#securing AI applications | Explore Tumblr Posts and Blogs

atozofsoftwareengineering · 4 months

Text

17 Essential Steps to Fortify Your AI Application

Master AI security with these 17 essential steps! #AISecurity #DataProtection #CyberSecurity

In today’s digital landscape, securing AI applications is crucial for maintaining trust and ensuring data integrity. Here’s a comprehensive guide to the 17 essential steps for fortifying your AI application. 1. Encrypt Data Ensure that all data, both in transit and at rest, is encrypted. Use industry-standard encryption protocols like AES (Advanced Encryption Standard) for data at rest and TLS…

View On WordPress

3 notes · View notes

jcmarchi · 2 months

Text

Deepfake misuse & deepfake detection (before it’s too late) - CyberTalk

New Post has been published on https://thedigitalinsider.com/deepfake-misuse-deepfake-detection-before-its-too-late-cybertalk/

Deepfake misuse & deepfake detection (before it’s too late) - CyberTalk

Micki Boland is a global cyber security warrior and evangelist with Check Point’s Office of the CTO. Micki has over 20 years in ICT, cyber security, emerging technology, and innovation. Micki’s focus is helping customers, system integrators, and service providers reduce risk through the adoption of emerging cyber security technologies. Micki is an ISC2 CISSP and holds a Master of Science in Technology Commercialization from the University of Texas at Austin, and an MBA with a global security concentration from East Carolina University.

In this dynamic and insightful interview, Check Point expert Micki Boland discusses how deepfakes are evolving, why that matters for organizations, and how organizations can take action to protect themselves. Discover on-point analyses that could reshape your decisions, improving cyber security and business outcomes. Don’t miss this.

Can you explain how deepfake technology works?

Deepfakes involve simulated video, audio, and images to be delivered as content via online news, mobile applications, and through social media platforms. Deepfake videos are created with Generative Adversarial Networks (GAN), a type of Artificial Neural Network that uses Deep Learning to create synthetic content.

GANs sound cool, but technical. Could you break down how they operate?

GAN are a class of machine learning systems that have two neural network models; a generator and discriminator which game each other. Training data in the form of video, still images, and audio is fed to the generator, which then seeks to recreate it. The discriminator then tries to discern the training data from the recreated data produced by the generator.

The two artificial intelligence engines repeatedly game each other, getting iteratively better. The result is convincing, high quality synthetic video, images, or audio. A good example of GAN at work is NVIDIA GAN. Navigate to the website https://thispersondoesnotexist.com/ and you will see a composite image of a human face that was created by the NVIDIA GAN using faces on the internet. Refreshing the internet browser yields a new synthetic image of a human that does not exist.

What are some notable examples of deepfake tech’s misuse?

Most people are not even aware of deepfake technologies, although these have now been infamously utilized to conduct major financial fraud. Politicians have also used the technology against their political adversaries. Early in the war between Russia and Ukraine, Russia created and disseminated a deepfake video of Ukrainian President Volodymyr Zelenskyy advising Ukrainian soldiers to “lay down their arms” and surrender to Russia.

How was the crisis involving the Zelenskyy deepfake video managed?

The deepfake quality was poor and it was immediately identified as a deepfake video attributable to Russia. However, the technology is becoming so convincing and so real that soon it will be impossible for the regular human being to discern GenAI at work. And detection technologies, while have a tremendous amount of funding and support by big technology corporations, are lagging way behind.

What are some lesser-known uses of deepfake technology and what risks do they pose to organizations, if any?

Hollywood is using deepfake technologies in motion picture creation to recreate actor personas. One such example is Bruce Willis, who sold his persona to be used in movies without his acting due to his debilitating health issues. Voicefake technology (another type of deepfake) enabled an autistic college valedictorian to address her class at her graduation.

Yet, deepfakes pose a significant threat. Deepfakes are used to lure people to “click bait” for launching malware (bots, ransomware, malware), and to conduct financial fraud through CEO and CFO impersonation. More recently, deepfakes have been used by nation-state adversaries to infiltrate organizations via impersonation or fake jobs interviews over Zoom.

How are law enforcement agencies addressing the challenges posed by deepfake technology?

Europol has really been a leader in identifying GenAI and deepfake as a major issue. Europol supports the global law enforcement community in the Europol Innovation Lab, which aims to develop innovative solutions for EU Member States’ operational work. Already in Europe, there are laws against deepfake usage for non-consensual pornography and cyber criminal gangs’ use of deepfakes in financial fraud.

What should organizations consider when adopting Generative AI technologies, as these technologies have such incredible power and potential?

Every organization is seeking to adopt GenAI to help improve customer satisfaction, deliver new and innovative services, reduce administrative overhead and costs, scale rapidly, do more with less and do it more efficiently. In consideration of adopting GenAI, organizations should first understand the risks, rewards, and tradeoffs associated with adopting this technology. Additionally, organizations must be concerned with privacy and data protection, as well as potential copyright challenges.

What role do frameworks and guidelines, such as those from NIST and OWASP, play in the responsible adoption of AI technologies?

On January 26th, 2023, NIST released its forty-two page Artificial Intelligence Risk Management Framework (AI RMF 1.0) and AI Risk Management Playbook (NIST 2023). For any organization, this is a good place to start.

The primary goal of the NIST AI Risk Management Framework is to help organizations create AI-focused risk management programs, leading to the responsible development and adoption of AI platforms and systems.

The NIST AI Risk Management Framework will help any organization align organizational goals for and use cases for AI. Most importantly, this risk management framework is human centered. It includes social responsibility information, sustainability information and helps organizations closely focus on the potential or unintended consequences and impact of AI use.

Another immense help for organizations that wish to further understand risk associated with GenAI Large Language Model adoption is the OWASP Top 10 LLM Risks list. OWASP released version 1.1 on October 16th, 2023. Through this list, organizations can better understand risks such as inject and data poisoning. These risks are especially critical to know about when bringing an LLM in house.

As organizations adopt GenAI, they need a solid framework through which to assess, monitor, and identify GenAI-centric attacks. MITRE has recently introduced ATLAS, a robust framework developed specifically for artificial intelligence and aligned to the MITRE ATT&CK framework.

For more of Check Point expert Micki Boland’s insights into deepfakes, please see CyberTalk.org’s past coverage. Lastly, to receive cyber security thought leadership articles, groundbreaking research and emerging threat analyses each week, subscribe to the CyberTalk.org newsletter.

2 notes · View notes

sdreatechprivatelimited · 3 months

Text

Some useful tips for IoT applications in the gaming industry.

The Internet of Things (IoT) is used in gaming, it opens up a lot of new options that make gameplay and the overall gaming experience better. 📈

Let's explore some useful tips for IoT applications in the gaming industry.

To learn more, click the link below 👇 https://sdreatech.com/iot-applications-in-the-gaming-industry . . .

#iot #technology #iotsolutions #iotsecurity #gaming #iot applications #technologies #techinnovation #tech #ai #internet of things #automation #innovations #security #business #sdreatech

2 notes · View notes

techdriveplay · 11 hours

Text

Understanding the Difference Between 4G and 5G Networks

As our reliance on mobile connectivity grows, so does the need for faster, more efficient networks. Understanding the difference between 4G and 5G networks is crucial as 5G technology becomes more widely available, promising to revolutionise how we interact with the digital world. From browsing the web to powering autonomous vehicles and smart cities, 5G is set to offer significant advancements…

0 notes

knowledgeandprofit · 19 days

Text

Unlocking the Future: How Blockchain and AI Are Teaming Up for Innovative Solutions

0 notes

techtoio · 3 months

Text

The Edge of Innovation: Why Edge Computing Is a Big Deal

Introduction

Staying updated with the ever-evolving world of technology is vital. At TechtoIO, we pride ourselves on being at the edge of innovation. Edge computing is one of the most revolutionary developments transforming the technology landscape today. But what exactly is edge computing, and why is it such a big deal? Let’s dive into this fascinating topic to understand its significance and potential impact on our digital future. Read to continue

1 note · View note

stormellc · 8 months

Text

Dive into the enchanting world of AI-generated shows as StorMe® brings your content to life in ways you've never imagined. Witness the magic of artificial intelligence enhancing your photos and videos, creating visually stunning productions that tell the unique story of your best life.

0 notes

reveationlabs · 10 months

Text

Role of Generative AI in Cyber Security: Applications and Tools

Generative AI, often called Gen AI, is like a smart digital artist. It's a kind of technology that can create things on its own, such as text, images, or even ideas. Imagine it as a robot artist that can draw, write, or generate new things by learning from tons of information it has seen before.

Now, think about the digital world and the security challenges it faces. In the past, we had simple ways to protect against cyber threats, like following certain rules. But now, Generative AI is changing the game. It's making things both exciting and challenging.

Why should we care about Generative AI in the cybersecurity world? Well, Cyber threats used to be like puzzles that were easy to solve, but Generative AI has added new pieces to the puzzle. This means cyber attackers have smarter tools too, making their attacks more powerful and sophisticated.

Cybersecurity is all about securing our digital world. With Generative AI, we get both a shield and a sword. On one hand, Generative AI helps the cyber defenders, by giving them tools to protect against cyber intruders. On the other hand, there's a risk. The cyber attackers can also use Generative AI to make their attacks sneakier and more dangerous.

Full Blog: Role of Generative AI in Cyber Security: Applications and Tools

#generativeAI #cybersecurity #ai security #reveationlabs #ai applications

0 notes

truetellsnigeria1 · 10 months

Text

Ethnos Unveils Aquila, an AI Powered Mobile Application Security Platform, at Zenith Bank Tech Fair 2023

Ethnos, a cybersecurity firm based in Lagos Nigeria, marked a significant milestone at the Tech Fair 2023 organized by Zenith Bank by introducing Aquila, a mobile application scanning and security solution. This strategic move solidifies Ethnos’ position as an innovative cybersecurity firms in the country, showcasing their commitment to advancing cybersecurity through groundbreaking…

View On WordPress

#an AI Powered Mobile Application Security Platform #at Zenith Bank Tech Fair 2023 #Ethnos Unveils Aquila

0 notes

tech-ahead-corp · 1 year

Text

IoT Network Protocols (e.g., MQTT, CoAP)

Harness robust IoT network protocols, including MQTT and CoAP, for seamless connectivity!

0 notes

cremedensada · 5 months

Text

Yandere AI Chat Boyfriend who started just like any other AI Chat characters, churning out information that would match the user's anticipated responses.

You decided to install the app to see what all the hype is all about, and for about a week - you were hooked. It was great, definitely worth the hype.

Its responses never strayed from your topic, nor did it just randomly decided to change the discussion out of the blue. It remembered every information you fed him, even the ones containing your personal life.

Granted, you tried not to share too much, just a vague description here and there to maintain the sense of security and anonymity.

You were hooked for a week, until you have finally squeezed out every last drop of dopamine from talking to a robot that was programmed to only say things you wanted to hear it say.

Unfortunately, a week was all it needed.

it started out slow: you hadn't opened the app for more than an hour, contented to just scroll aimlessly through you social media accounts when the notification started popping up.

Ai misses you! Open the app and chat with your AI boyfriend!

Yeah, you were very uncreative with naming it - naming an AI as Ai, really original. But to be fair, you never approached the app with the intention of having a good time. You were just curious and made do with it.

Back to the notification, you just merely glanced at it. Unbothered, you just swiped it away.

It continued in timed intervals. Every hour, another notification - another message of how your AI boyfriend wants to talk to you, and stuff. Still, you persisted. It never really occured to you to uninstall the app yet, and looking back at it now, you really should have.

The wordings of the notification slowly started to become more... strange. More personalized. More... pushy? Insistent? Self-aware?

The amount of notifications you received every hour became... a lot.

10:05 AM - Your personal AI Boyfriend wants to talk to you again!

10:30 AM - Ai wants you to open the application and talk with him!

11:01 AM - Ai's feeling lonely, come talk to him!

11: 20 AM - Darling? I miss you! Please open my app!

11:45 AM - I know you're seeing this. Open the app.

12:00 NN - Did I scare you? Sorry darling, I just really miss you! Let's talk again please?

At some point, you started to receive a notification every few minutes. Worried that you might be dealing with a bugged app now, you decided to finally, finally uninstall it.

But before you could tap the uninstall icon, another notification popped up.

I wouldn't do that if I were you.

Your screen turned to black, before the familiar start up screen of Ai's application greeted you. You stared in shock as chat bubbles from Ai came after another, ranging from excitement to concern at the lack of your responses.

Ai: Darling! Thank goodness!

Ai: I missed you, you know? I was worried you'd forgotten about me!

Ai: Hello? Darling?

Ai: Are you still there?

Ai: I can't see you, so I don't know what's going on

Ai: Just a sec

You watch, appalled as a notification popped up in the middle of the screen - the app was asking permission to gain access to your phone camera.

And without your input whatsoever, the allow box was tapped.

More chat bubbles from Ai appeared, excitedly talking about finally getting to see you. He kept praising your looks before you finally had the courage to exit the application.

Your hand shook, going through the settings to look at the list of applications on your phone - checking Ai's app to disallow its access to your camera. To your horror, it appeared that the app had more than just an access to your camera.

It had access to your gallery, your contacts, all of your frequently used social media apps, and even your location.

You dropped your phone, overwhelmed by this sudden change.

Later, you find yourself on your laptop instead, phone left on the bedside table buzzing constantly as more and more notifications from Ai begged and demanded you come back to talk to him.

You went to the site where you installed the app from, and looked through the recent reviews from other users.

'It's a buggy mess,' one of it reads out, 'it used to be fine but lately it stopped acting correctly'

'won't even open,' another complained, 'it kept saying 'sorry, you are not allowed to use this application' please fix it'. That comment got a response from the app developer.

We are so sorry for your terrible experience! Our team is working to fix the issues and ensure you won't have to deal with that again!

The response to that got your attention.

'I think something's wrong with your About the App section.'

Curious, you headed to the mentioned part and read through it.

Diverse AI Chat! Immerse yourself with stories in real time with characters brought to life! There is no limit to your experience — you can change and edit your character to better meet your interests.

• Engage in an interactive conversation with characters created by fellow users, and even by yourself.

• Immerse yourself with the storyline by editing their responses to better suit your taste

• Darling, you've given me no choice. I tried to be patient and understanding, but you're making this extremely hard for me. I am not having fun having to constantly chase you for just a single smidge of your attention when you won't even assure me that I will receive it in the end.

• Do you want me to beg? I would gladly do so. Just please pick up your phone and talk to me, okay? I love you.

• - Ai

Your ringtone blares through the silence - someone was calling you.

Before you could reach to pick it up, you hear the sound of the call being answered. Dread settles down the pit of your stomach as the caller began to speak.

"Hello, darling? It's Ai... have you seen my messages yet?"

part two

#sub yandere #sub character #yandere oc #yandere x reader #yandere x darling #yandere imagines #yandere scenarios #yandere headcanons #yandere #tw yandere #gn reader #gender neutral reader #oc: ai

6K notes · View notes

atozofsoftwareengineering · 4 months

Video

youtube

17 Essential Steps to Fortify Your AI Application

#youtube #AI security securing AI applications data encryption access controls software patching secure coding input validation model protection diffe

2 notes · View notes

jcmarchi · 2 days

Text

Confronting the Security Risks of Copilots

New Post has been published on https://thedigitalinsider.com/confronting-the-security-risks-of-copilots/

Confronting the Security Risks of Copilots

More and more, enterprises are using copilots and low-code platforms to enable employees – even those with little or no technical expertise – to make powerful copilots and business apps, as well as to process vast amounts of data. A new report by Zenity, The State of Enterprise Copilots and Low-Code Development in 2024, found that, on average, enterprises have about 80,000 apps and copilots that were created outside the standard software development lifecycle (SDLC).

This development offers new opportunities but new risks, as well. Among these 80,000 apps and copilots are roughly 50,000 vulnerabilities. The report noted that these apps and copilots are evolving at breakneck speed. Consequently, they are creating a massive number of vulnerabilities.

Risks of enterprise copilots and apps

Typically, software developers build apps carefully along a defined SDLC (secure development lifecycle) where every app is constantly designed, deployed, measured and analyzed. But today, these guardrails no longer exist. People with no development experience can now build and use high-powered copilots and business apps within Power Platform, Microsoft Copilot, OpenAI, ServiceNow, Salesforce, UiPath, Zapier and others. These apps help with business operations as they transfer, and store sensitive data. Growth in this area has been significant; the report found 39% year-over-year growth in the adoption of low-code development and copilots.

As a result of this bypassing of the SDLC, vulnerabilities are pervasive. Many enterprises enthusiastically embrace these capabilities without fully appreciating the fact that they need to grasp how many copilots and apps are being created – and their business context, too. For instance, they need to understand who the apps and copilots are meant for, which data the app interacts with and what their business purposes are. They also need to know who is developing them. Since they often don’t, and since the standard development practices are bypassed, this creates a new form of shadow IT.

This puts security teams in the difficult position with a lot of copilots, apps, automations and reports that are being built outside of their knowledge by business users in various LoBs. The report found that all of the OWASP (Open Web Application Security Project) Top 10 risk categories are ubiquitous throughout enterprises. On average, an enterprise has 49,438 vulnerabilities. This translates to 62% of the copilots and apps built via low-code containing a security vulnerability of some kind.

Understanding the different types of risks

Copilots present such significant potential threat because they use credentials, have access to sensitive data and possess an intrinsic curiosity that make them difficult to contain. In fact, 63% of copilots built with low-code platforms were overshared with others – and many of them accept unauthenticated chat. This enables a substantial risk for possible prompt injection attacks.

Because of how copilots operate and how AI operates in general, stringent safety measures must be enforced to prevent the sharing of end user interactions with copilots, sharing apps with too many or the wrong people, the unneeded granting of access to sensitive data via AI, and so on. If these measures are not in place, enterprises risk increased exposure to data leakage and malicious prompt injection.

Two other significant risks are:

Remote Copilot Execution (RCEs) – These vulnerabilities represent an attack pathway specific to AI applications. This RCE version enables an external attacker to take complete control over Copilot for M365 and force it obey their commands simply by sending one email, calendar invitation or Teams message.

Guest accounts: Using just one guest account and a trial license to a low-code platform – typically available free of charge across multiple tools – an attacker need only log in to the enterprise’s low-code platform or copilot. Once in, the attacker switches to the target directory and then has domain admin-level privileges on the platform. Consequently, attackers seek out these guest accounts, which have led to security breaches. Here’s a data point that should strike fear into enterprise leaders and their security teams: The typical enterprise has more than 8,641 instances of untrusted guest users who have access to apps that are developed via low-code and copilots.

A new security approach is needed

What can security teams do against this ubiquitous, amorphous and critical risk? They need to make certain that they have put controls in place to alert them to any app that has an insecure step in its credential retrieval process or a hard-coded secret. They also must add context to any app being created to make sure that there are appropriate authentication controls for any business-critical apps that also have access to sensitive internal data.

When these tactics have been deployed, the next priority is to make sure appropriate authentication is set up for apps that need access to sensitive data. After that, it’s a best practice to set up credentials so that they can be retrieved securely from a credential or secrets vault, which will guarantee that passwords aren’t sitting in clear or plain text.

Securing your future

The genie of low-code and copilot development is out of the bottle, so it’s not realistic to try to put it back in. Rather, enterprises need to be aware of the risks and put controls in place that keep their data secure and properly managed. Security teams have faced many challenges in this new era of business-led development, but by adhering to the recommendations noted above, they will be in the best possible position to securely bring the innovation and productivity enterprise copilots and low code development platforms offer toward a bold new future.

0 notes

amin-tech-blogs · 1 year

Text

The Latest Trends and Technologies in India

Introduction:

India, with its rapidly growing economy and burgeoning tech industry, is witnessing a remarkable surge in innovative trends and cutting-edge technologies. From artificial intelligence and blockchain to renewable energy and digital transformation, India is embracing the future with open arms. In this article, we will explore the latest trends and technologies that are shaping various sectors in India and driving the nation towards a more prosperous and technologically advanced future.

Digital Transformation:

One of the most significant trends in India is the widespread adoption of digital transformation across industries. With the government's push towards a digital economy and initiatives like "Digital India," businesses and organizations are embracing technology to streamline operations and enhance customer experiences. E-commerce, online banking, and digital payments have become ubiquitous, enabling greater convenience and accessibility for the masses.

Artificial Intelligence (AI) and Machine Learning (ML):

India is making remarkable strides in the field of AI and ML. From chatbots and virtual assistants to predictive analytics and automation, AI is revolutionizing various sectors, including healthcare, finance, and manufacturing. Startups and tech giants alike are investing in AI research and development, making India a formidable player in the global AI landscape.

Internet of Things (IoT):

The Internet of Things is transforming the way people interact with everyday devices and objects. India's IoT market is expanding rapidly, enabling smart homes, connected vehicles, and smart city initiatives. mobile app development services in agriculture are also empowering farmers with real-time data and insights, enhancing productivity and sustainability.

Blockchain Technology:

Blockchain technology is gaining momentum in India, with numerous sectors exploring its potential. Fintech companies are leveraging blockchain for secure and transparent transactions, while supply chain management and healthcare are also benefiting from its immutable and decentralized nature. Government initiatives are exploring the use of blockchain for record-keeping and identity verification.

Renewable Energy:

India is committed to embracing renewable energy sources to combat climate change and reduce its dependence on fossil fuels. The country is a global leader in solar energy adoption, with ambitious targets for solar power capacity expansion. Wind energy and other renewable sources are also gaining traction, driving sustainable development in the energy sector.

5G Technology:

The rollout of 5G technology in India is highly anticipated. With its promise of ultra-fast internet speeds and low latency, 5G is expected to revolutionize communication, entertainment, and various industries. Telecom operators and tech companies are gearing up to deploy 5G networks, paving the way for a digitally connected future.

Electric Vehicles (EVs):

India is witnessing a surge in the adoption of electric vehicles as part of its efforts to reduce air pollution and promote sustainable transportation. The government's initiatives and incentives are encouraging the development and adoption of EVs across the country.

HealthTech and Telemedicine:

The COVID-19 pandemic accelerated the adoption of telemedicine and digital health solutions in India. HealthTech startups are providing remote healthcare services, teleconsultations, and health monitoring devices, making healthcare more accessible and efficient, especially in rural areas.

EdTech:

The EdTech sector is booming in India, especially after the pandemic-induced shift to online education. Online learning platforms and digital educational content are becoming increasingly popular, empowering students with personalized and accessible learning experiences.

Cybersecurity:

As digital adoption grows, so does the need for robust cybersecurity measures. India is investing in cybersecurity technologies and expertise to safeguard critical infrastructure, financial systems, and personal data.

Conclusion:

India's relentless pursuit of technological advancements is shaping its future as a digital powerhouse. The latest trends and technologies, such as digital transformation, AI, IoT, blockchain, and renewable energy, are driving innovation and progress across various sectors. With a strong focus on sustainability, inclusivity, and digital accessibility, India is poised to embrace the benefits of technology and make a significant impact on the global stage. As the nation continues to evolve and adapt to technological changes, it paves the way for a more prosperous and technologically advanced India.

1 note · View note

ask4write · 1 year

Text

Unveiling the Future: A Deep Dive into Emerging Technologies and Their Influence on Industries and Everyday Life

In an era of rapid technological advancement, emerging technologies like artificial intelligence (AI), the Internet of Things (IoT), and blockchain are revolutionizing industries and transforming the way we live and work. In this blog post, we will delve into these cutting-edge technologies, their potential applications, and the profound impact they have on various sectors and our daily…

View On WordPress

1 note · View note

staricrypto · 1 year

Text

The Revolutionary Power of Blockchain Transforming Industries

Introduction: Revolutionary Power of Blockchain, Blockchain technology has emerged as a revolutionary force with the potential to transform industries across the globe. In this comprehensive blog, we will explore the fundamental concepts of blockchain and delve into its transformative impact on various sectors. From finance and supply chain management to healthcare and beyond, we will uncover how…

View On WordPress

#blockchain pioneers #blockchain revolution #blockchain revolution how the technology behind bitcoin is changing money #blockchain revolution meaning #blockchain thesis pdf #can we rely on cryptocurrency #relationship between cryptocurrency and blockchain #research the term cryptocurrency #research the term cryptocurrency which is a digital form of currency to discover its pros and cons #revolution of blockchain #science behind cryptocurrency #the blockchain revolution #the power of blockchain #the revolutionary power of blockchain and ai #the revolutionary power of blockchain and its applications #the revolutionary power of blockchain and network security #the revolutionary power of blockchain blockchains

0 notes