Have some tips? Write it down and share it to your friends!
Click Login Now button to start!
Google is expanding its Vulnerability Rewards Program (VRP) to reward researchers who uncover potential threats specific to generative artificial intelligence (AI) systems. This initiative aims to enhance AI safety and security by addressing concerns like unfair bias, model manipulation, and data misinterpretations associated with generative AI. The program covers various categories, including prompt injections, data leakage from training datasets, model manipulation, adversarial attacks, and model theft.
In addition to this, Google has established an AI Red Team to combat AI system threats under its Secure AI Framework (SAIF). They are also working to reinforce the AI supply chain by participating in open-source security initiatives like Supply Chain Levels for Software Artifacts (SLSA) and Sigstore, which provide tools for software verification and identifying...
November 1, 2023 22:06 (on 11/2/23) | 0 |
1 minute read
Binarly's recent findings reveal a security loophole in the Lighttpd web server utilized within baseboard management controllers (BMCs), left unaddressed by major device manufacturers like Intel and Lenovo. Originally discovered and patched by Lighttpd maintainers in August 2018, the absence of a CVE identifier or advisory led to its oversight by developers of AMI MegaRAC BMC, thus integrating it into Intel and Lenovo products.
Lighttpd, known for its speed, security, and efficiency, harbored an out-of-bounds read vulnerability silently fixed by Lighttpd maintainers, which could facilitate data exfiltration, including process memory addresses, undermining crucial security measures like ASLR.
Binarly emphasizes the detrimental impact of lacking prompt and critical security information, hindering effective handling of fixes along...
April 16, 2024 02:28 (on 4/16/24) | 0 |
2 minutes read
Google has delayed its plan to remove third-party tracking cookies from its Chrome browser amid ongoing concerns from U.K. regulators about its Privacy Sandbox initiative. The company is working closely with the U.K. Competition and Markets Authority (CMA) to address these issues and hopes to reach an agreement by the end of the year.
The new timeline involves beginning the phase-out of third-party cookies early next year, marking the third postponement since the plan was announced in 2020. Privacy Sandbox offers privacy-focused alternatives to tracking cookies for personalized advertising. Although Google has introduced some features to a subset of Chrome users, the U.K. watchdogs monitor the implementation to ensure it benefits consumers and doesn't favor Google's advertising technology.
Meanwhile, Apple and Mozilla...
April 26, 2024 00:39 (on 4/26/24) | 0 |
2 minutes read
Hey there! Are you ready to test your cybersecurity knowledge and earn some rewards? Take our November 2023 Cybersecurity Quiz and see how well you stack up against the latest threats and best practices.
We've crafted this quiz to challenge your security posture with 15 interactive questions. Answer at least 80% correctly, and you'll be awarded 300 DREAMPOINTS!
- Ensure you are logged in to Security Tips with your Cloudstaff Google account to access the quiz.
- Navigate to 'Quizzes' in the menu.
- From there, select the 'November 2023 Cybersecurity Awareness Quiz' or simply click the following link: https://securitytips.cloudstaff.com/quizzes/view/100
It's that easy!
Don't wait any longer to test your cybersecurity knowledge and earn rewards. Take our quiz now and see how much you know about protecting yourself and your...
November 2, 2023 00:10 (on 11/2/23) | 0 | 1 minute read