The hottest Security Substack posts right now

And their main takeaways
Category
Top U.S. Politics Topics

Frame AI risk using the NIST RMF

Deploy Securely 98 implied HN points 09 Jun 23
🕹 Technology AI Risk management Security Governance Compliance
  1. The NIST AI Risk Management Framework provides a governance, risk, and compliance framework for artificial intelligence.
  2. The document highlights the challenges in AI risk management, including identifying and cataloging risks, emergent risks, and availability of reliable metrics.
  3. The criteria to evaluate AI systems include validity, safety, security, accountability, transparency, privacy, and fairness in managing harmful bias.

Third-Party Security Risks

Rod’s Blog 39 implied HN points 04 Mar 24
🕹 Technology Security Risk management Technology Tools Data Breaches
  1. In the interconnected business landscape, managing third-party risks is crucial to protect sensitive information. Careful vendor selection, effective risk management strategies, and strong contracts can help minimize risks.
  2. Third-party risks can lead to severe consequences like financial losses, legal liabilities, reputation damage, and regulatory penalties. This highlights the importance of proactively addressing these risks.
  3. Common types of third-party risks include data breaches, system compromises, non-compliance with regulations, and supply chain disruptions. Understanding and mitigating these risks are key for organizational security.

Time to Double Down

Diane Francis 459 implied HN points 31 Mar 22
🌍 World Politics International relations Geopolitics Conflict Studies Security Foreign Policy
  1. Russia is being described as a criminal organization driven by a passionate leader. They seem focused on taking control of parts of Ukraine.
  2. The message emphasizes the need for a strong response to aggression, implying that weakness won't lead to good outcomes.
  3. There's a sense that the situation calls for serious commitment and action, rather than avoiding tough choices.

The GenAI D&R Revolution Begins

Detection at Scale 19 implied HN points 13 May 24
🕹 Technology AI Security Automation Data Analysis Tools
  1. Security companies at RSA are increasingly focusing on AI to enhance Detection and Response (D&R) processes.
  2. Automated Tier 1 Triage using autonomous SOC analysts can streamline alert triage and analysis, improving efficiency for SecOps teams.
  3. GenAI can also improve D&R through AI-powered chatbots for automating organizational Q&A and log summarization for quicker insights and analysis.

Adversarial Examples in AI

Rod’s Blog 39 implied HN points 29 Feb 24
🕹 Technology AI Security Research Algorithms
  1. Adversarial examples can deceive AI systems by manipulating inputs, leading to incorrect outcomes in various domains like medical imaging and autonomous vehicles.
  2. Understanding these risks is crucial for building effective defenses and creating awareness about the vulnerabilities in AI systems.
  3. Researchers are actively working to develop robust defenses against adversarial attacks to enhance the security and reliability of AI technology.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

A First Principles guide to Data Availability: Part 1

Matthew’s Substack 39 implied HN points 28 Feb 24
🔮 Crypto Blockchain Web3 Data Security Infrastructure
  1. Data Availability (DA) is important for blockchain because it allows data to be accessible and verified by users. It helps ensure security, especially for rollups on Ethereum.
  2. Rollups process transactions on cheaper chains but rely on Ethereum's main network for security by posting necessary data. This means Ethereum validates transactions and can handle fraud cases effectively.
  3. The future of Data Availability includes new methods to lower costs and improve scalability, like Danksharding. This could make it easier to store data efficiently while maintaining security.

Calling Vlad's Bluff

Diane Francis 519 implied HN points 13 Jan 22
🌍 World Politics Geopolitics Conflict Diplomacy Security International relations
  1. Many people are not worried about the possible Russian invasion of Ukraine because they have other pressing issues, like rising gas prices and COVID-19. It shows how different countries prioritize their concerns.
  2. In Western Europe, there is a strong sense of disbelief about Putin's actions due to the trauma from past world wars. This reflects a hesitant attitude towards viewing Russia as a real threat.
  3. The idea that Russia is engaging in a 'slow-motion hybrid war' is becoming more accepted, but not everyone sees it as a significant danger yet. People seem to underplay the risks involved.

I Say This Unironically: Our Society Is Not Prepared For This Much Awesome

jonstokes.com 319 implied HN points 21 Feb 23
🕹 Technology AI Education Culture Security Creativity
  1. Generative AI is rapidly changing many aspects of society, affecting everything from artistic creation to education.
  2. Efforts to detect AI-generated content are ineffective, posing challenges for access control and gatekeeping.
  3. AI tools have the potential to enhance educational experiences, improve learning outcomes, but may also disrupt traditional credentialing systems.

Google Gemini and the Responsible AI Conundrum

Rod’s Blog 39 implied HN points 26 Feb 24
🕹 Technology AI Data Ethics Security Government
  1. Google's Gemini AI models are designed for various tasks and are based on responsible AI principles, but faced challenges like data poisoning attacks.
  2. The data poisoning attack on Google's Gemini showed the model's vulnerability and raised questions about the effectiveness of Google's Responsible AI policy.
  3. Experts suggest that Google should have better safeguards for data quality, transparency in model deployment, and more engagement with the AI community to address ethical implications.

Preventing model exfiltration with upload limits

Redwood Research blog 19 implied HN points 08 May 24
🕹 Technology Security Compression Modeling Encryption
  1. Preventing model exfiltration can be crucial for security; setting upload limits can be a simple yet effective way to protect large model weights from being stolen.
  2. Implementing compression schemes for model generations can significantly reduce the amount of data that needs to be uploaded, providing an additional layer of protection against exfiltration.
  3. Limiting uploads, tracking and controlling data flow from data centers, and restricting access to model data are practical approaches to making exfiltration of model weights harder for attackers.

The Challenges and Benefits of Quantum Computing Security

Rod’s Blog 39 implied HN points 19 Feb 24
🕹 Technology Quantum Computing Cryptography Security
  1. Quantum computing poses a serious threat to conventional cryptography due to powerful quantum algorithms like Shor's and Grover's, which can compromise commonly used encryption schemes.
  2. Preparing for quantum computing challenges now can lead to the development of quantum-resistant cryptography, using both classical and quantum techniques to withstand quantum attacks and enhance security.
  3. Quantum cryptography offers innovative possibilities like quantum key distribution and quantum secure communication, driving collaboration and innovation across various fields to enhance security and privacy.

Frankly Speaking - Cloudflare is the most underrated security company

Frankly Speaking 254 implied HN points 18 Apr 23
🕹 Technology Security Networking Infrastructure Sales Market Analysis
  1. Cloudflare is considered an underrated security company in the industry, focusing on SASE and zero-trust solutions.
  2. Cloudflare's infrastructure is seen as a strong advantage and moat, making it valuable and defendable against competition.
  3. Cloudflare is making a bet on the future by targeting DevOps and security engineers for their products, showing a shift in the market towards software being purchased by technical personnel.

What Europe Must Do Now in 10 Steps

Phillips’s Newsletter 96 implied HN points 05 Feb 24
🌍 World Politics European Union Security Membership Democracy
  1. European states need to prepare for potential security challenges without relying on the US.
  2. The European Union should take on more responsibility for European security, including integrating Ukraine and UK, and removing non-democratic states.
  3. Immediate steps are needed to support Ukraine in the war, requiring quick and decisive action from European states.

Best Infosec-Related Long Reads for the Week of 2/3/24

Metacurity 39 implied HN points 10 Feb 24
🕹 Technology Security AI Cyberattacks Data Privacy
  1. London Underground is testing AI surveillance tools to monitor passengers, aiming to improve safety but facing challenges like recognizing objects accurately and potential privacy concerns.
  2. Transitioning from passwords to passkeys promises enhanced security but requires users to adapt to new ways of authentication and storage methods like dedicated password managers or physical security keys.
  3. Using SMS for account logins can lead to security vulnerabilities like SIM-swap attacks; companies should offer more secure alternatives like Authy or Google Authenticator to improve security measures.

Inside an averted school shooting plot

School Shooting Data Analysis and Reports 39 implied HN points 10 Feb 24
🚌 Education Safety Schools Security Students Incidents
  1. A 14-year-old student in Ohio was arrested for planning a school shooting, targeting specific students and involving anesthetic gases.
  2. The plot involved coordination with an adult in Colorado Springs, highlighting the complex nature of the planned attack.
  3. Despite the detailed planning of this attack, the student was reported, emphasizing the importance of alertness and communication in preventing such incidents.

#13: The UK's Multilateral AI Safety Institute + Open-sourcing Advanced AI + Biden's Executive Order

Navigating AI Risks 78 implied HN points 18 Oct 23
🕹 Technology AI Regulation Research Policy Security
  1. The UK, US, and other Western countries are establishing a Multilateral AI Safety Institute to evaluate national security risks of advanced AI models.
  2. Biden's Executive Order will set public procurement standards for AI to mitigate risks, with the aim to influence industry safety standards.
  3. Open-sourcing AI models presents risks of misuse by malicious actors, irreversible releases, and challenges in ensuring safety without compromising the benefits of public access.

The Ways Microsoft Security Copilot Can Enhance Security Operations with Microsoft Intune

Rod’s Blog 59 implied HN points 08 Dec 23
🕹 Technology AI Security Cloud Management Integration
  1. Microsoft Security Copilot is an AI-powered security solution that supports security professionals in various scenarios like incident response and threat hunting, using plugins for wider threat visibility and context.
  2. Security Copilot integrates seamlessly with Microsoft Intune, aiding in managing user access to organizational resources, simplifying device management, and supporting the Zero Trust security model.
  3. Security Copilot helps analysts manage identities and devices, deploy apps, and monitor compliance and security posture using natural language commands, queries, and AI-generated dashboards and reports.

Fake LastPass App Made Its Way Onto Apple's App Store, Likely Used to Steal Credentials

Metacurity 39 implied HN points 09 Feb 24
🕹 Technology Security App Store Phishing Cyber Operations Vulnerabilities
  1. A fake LastPass app managed to get onto Apple's App Store and was likely designed to steal user credentials.
  2. Iranian cyber operations against Israel are becoming bolder and more sophisticated, posing risks to American critical infrastructure and the 2024 elections.
  3. The FCC has cracked down on AI-generated voice calls, recognizing them as 'artificial' and restricting their use for non-emergency purposes without consent.

Correlating AWS S3 Breaches

Detection at Scale 19 implied HN points 29 Apr 24
🕹 Technology Cloud Infrastructure Security Monitoring Data Analytics Cybersecurity
  1. AWS S3 buckets are a common target for attackers due to misconfigurations and high-value data. Security teams should focus on monitoring S3 activity to ensure authorized access and detect breaches early.
  2. S3 serves as a major storage solution for various data types in the cloud. Its widespread use makes it a prime target for attackers seeking to compromise sensitive information.
  3. Monitoring S3 bucket activity is crucial for detecting suspicious behavior that could signal a breach. Using tools like CloudTrail, GuardDuty, and CloudWatch can provide valuable insights and enhance security measures.

Microsoft Sentinel SOC 101: How to Detect and Mitigate Multiple Microsoft Teams Deleted by a Single User with Microsoft Sentinel

Rod’s Blog 39 implied HN points 07 Feb 24
🕹 Technology Security Software Data Management Incident Response Cloud Computing
  1. Use Microsoft Sentinel to detect and respond to multiple Teams deletion events in your organization.
  2. Collect Teams activity logs in Microsoft Sentinel to monitor data and detect security risks.
  3. Write custom analytics rules in Microsoft Sentinel to generate alerts for suspicious activities, such as multiple Teams deletion by a single user.

Let's talk about school lockdowns

School Shooting Data Analysis and Reports 59 implied HN points 05 Dec 23
🇺🇸 U.S. Politics Security Schools Policy Research Gun Violence
  1. In school lockdowns, students are often told to hide in classrooms, while in other dangerous situations people are advised to run, hide, or fight.
  2. There is a lack of research supporting the effectiveness of school lockdowns compared to evacuating the school during shootings.
  3. The school security industry heavily influences lockdown procedures, despite shootings often happening outside the classroom.

How to be Notified When Microsoft Sentinel Data Stops Populating

Rod’s Blog 79 implied HN points 02 Oct 23
🕹 Technology Data Management Security Monitoring Analytics
  1. Being notified when data ingestion stops is crucial for security analysts to maintain the integrity of security tools.
  2. A KQL query can be set up as an Analytics Rule to alert if a specific table has not received new data within a set timeframe, allowing for timely action.
  3. Email alerts can be configured instead of generating unnecessary security incidents, ensuring the operations team can address potential issues efficiently.

Must Learn Quantum Security Preface: The Power of Quantum Computing in Advancing Artificial Intelligence

Rod’s Blog 79 implied HN points 15 Sep 23
🕹 Technology Quantum Computing Artificial Intelligence Machine Learning Algorithms Security
  1. Quantum computing has the potential to significantly enhance computational power and speed in AI tasks, offering faster and more accurate predictions.
  2. Quantum computing enables the development of more sophisticated machine learning techniques by processing and analyzing large amounts of data more efficiently.
  3. Quantum-inspired algorithms can be leveraged to improve classical AI algorithms, showcasing the benefits of quantum computing even without fully-fledged quantum computers.

Update now: Stop Running Playbooks Directly from Analytics Rules

Rod’s Blog 79 implied HN points 08 Jun 23
🕹 Technology Software Automation Analytics Security
  1. Microsoft Sentinel is deprecating the capability to assign Playbooks directly to Analytics Rules, encouraging the use of Automation Rules for better efficiency and management.
  2. With Automation Rules, you can manage all your automations from one place, trigger playbooks for multiple analytics rules with a single rule, define playbook execution order, and set expiration dates for playbook runs.
  3. Consider migrating existing Analytics Rules with directly assigned Playbooks to the new Automation Rules method to enhance effectiveness.

PSA: Migrate from the Threat Intelligence Platform Connector to the Threat Intelligence Solution in Microsoft Sentinel

Rod’s Blog 79 implied HN points 21 Jun 23
🕹 Technology Security Data Software Updates Networking
  1. The Threat Intelligence Platform Connector in Microsoft Sentinel is being deprecated, so users should consider migrating to the new Threat Intelligence Solution soon.
  2. There is no definitive date for the deprecation, but users are advised to start using the new version within the next 6 months.
  3. The new version of the Threat Intelligence Solution offers more artifacts like Rules and Hunting Queries, providing additional capabilities.

Must Learn AI Security Part 4: Trojan Attacks Against AI

Rod’s Blog 79 implied HN points 21 Aug 23
🕹 Technology Security AI Malware Data
  1. Trojan attacks against AI involve disguising malware as legitimate software to gain unauthorized access, steal data, or manipulate algorithms, leading to dangerous outcomes.
  2. Common steps in a Trojan attack against AI include reconnaissance, delivery of the Trojan, installation, establishing command and control, exploitation, and covering up tracks to avoid detection.
  3. Mitigation of Trojan attacks against AI involves measures like using antivirus software, regular software updates, strong access controls, employee education on social engineering, and implementing monitoring strategies like real-time monitoring, intrusion detection, and machine learning for anomaly detection.

Monitor Azure Open AI Deployments with Microsoft Sentinel

Rod’s Blog 79 implied HN points 20 Apr 23
🕹 Technology Cloud Computing Security Data Analysis Automation Software Development
  1. Defender for Cloud Apps can now monitor Azure Open AI activity, making it easier to track and locate activity using Microsoft Sentinel.
  2. Utilize KQL queries to identify Azure Open AI deployments and create a maintained Watchlist in Microsoft Sentinel for easy monitoring.
  3. Automate the updating of the Watchlist with Logic Apps to ensure it always contains the most up-to-date information on Azure Open AI instances.

A deep dive on Bitcoin's flaws and how to fix them

Senatus’s Newsletter 78 implied HN points 21 Jul 23
🔮 Crypto Security Decentralization Affordability Speed Scalability
  1. A perfect cryptocurrency needs to have uncensorability, certainty of supply, and transferability as a store of value.
  2. Bitcoin faces challenges with decreasing security spend and centralization of hashrate, impacting its resilience to attacks.
  3. Issues in Bitcoin such as affordability, speed, and scalability make it less efficient as a medium of exchange, while alternative cryptocurrencies offer better solutions.

Snyk: Shift left security

The Product Person 78 implied HN points 17 Apr 23
💼 Business Security Startups Funding Product-Market Fit Growth
  1. Snyk is a $7.4 billion startup focusing on helping developers find and fix vulnerabilities in open-source code.
  2. Snyk offers a range of products like Snyk Code, Snyk Container, and Snyk Infrastructure as Code to enhance security.
  3. Snyk's growth was fueled by a developer-first approach, leading to rapid adoption and a unique product-led growth strategy.

Driving A Tank Through Our Climate Budget

Surfing the Future 39 implied HN points 01 Feb 24
🌍 World Politics Climate Defense Security Conflict Peace
  1. Cutting climate spending to boost defense budgets can have negative consequences on addressing the climate and sustainability agenda.
  2. There is a growing concern about new levels of conflict fueled by cyberwarfare and genetic weapons, requiring more engagement with military and intelligence sectors.
  3. Future conflicts could harm the planet directly and shift focus away from crucial efforts to combat climate and biodiversity emergencies.

Nyhetsbrev steigan.no 22.11.2024

steigan.no 8 implied HN points 22 Nov 24
🇺🇸 U.S. Politics Foreign Policy Government News War Security
  1. Equinor is laying off 20% of its renewable energy workers due to tough market conditions and is pulling out of several countries. This means around 250 jobs will be cut.
  2. The International Criminal Court has issued arrest warrants for Israeli leaders Netanyahu and Gallant for war crimes in Gaza. If they travel to any member countries, they could be arrested.
  3. The U.S. plans to supply Ukraine with banned antipersonnel mines, breaking its own rules. This raises concerns about civilian safety and the implications of using these weapons in the conflict.

AI Red Teaming

Rod’s Blog 39 implied HN points 30 Jan 24
🕹 Technology AI Security Ethics Framework Compliance
  1. AI red teaming is crucial for ensuring AI systems are robust, secure, and aligned with human values and expectations.
  2. AI red teaming helps identify weaknesses and threats that could compromise the performance, functionality, or integrity of AI systems.
  3. AI red teaming aligns with responsible AI principles like fairness, reliability, safety, privacy, inclusiveness, transparency, and accountability.

With Sweden Joining NATO, the USA has Won the Strategic War of the 20th and 21st Centuries

Phillips’s Newsletter 77 implied HN points 27 Feb 24
🌍 World Politics International relations NATO Security Europe
  1. The USA has achieved its long-standing goal of uniting Europe under its security leadership through Sweden joining NATO.
  2. Putin and Trump are desperate to prevent this USA-led security pact in Europe from turning into a failure.
  3. Since Theodore Roosevelt's era, the USA's primary security concern has been the fate of Europe.