Information Security
- • 100%safecontrols.blog AI-Powered Threat Hunting on Linux Servers: Honeypot Experiment and Privilege Escalation
Microsoft’s Copilot for Security has both positive and negative reviews, but using AI for log analysis is enticing. An insecure Linux server is set up, vulnerable to brute-force attacks and p…
I tested using Google's Gemini as a helping hand in Linux log based threat hunting - and it is actually helpful, although not ready to take the security analyst's job (yet).
- • 100%safecontrols.blog Teaching smart things cyber self defense: ships and cars that fight back
We build self-driving cars and ships, but we don’t teach them to defend against cyber adversaries. Here’s what needs to change about that!
A blog post I made based on discussions at a conference last week - we need to teach smart things like self driving cars and ships to defend themselves against cyber attacks. This outlines how we should approach it.
- chaos.social ~n (@nblr@chaos.social)
This is fine... "We observed that participants who had access to the AI assistant were more likely to introduce security vulnerabilities for the majority of programming tasks, yet were also more likely to rate their insecure answers as secure compared to those in our control group." https://arxiv.o...
cross-posted from: https://programming.dev/post/8121843
> ~n (@nblr@chaos.social) writes: > > >This is fine... > >>"We observed that participants who had access to the AI assistant were more likely to introduce security vulnerabilities for the majority of programming tasks, yet were also more likely to rate their insecure answers as secure compared to those in our control group." > > > >[Do Users Write More Insecure Code with AI Assistants?](https://arxiv.org/abs/2211.03622? > >
I am curious if anyone has advice on a good start to get into InfoSec. I just bought a car, used a separate phone number and somehow marketers found my actual number, so want to get a better handle on how to handle personal data.
Now ever since I got a label printer I made it a habit to... well... label everything. It's been the a gamechanger in organizing my stuff.
This habit includes having a tiny label with my street address and mail address on most any item that I loan away or tend to regularly lug around with me as a general reminder of ownership. I forget about and lose stuff all the time, so this gives me some piece of mind with most of my medium-value little gadgets. I believe (and have experienced) that people are generally decent and will return lost stuff to me if it's easy for them to find out to whom it belongs.
Now it has occurred to me that this practice might be detrimental when applied to a smart cards in general and my Yubikeys in particular. After all, shouldn't a lost Yubikey be considered "tampered with/permanently lost" anyway, whether it's returned or not? And wouldn't an Email address on the key just increase the risk of some immediate abuse of the key's contents, i.e. GPG private keys, that would otherwise not be possible?
Or am I overhtinking this?
- www.zmescience.com WiFi routers can see people through walls. Here's how it works
With the help of AI, the researchers were able to detect the movement of human bodies in a room using Wi-Fi routers -- even through walls.
cross-posted from: https://lemmy.kevitprojects.com/post/8452
> What do you guys think about this?
It was a meme about a cyber security guy not giving out his personal information, not even to girls he likes. I can't find it on here anymore
