Threat Intelligence February 14, 2025 Smoltalk: RCE in open source agents 26 min read - Big shoutout to Hugging Face and the smolagents team for their cooperation and quick turnaround for a fix! Introduction Recently, I have been working on a side project to automate some pentest reconnaissance with AI agents. Just after I started…
Risk Management February 14, 2025 4 ways to bring cybersecurity into your community 4 min read - It’s easy to focus on technology when talking about cybersecurity. However, the best prevention measures rely on the education of those who use technology. Organizations training their employees is the first step. But the industry needs to expand the concept…
Artificial Intelligence February 13, 2025 How red teaming helps safeguard the infrastructure behind AI models 4 min read - Artificial intelligence (AI) is now squarely on the frontlines of information security. However, as is often the case when the pace of technological innovation is very rapid, security often ends up being a secondary consideration. This is increasingly evident from…
Risk Management February 12, 2025 When you shouldn’t patch: Managing your risk factors 4 min read - Look at any article with advice about best practices for cybersecurity, and about third or fourth on that list, you’ll find something about applying patches and updates quickly and regularly. Patching for known vulnerabilities is about as standard as it…
Intelligence & Analytics February 6, 2025 Hacking the mind: Why psychology matters to cybersecurity 4 min read - In cybersecurity, too often, the emphasis is placed on advanced technology meant to shield digital infrastructure from external threats. Yet, an equally crucial — and underestimated — factor lies at the heart of all digital interactions: the human mind. Behind…
Artificial Intelligence February 13, 2025 How red teaming helps safeguard the infrastructure behind AI models 4 min read - Artificial intelligence (AI) is now squarely on the frontlines of information security. However, as is often the case when the pace of technological innovation is very rapid, security often ends up being a secondary consideration. This is increasingly evident from…
Risk Management February 14, 2025 4 ways to bring cybersecurity into your community 4 min read - It’s easy to focus on technology when talking about cybersecurity. However, the best prevention measures rely on the education of those who use technology. Organizations training their employees is the first step. But the industry needs to expand the concept…
Artificial Intelligence February 11, 2025 The straight and narrow — How to keep ML and AI training on track 3 min read - Artificial intelligence (AI) and machine learning (ML) have entered the enterprise environment. According to the IBM AI in Action 2024 Report, two broad groups are onboarding AI: Leaders and learners. Leaders are seeing quantifiable results, with two-thirds reporting 25% (or…
Incident Response February 10, 2025 Reducing ransomware recovery costs in education 4 min read - 2024 continued the trend of ransomware attacks in the education sector making headlines. The year opened with Freehold Township School District in New Jersey canceling classes due to a ransomware attack. Students at New Mexico Highlands University missed classes for several…
Artificial Intelligence February 7, 2025 Will AI threaten the role of human creativity in cyber threat detection? 4 min read - Cybersecurity requires creativity and thinking outside the box. It’s why more organizations are looking at people with soft skills and coming from outside the tech industry to address the cyber skills gap. As the threat landscape becomes more complex and…