Required Security Changes for Secure AI Agents · Joseph Thacker
Capable and secure AI agents will require new technologies. In order to expedite the utility of digital assistants by granting human-like access to them, we…
Category: Mix
DEFCON Moves, AnyCloudDesk, Ransomware Learnings, My Top AI Projects
Unsupervised Learning is a security, AI, and meaning-focused newsletter that looks at how best to thrive as humans in a world that’s changing faster than…
Hunting Down The Top 5 Most Common Price Manipulation Vulnerabilities in E-Commerce Websites
E-commerce stores can lose out on a lot of revenue if price manipulation vulnerabilities get actively exploited by bad actors. These are often security vulnerabilities…
Apple Vision Pro First Impressions
This first-impressions “review” will be a little different than most because: I’m a total Apple fanboy I’m not sold on VR/AR/Spacial headsets Also, I’m not…
Blocking Compromised Tokens with Wallarm
In our Annual API ThreatStats report, we highlighted the increasing threat of API Leaks. An API Leak is the disclosure of sensitive API information, such…
Wallarm’s Crusade Against Rising Credential Stuffing Threats
Credential Stuffing, a vital yet often overlooked aspect of cybersecurity, needs to be addressed with urgency. An alarmingly large segment of the population engages in…
Introducing custom scan checks to Burp Suite Enterprise Edition | Blog
Emma Stocks | 02 February 2024 at 11:26 UTC BChecks, in a nutshell, are easy to use custom-created scan checks that enable you to extend…
Fabric’s Origin Story
In this video on David Bombal’s podcast, I talk through the AI tooling I spent 2023 building. How I captured my desired outcomes How I…
How (Specifically) AI Will 100x Human Creativity and Output
The real problems are under the water. Click for full-size. I just realized something. The reason many people are skeptical of AI’s potential is because…
[tl;dr sec] #216 – Azure Attack Paths, Recipe for Scaling Security, Cybersecurity Incident Tracker
I hope you’ve been doing well! 🎭️ SF SketchFest One of my favorite events every year is SF SketchFest, which is basically a month of…
Stopping Credential Stuffing Attacks: We Need to Do Better
Do you know what 23andMe, Jason’s Deli, North Face, and Hot Topic have in common? They’ve all been breached by successful credential stuffing attacks in…
Server-Side Template Injection Vulnerability in Confluence Data Center and Server (CVE-2023-22527)
Introduction On January 16 2024, Atlassian issued a significant alert on a critical Server-Side Template Injection (SSTI) vulnerability in Confluence Data Center and Server, identified…