"It is a scientific fact that these macaques, like all other primates, including humans, are communicating. They communicate in much the same way we do - facial expressions, vocalizations, body postures, those kinds of things." - Jeff Kerr Jeff Kerr is PETA foundations Chief Legal Officer. I asked him to come on the show to talk about one of PETA’s current lawsuits against the National Institutes of Health (NIH) and Nathional Institute of Mental Health (NIMH). PETA is arguing that the monkeys being tested on in a government run facility are capable of communication (or “are communicating”). And that we have a constitutional right under the First Amendment to receive their communications. This could be a game changer in allowing us to see what’s really going on in labs that are funded by taxpayer money, and which have so far been censored from public view. PETA’s lawsuit follows years of NIH’s attempts to deny Freedom of Information requests banning PETA executives from its campus and illegally censoring animal advocates’ speech on NIH’s public social media pages. Through the lawsuit, PETA is seeking a live audio-visual feed to see and hear real-time communications from the macaques who have been kept isolated, used in fear experiments, and had posts cemented into their heads. Anthropologists and other scientists have studied macaque and other primate communications for decades and know that the monkeys communicate effectively and intentionally through lip smacking, fear grimaces, body language, and various cries and sounds—all of which constitute speech under the law. Primatologists can analyze that speech on a deeper level to share their stories with the world.…
Player FM - Internet Radio Done Right
Checked 5h ago
اضافه شده در thirty-six هفته پیش
محتوای ارائه شده توسط CISO Marketplace. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط CISO Marketplace یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
Player FM - برنامه پادکست
با برنامه Player FM !
با برنامه Player FM !
))
Daily Deals
Securing the AI Frontier: Unmasking LLM and RAG Vulnerabilities
Manage episode 485235367 series 3604885
محتوای ارائه شده توسط CISO Marketplace. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط CISO Marketplace یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
Large language models present new security challenges, especially when they leverage external data sources through Retrieval Augmented Generation (RAG) architectures . This podcast explores the unique attack techniques that exploit these systems, including indirect prompt injection and RAG poisoning. We delve into how offensive testing methods like AI red teaming are crucial for identifying and addressing these critical vulnerabilities in the evolving AI landscape.
www.securitycareers.help/navigating-the-ai-frontier-a-cisos-perspective-on-securing-generative-ai/
www.hackernoob.tips/the-new-frontier-how-were-bending-generative-ai-to-our-will
167 قسمت
اشتراک گذاریManage episode 485235367 series 3604885
محتوای ارائه شده توسط CISO Marketplace. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط CISO Marketplace یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
Large language models present new security challenges, especially when they leverage external data sources through Retrieval Augmented Generation (RAG) architectures . This podcast explores the unique attack techniques that exploit these systems, including indirect prompt injection and RAG poisoning. We delve into how offensive testing methods like AI red teaming are crucial for identifying and addressing these critical vulnerabilities in the evolving AI landscape.
www.securitycareers.help/navigating-the-ai-frontier-a-cisos-perspective-on-securing-generative-ai/
www.hackernoob.tips/the-new-frontier-how-were-bending-generative-ai-to-our-will
167 قسمت
All episodes
×
Nearly all organizations (99%) are grappling with API-related security issues annually, driven by the rapid expansion of API ecosystems that often outpace existing security measures, creating vast new vulnerabilities and complexities. Attackers frequently exploit known weaknesses like security misconfigurations and broken authorization, with a startling 95% of attacks originating from authenticated users targeting external-facing APIs. This episode delves into these pervasive threats, dissecting the challenges of API sprawl, the intensifying impact of microservices, the emerging risks of generative AI, and providing a foundational guide for assessing and fortifying API security postures. www.securitycareers.help/the-critical-state-of-api-security-a-comprehensive-guide-to-modern-threats-and-defense-strategies www.hackernoob.tips/the-foundation-of-the-problem-api-sprawl-and-blind-spots Sponsors: https://devsecops.vibehack.dev https://prompts.cyberagent.exchange https://vibehack.dev…
In an industry facing high stress levels and the "Great Resignation," retaining skilled cybersecurity professionals is a critical challenge for organizations. Offering flexible work arrangements, including remote options, has emerged as a key competitive differentiator that significantly improves employee satisfaction and work-life balance, directly combating turnover. Simultaneously, strategic investment in continuous professional development and tailored upskilling programs addresses critical skills gaps, provides clear career pathways, and boosts engagement, transforming retention from a challenge into a strategic advantage. www.securitycareers.help/beyond-the-great-resignation-mastering-cybersecurity-retention-with-remote-work-upskilling-and-inclusion https://cyberagent.exchange https://www.cisomarketplace.com…
This episode explores how geopolitical actors, particularly Russia and China, precisely adapt their messaging in response to global events and for specific audiences. We'll delve into their sophisticated strategies, from opportunistically exploiting major events like the US elections and the Ukraine war to crafting diverse narratives tailored for platforms such as X, Telegram, and TikTok. Discover how artificial intelligence (AI) is increasingly prominent, accelerating content creation and amplification to reshape the landscape of information warfare. www.myprivacy.blog/navigating-the-digital-fog-how-geopolitical-actors-manipulate-information-in-the-ai-era breached.company/the-ghost-in-the-machine-unpacking-psyops-and-5th-gen-warfare-in-the-ai-era https://socmed.myprivacy.blog…
Join us as we explore the alarming evolution of cyber-physical attacks, where digital breaches cause real-world damage and disrupt critical infrastructure. We dive into the "Cyber-Physical Six" – Stuxnet, BlackEnergy, Industroyer, Trisis, Industroyer 2, and Incontroller – which are the only known cyber-physical incidents to date, each representing a significant leap in threat capability. Discover how adversaries have advanced their sophistication, expanded their capabilities to target everything from energy grids to safety instrumented systems, and refined their attack vectors to infiltrate OT network. www.securitycareers.help/beyond-it-what-the-cyber-physical-six-teach-every-ciso-about-enterprise-security www.secureiotoffice.world/beyond-the-firewall-why-your-iot-office-needs-to-learn-from-industrial-cyber-attacks https://ssaephysicalsecurity.com/ https://socassessment.com…
Dive into the intricate world of digital forensics, the specialized field dedicated to uncovering and interpreting electronic evidence after a cyber incident. This podcast explores how forensic experts meticulously identify, collect, preserve, and analyze digital artifacts to understand attack methods, trace perpetrators, and inform every phase of the incident response lifecycle, from detection to recovery. Learn why digital forensics is crucial for mitigating damage, enhancing collaboration with law enforcement, and continuously strengthening your organization's cyber resilience against evolving threats. breached.company/the-unseen-battleground-an-in-depth-look-at-digital-forensics-in-the-age-of-cybercrime…
The increasing complexity and state sponsorship of cyber threats are blurring the lines between cybercrime and cyberwarfare, creating significant challenges for attributing attacks and impacting diplomatic relations. This episode explores how international cooperation through stronger alliances, new legal frameworks, and global rapid response networks can enhance cyberattack attribution and response capabilities. We'll discuss the crucial role of information sharing, standardized practices like the NIST Cybersecurity Framework, and the potential for international sanctions in building a resilient global cyber defense capable of adapting to evolving threats. breached.company/navigating-the-new-cyber-landscape-why-proactive-incident-response-and-global-cooperation-are-your-strongest-defenses https://incidentresponse.tools…
Your cybersecurity posture is no longer just about protection; it's the cornerstone of obtaining effective cyber insurance coverage and managing rising costs in 2025. With threats becoming more sophisticated and regulatory landscapes shifting, insurers are scrutinizing security measures more closely than ever, often making basic safeguards prerequisites for coverage. Understanding key requirements and demonstrating a robust, proactive security program—from implementing controls like MFA and EDR to fostering a security culture—is essential for navigating the complex cyber insurance market and securing favorable terms, potentially even reducing premiums. https://cisomarketplace.com/blog/cyber-insurance-2025-why-your-security-posture-is-your-most-important-policy https://cyberinsurancecalc.com…
Hybrid and remote work arrangements, accelerated by recent events, have significantly increased the challenge of detecting and mitigating insider threats from trusted individuals like employees and contractors who have authorized access to organizational resources. Employee monitoring technologies, such as User Activity Monitoring (UAM) and User Behavior Analytics (UBA) software, are widely employed as tools to observe employee activities and identify potential threat indicators in these distributed environments. However, the reliance on such surveillance raises critical concerns regarding employee trust, privacy, legal compliance, and the accurate assessment of job performance, necessitating a delicate balance to maintain a positive working climate and avoid counterproductive outcomes www.securitycareers.help/insider-threats-and-the-monitoring-tightrope-balancing-security-and-trust-in-hybrid-workplaces…
Mergers and acquisitions are complex processes often driven by financial, operational, and positioning goals. However, critical cybersecurity risks, stemming from overlooked areas like integrating divergent security cultures, unknown user practices, and complex data separation, frequently go undiscussed during negotiations. This neglected perspective reveals challenges that can lead to breaches, failed integrations, and significant post-deal costs, impacting the deal's value and success. www.securitycareers.help/m-a-cyber-blind-spots-navigating-the-unseen-risks-a-cisos-view…
A tabletop exercise is a discussion-based simulation designed to help teams determine how to respond to a crisis. These exercises provide a safe environment to test and refine an organization's incident response plan and identify weaknesses in processes. By engaging key personnel in simulated scenarios, tabletop exercises allow for practicing decision-making, communication, and coordination before an actual unexpected event occurs. www.securitycareers.help/assessing-and-enhancing-organizational-security-and-risk-management…
Evolving cyber threats are a significant business risk that boards and executives must oversee, moving beyond simply protecting systems to building resilience. This episode explores how a focus on preparedness, including robust incident response plans and regular testing, combined with continuous management like ongoing monitoring and adapting strategies, is essential for organizations to navigate the dynamic threat landscape. We discuss how these combined efforts enable businesses to respond and recover quickly, ensuring operations continue even when faced with an attack. www.securitycareers.help/mitigating-evolving-cyber-threats-building-resilience-through-preparedness-and-continuous-management…
This episode delves into the essential methodologies and services organizations use to assess their cybersecurity posture. We explore techniques like Enterprise Risk Assessments, Threat Analysis, Vulnerability Management and Assessment, and Penetration Testing. Learn how understanding attacker tactics and human behavior through methods like Social Engineering Assessments and Red/Blue/Purple Teaming can reveal critical weaknesses in your defenses. Discover how these assessments inform strategic planning, prioritize investments, and build a more mature and resilient security program, often guided by frameworks like the NIST Cybersecurity Framework (CSF). www.securitycareers.help/beyond-the-firewall-why-understanding-attackers-and-human-nature-is-key-to-a-cybersecurity-career…
Large language models present new security challenges, especially when they leverage external data sources through Retrieval Augmented Generation (RAG) architectures . This podcast explores the unique attack techniques that exploit these systems, including indirect prompt injection and RAG poisoning. We delve into how offensive testing methods like AI red teaming are crucial for identifying and addressing these critical vulnerabilities in the evolving AI landscape. www.securitycareers.help/navigating-the-ai-frontier-a-cisos-perspective-on-securing-generative-ai/ www.hackernoob.tips/the-new-frontier-how-were-bending-generative-ai-to-our-will…
The financial sector is a frequent target for cyberattacks, facing a staggering rise in cases and significant costs from data breaches. Preparing for these threats requires understanding ransomware-as-a-service (RaaS), phishing, and other malicious activities, as well as implementing robust cybersecurity programs and incident response plans. This episode explores effective strategies for planning, detecting, analyzing, containing, and recovering from cyber incidents to build cyber resilience and maintain trust in a rapidly evolving digital marketplace breached.company/the-expanding-shadow-unpacking-the-multifaceted-financial-costs-of-cybersecurity-incidents https://finemydata.com/ https://databreachcostcalculator.com/ https://irmaturityassessment.com/ https://ircost.breached.company/ https://cyberinsurancecalc.com/…
The 2025 Worldwide Threat Assessment by the Defense Intelligence Agency describes a rapidly changing global security environment where national security threats are expanding, fueled by advanced technology. It identifies key regional security flashpoints, including threats to the U.S. Homeland and Southern Border, China's assertiveness in the Indo-Pacific (especially regarding Taiwan and the South China Sea), Russia's actions in Ukraine and its global influence, and Iran and its proxy forces in the Middle East. The assessment highlights the growing cooperation among U.S. competitors and adversaries—specifically China, Russia, Iran, and North Korea—who are strengthening ties, supporting each other in conflicts, collaborating to evade sanctions, and leveraging technology to undermine the influence of the United States and its allies. breached.company/navigating-the-threat-horizon-key-regional-flashpoints-and-their-global-implications-in-2025…
به Player FM خوش آمدید!
Player FM در سراسر وب را برای یافتن پادکست های با کیفیت اسکن می کند تا همین الان لذت ببرید. این بهترین برنامه ی پادکست است که در اندروید، آیفون و وب کار می کند. ثبت نام کنید تا اشتراک های شما در بین دستگاه های مختلف همگام سازی شود.
Daily Deals
Player FM - برنامه پادکست
با برنامه Player FM !
با برنامه Player FM !
))
