This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Nội dung được cung cấp bởi MySecurity Media. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được MySecurity Media hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.
Tương tự như Cyber Security Weekly Podcast
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
A daily dose of irreverent, offbeat, and informative takes on business & tech news. Hosted by Jon Weigell, Juliet Bennett Rylah, Mark Dent, Ben Berkley, Sara Friedman and Rob Litterst from The Hustle.
…
continue reading
The economy and the markets are "under surveillance" as we cover the latest in finance, economics and investment. Listen to Jonathan Ferro, Lisa Abramowicz and Annmarie Hordern for the top interviews from Bloomberg Surveillance Television. And join Tom Keene and Paul Sweeney for the best conversations from Bloomberg Surveillance Radio. Watch Surveillance TV LIVE each mornings: http://bit.ly/3P7nstQ. Watch Surveillance Radio LIVE weekday mornings: http://bit.ly/3vTiACF.
…
continue reading
Technical interviews about software topics.
…
continue reading
Daily update on current cyber security threats
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Welcome to Crimetown, a series produced by Marc Smerling and Zac Stuart-Pontier in partnership with Gimlet Media. Each season, we investigate the culture of crime in a different city. In Season 2, Crimetown heads to the heart of the Rust Belt: Detroit, Michigan. From its heyday as Motor City to its rebirth as the Brooklyn of the Midwest, Detroit’s history reflects a series of issues that strike at the heart of American identity: race, poverty, policing, loss of industry, the war on drugs, an ...
…
continue reading
Tempers fly as the newsmakers of the week face-off in this award-winning show. Anchored by Sanket Upadhyay, this weekly program has politicians battlling wits with a live audience.
…
continue reading
An independent podcast examining what the U.S. Congress is doing with our money and in our names. www.congressionaldish.com Follow @JenBriney on Twitter
…
continue reading
Player FM - Ứng dụng Podcast
Chuyển sang chế độ ngoại tuyến với ứng dụng Player FM !
Chuyển sang chế độ ngoại tuyến với ứng dụng Player FM !
))
Episode 402 - AI Security - Backdoors and Poisoned Data
Manage episode 419874700 series 1854687
Nội dung được cung cấp bởi MySecurity Media. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được MySecurity Media hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.
In this interview at Black Hat Asia 2024, we spoke with Adrian Wood and Mary Walker, security engineers from Dropbox, about the critical issues surrounding AI security, backdoors, and malware.
Adrian and Mary explained that many users rely on pre-existing machine learning (ML) models from public repositories rather than creating their own. This introduces vulnerabilities similar to those found in open-source software. Using in-house data requires careful handling to avoid bias and unintended consequences, while third-party models can be compromised.
They emphasized that downloading and running models from the internet can introduce malware. Attackers can backdoor models to alter their functions or insert malicious code, posing significant threats, especially in sensitive industries.
Adrian and Mary also stressed the importance of understanding the ML environment, ensuring proper logging, and having incident response plans in place. Companies should prepare by conducting tabletop exercises and securing their supply chains.
For more educational information on machine learning: https://gist.github.com/5stars217/236bab5d1d8d50e9785a4136aca8cf20
--------
Dropbox, Security Engineer - Adrian Wood, aka threlfall, currently works for Dropbox on their red team. He has worked as a red team consultant for WHITEHACK, a company he founded, and later as a lead engineer for an offensive security research team at a US bank. His research recently has been in supply chain attacks on CI/CD and ML systems, which includes maintaining the offsec ml playbook and has presented on these topics at DEFCON 30, 31, the DEFCON AI village, Cackalackycon and more.
Dropbox, Security Engineer - Mary Walker, aka mairebear, currently works for Dropbox on their threat intelligence team; she splits her time at work between research (primarily focused on ML) and building tooling to help her team move faster. She's previously worked at a major online retailer on their malware analysis and forensics team, a US bank on their red team, and an energy company in their SOC. Her background is primarily in DFIR and malware analysis, with a keen interest in production environments.
Recorded 18th April 2024, 4.30pm, BlackHat Asia 2024, Singapore
#BHAsia #mysecuritytv #blackhat
155 tập
Chia sẻ
Manage episode 419874700 series 1854687
Nội dung được cung cấp bởi MySecurity Media. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được MySecurity Media hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.
In this interview at Black Hat Asia 2024, we spoke with Adrian Wood and Mary Walker, security engineers from Dropbox, about the critical issues surrounding AI security, backdoors, and malware.
Adrian and Mary explained that many users rely on pre-existing machine learning (ML) models from public repositories rather than creating their own. This introduces vulnerabilities similar to those found in open-source software. Using in-house data requires careful handling to avoid bias and unintended consequences, while third-party models can be compromised.
They emphasized that downloading and running models from the internet can introduce malware. Attackers can backdoor models to alter their functions or insert malicious code, posing significant threats, especially in sensitive industries.
Adrian and Mary also stressed the importance of understanding the ML environment, ensuring proper logging, and having incident response plans in place. Companies should prepare by conducting tabletop exercises and securing their supply chains.
For more educational information on machine learning: https://gist.github.com/5stars217/236bab5d1d8d50e9785a4136aca8cf20
--------
Dropbox, Security Engineer - Adrian Wood, aka threlfall, currently works for Dropbox on their red team. He has worked as a red team consultant for WHITEHACK, a company he founded, and later as a lead engineer for an offensive security research team at a US bank. His research recently has been in supply chain attacks on CI/CD and ML systems, which includes maintaining the offsec ml playbook and has presented on these topics at DEFCON 30, 31, the DEFCON AI village, Cackalackycon and more.
Dropbox, Security Engineer - Mary Walker, aka mairebear, currently works for Dropbox on their threat intelligence team; she splits her time at work between research (primarily focused on ML) and building tooling to help her team move faster. She's previously worked at a major online retailer on their malware analysis and forensics team, a US bank on their red team, and an energy company in their SOC. Her background is primarily in DFIR and malware analysis, with a keen interest in production environments.
Recorded 18th April 2024, 4.30pm, BlackHat Asia 2024, Singapore
#BHAsia #mysecuritytv #blackhat
155 tập
Tất cả các tập
×
Chào mừng bạn đến với Player FM!
Player FM đang quét trang web để tìm các podcast chất lượng cao cho bạn thưởng thức ngay bây giờ. Đây là ứng dụng podcast tốt nhất và hoạt động trên Android, iPhone và web. Đăng ký để đồng bộ các theo dõi trên tất cả thiết bị.
Tương tự như Cyber Security Weekly Podcast
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
A daily dose of irreverent, offbeat, and informative takes on business & tech news. Hosted by Jon Weigell, Juliet Bennett Rylah, Mark Dent, Ben Berkley, Sara Friedman and Rob Litterst from The Hustle.
…
continue reading
The economy and the markets are "under surveillance" as we cover the latest in finance, economics and investment. Listen to Jonathan Ferro, Lisa Abramowicz and Annmarie Hordern for the top interviews from Bloomberg Surveillance Television. And join Tom Keene and Paul Sweeney for the best conversations from Bloomberg Surveillance Radio. Watch Surveillance TV LIVE each mornings: http://bit.ly/3P7nstQ. Watch Surveillance Radio LIVE weekday mornings: http://bit.ly/3vTiACF.
…
continue reading
Technical interviews about software topics.
…
continue reading
Daily update on current cyber security threats
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Welcome to Crimetown, a series produced by Marc Smerling and Zac Stuart-Pontier in partnership with Gimlet Media. Each season, we investigate the culture of crime in a different city. In Season 2, Crimetown heads to the heart of the Rust Belt: Detroit, Michigan. From its heyday as Motor City to its rebirth as the Brooklyn of the Midwest, Detroit’s history reflects a series of issues that strike at the heart of American identity: race, poverty, policing, loss of industry, the war on drugs, an ...
…
continue reading
Tempers fly as the newsmakers of the week face-off in this award-winning show. Anchored by Sanket Upadhyay, this weekly program has politicians battlling wits with a live audience.
…
continue reading
An independent podcast examining what the U.S. Congress is doing with our money and in our names. www.congressionaldish.com Follow @JenBriney on Twitter
…
continue reading
Player FM - Ứng dụng Podcast
Chuyển sang chế độ ngoại tuyến với ứng dụng Player FM !
Chuyển sang chế độ ngoại tuyến với ứng dụng Player FM !
