers find denial-of-service equivalent against machine learning systems24 May 2021DeepSlothResearchers find denial-of-service equivalent against machine learning systems

Scheme flooding

All major desktop browsers vulnerable to tracking flaw that can bypass privacy tools14 May 2021Scheme floodingAll major desktop browsers vulnerable to tracking flaw that can bypass privacy tools

What the FLoC?

Everything you need to know about Google’s new ad tech (and why privacy groups think it’s a terrible idea)07 May 2021What the FLoC?Everything you need to know about Google’s new ad tech (and why privacy groups think it’s a terrible idea)

I, Robot

Machine learning security vulnerabilities are a growing threat to the web27 April 2021I, RobotMachine learning security vulnerabilities are a growing threat to the web

Inference attacks

How much information can machine learning models leak?14 April 2021Inference attacksHow much information can machine learning models leak?

Surge in malware and cyber-attacks set to continue, Europol warns

13 April 2021Surge in malware and cyber-attacks set to continue, Europol warnsCybercrime incidents are still ‘significantly under-reported’ by victims

Latest web hacking tools – Q1 2021

31 March 2021Latest web hacking tools – Q1 2021We take a look back at some of the best offensive security tools that were launched over the past three months

Shields up

What does the UK’s Integrated Review mean for cybersecurity?23 March 2021Shields upWhat does the UK’s Integrated Review mean for cybersecurity?

Get shorty

New tool allows researchers to hunt for exposed shortened URLs15 March 2021Get shortyNew tool allows researchers to hunt for exposed shortened URLs

Shields down

Canadian internet authority’s DNS filtering service broke SSL on iOS04 March 2021Shields downCanadian internet authority’s DNS filtering service broke SSL on iOS

SQL(A)i

Machine learning offers fresh approach to tackling vulnerabilities29 January 2021SQL(A)iMachine learning offers fresh approach to tackling vulnerabilities

Latest web hacking tools – Q4 2020

29 December 2020Latest web hacking tools – Q4 2020We take a look back at some of the best offensive security tools that were launched over the past three months

Hey Alexa. What’s my PIN?

Researchers show voice assistants can hear the taps made on a smartphone keyboard03 December 2020Hey Alexa. What’s my PIN?Researchers show voice assistants can hear the taps made on a smartphone keyboard

Security AI and automation slashes the cost of data breaches – IBM

03 November 2020Security AI and automation slashes the cost of data breaches – IBMAugmenting or replacing human intervention cut per-breach losses by $3.58m

‘Triggerless’ backdoors can infect machine learning models without leaving a trace

Research shows how new attack can bypass current ML defense methods02 November 2020‘Triggerless’ backdoors can infect machine learning models without leaving a traceResearch shows how new attack can bypass current ML defense methods

Microsoft launches machine learning attack threat matrix

23 October 2020Microsoft launches machine learning attack threat matrixFramework aimed at helping security pros detect and remediate threats against ML systems

Ear to the underground

Linguists team up with computer scientists to spot trends on cybercrime forums19 October 2020Ear to the undergroundLinguists team up with computer scientists to spot trends on cybercrime forums

Phishing in the Amazon

Internet shoppers urged to look out for Prime Day scams13 October 2020Phishing in the AmazonInternet shoppers urged to look out for Prime Day scams

Malicious NPM packages broadcast sensitive user data

06 October 2020Malicious NPM packages broadcast sensitive user dataNew research shows how typosquatting doesn’t just apply to web domains

Chrome extension uses machine learning to detect phishing URLs

05 October 2020Chrome extension uses machine learning to detect phishing URLsOpen source tool flags malicious domains with Support Vector Machine algorithm

Latest web hacking tools – Q3 2020

01 October 2020Latest web hacking tools – Q3 2020We take a look back at some of the latest offensive security tools that were launched over the past three months

Portland passes landmark facial recognition ban

24 September 2020Portland passes landmark facial recognition banThe impact of this first-of-its-kind legislation will extend far beyond the borders of Portland, writes David Oberly

‘I thought it was a complete fluke’

Katie Paxton-Fear on her bug bounty baptism and why AI will never replace security researchers11 September 2020‘I thought it was a complete fluke’Katie Paxton-Fear on her bug bounty baptism and why AI will never replace security researchers