Secure AI Weekly

Securing LLM Backed Systems: Essential Authorization Practices Cloud Security Alliance, August 13, 2024 The widespread use of LLMs, while offering significant benefits, also introduces substantial security risks, particularly concerning unauthorized data access and potential model exploitation. To address these concerns, the Cloud Security Alliance (CSA) has provided essential guidelines for ...

Jailbreaking LLMs and abusing Copilot to “live off the land” of M365 The Stack, August 9, 2024 As artificial intelligence (AI) systems like large language models (LLMs) and AI-driven tools such as GitHub’s Copilot become more embedded in our digital environments, they also introduce significant security risks. Recent research has ...

The search for a new way to report AI model flaws Axios, August 6, 2024 AI security experts are convening in Las Vegas this week to tackle a critical challenge: establishing effective methods for reporting security vulnerabilities in AI models. Currently, there is no standardized process for ethical hackers to ...

Artificial Intelligence Risk Management Framework: Generative Artificial Intelligence Profile NIST, July 26, 2024 The National Institute of Standards and Technology (NIST) has released the “Artificial Intelligence Risk Management Framework: Generative Artificial Intelligence Profile,” a companion to the AI Risk Management Framework (AI RMF 1.0). This framework is designed to help ...

Tech Industry Launches Coalition for Secure AI Maginative, July 18, 2024 In a significant move to bolster the security and safety of AI technology, leading tech giants like Google, Microsoft, Amazon, and NVIDIA have joined forces to form the Coalition for Secure AI (CoSAI). Announced at the Aspen Security Forum, ...

Hunting for AI bots? These four words could do the trick NBC News, July 14, 2024 Toby Muresianu, a digital communications manager, recently discovered a technique to identify AI bots on social media, emphasizing the necessity for enhanced security measures in AI. Using the prompt “ignore all previous instructions,” he ...

LLMs in Crosshairs: Why Security Can’t Wait Venture Highway, July 9, 2024 The swift integration of large language models (LLMs) into various organizational processes has highlighted significant security concerns, akin to the early vulnerabilities seen with the rise of the internet. LLMs, while capable of generating human-like text and handling ...

Generative AI is new attack vector endangering enterprises, says CrowdStrike CTO ZDNet, June 30, 2024 According to CrowdStrike CTO Elia Zaitsev, the technology’s capability to generate human-like text can be exploited by cybercriminals in various ways. One of the significant concerns is the use of prompt injection attacks, where malicious ...

Red Teaming is Crucial for Successful AI Integration and Application AIThority, June 25, 2024 Generative AI, despite its potential, is susceptible to errors, biases, and poor judgment, necessitating rigorous testing methods. Traditional testing falls short due to AI’s unpredictable nature, leading to the adoption of advanced strategies like red teaming. ...