Pizza Meter Intelligence, China Bypasses Bans, Securing AWS Secrets and techniques… – Go Well being Professional

SECURITY | AI | MEANING :: Unsupervised Studying is my steady stream of authentic concepts, story evaluation, tooling, and psychological fashions designed to assist people lead profitable and significant lives in a world stuffed with AI.

TOC

NOTES

OSINT is one in all my favourite hobbies, and the Pizza Index is one in all my greatest examples of what you are able to do with it. Principally it’s how a lot pizza the Pentagon is ordering—with the implication being that they’re working late as a result of one thing’s taking place.

And with the stuff taking place between Iran and Israel (and elsewhere), it appears like they’re fairly busy. A lot of pizza and empty bars.

That is why I can’t wait to completely construct out my agent framework, and for agent performance to turn into built-in with fashions / platforms (my private prediction for 2025).

It will permit OSINT consultants to take all their numerous sources and strategies and switch them into steady knowledge pipelines that they publish by way of API.

I’ll be publishing many of those myself. Assume Pizza Index, however for hundreds of various alerts round totally different actions. So, army actions, cash transfers, dialogue in numerous boards, and many others. And since they’ll be AI Augmented, they gained’t simply be uncooked knowledge streams, however precise evaluation.

It seems X could also be about to provoke an assault towards Y. We make this evaluation primarily based on the next:

– The next troop and automobile actions

– The next feedback made by consultants with an exemplary prediction document

– These strikes within the following 3 prediction markets

Based mostly on all three of those, we estimate a 93% probability of this assault happening inside 72 hours.

The kind of experiences that might be in every single place quickly

Anyway, tremendous enthusiastic about this.

  • Already in Vegas and we’re lacking my cooled mattress floor. And AC. And Neorest. However so price it to see everybody.

  • Actually trying ahead to our UL Member meetup later this week. Going to get to see just a few long-time members in particular person for the primary time!

  • Dont’ neglect your major, secondary, and tertiary burner telephones.

The State of Issues
Okay, given the state of the world proper now—and the present inventory market crash—I felt impressed to put in writing an extended stream-of-consciousness view of what’s taking place on the planet and the way I plan on responding. It’s heavy and political and deep and private, so solely learn it in case you are concerned about considering and feeling issues. READ IT

MY WORK

A barely upgraded model of final week’s major piece on why AI will disrupt enterprise and society.

I spoke with Christine Gadsby, Head of Product Safety Operations Crew at BlackBerry and we talked in regards to the Function of AI in Cybersecurity, together with:

  • AI’s actual developments, sensible purposes, and related challenges, shifting past the hype.

  • Enhancing Incident Response and Menace Looking

  • Christine highlights AI’s important impression on enhancing incident response and risk looking, how AI rapidly analyzes huge knowledge to determine Indicators of Compromise (IoCs), automates routine duties, and improves decision-making with actionable insights.

  • And much extra…

SECURITY

Two vital ServiceNow vulnerabilities reported by AssetNote are being actively exploited. These flaws permit attackers to entry databases, exfiltrate knowledge, and skim arbitrary information, they usually’re presently affecting between 13k to 42k cases. MORE

An organization has reportedly paid a brand new record-high $75 million to a ransomware group. It’s some huge cash in comparison with something apart from not with the ability to do enterprise. MORE

DigiCert is revoking 83,000 TLS certificates attributable to a website validation bug that would result in clashes between data and subdomains. MORE

I’ve seen a thousand totally different AI + Safety startups at this level. Most are very early and/or theoretical. Some are fairly first rate, and some are spectacular.

However the best possible I’ve seen up to now – by far – is Dropzone.ai. They’re the one firm I’ve seen that’s actually mastered the agent facet of doing investigations.

So by the top you will have a totally documented set of steps that had been taken to analysis an alert, and a conclusion on whether or not or not it was malicious—all with full documentation.

I’m so impressed with it that I’m now an advisor as nicely.

Wish to be taught extra and see Dropzone.ai in motion? Come meet the Dropzone.ai workforce in particular person at Safety Wasteland throughout Black Hat.

China is getting round U.S. bans on superior AI chips by smuggling, entrance firms, and loopholes, in the end permitting restricted Nvidia GPUs to circulation into the nation regardless of export controls. MORE 

Ransomware assaults are rising with an 18% year-on-year improve reported by Zscaler ThreatLabz, together with a document $75 million ransom paid this 12 months. The U.S. faces practically half of all assaults, with the U.Ok. being the second most focused nation. MORE

I’ve at all times thought-about ransomware assaults to be one thing we’d need to invent as a authorities service if it didn’t exist within the market. Like as a method to take a look at and punish dangerous safety.

However my instinct was that after plenty of years it could get more durable and more durable as a result of safety would improve. So in the event that they’re nonetheless rising, I ponder what the reason being. Are attackers shifting to extra susceptible targets after others locked themselves down, or are they only getting higher at discovering holes, one thing else, or all the above.

Most likely all the above.

If somebody has extra perception—or a write-up on this—on that I’d recognize it.

An incredible evaluation right here of securing secrets and techniques in AWS outlines find out how to enhance credentials entry incrementally. The publish covers utilizing Secrets and techniques Supervisor and KMS to eradicate plaintext secrets and techniques from manufacturing and improve credential administration in CI/CD pipelines. MORE

A strong weblog publish discusses creating customized implants for evasion by constructing them in C, detailing server setup, shopper performance, and testing towards safety instruments. MORE

The common price of an information breach jumped 10% to $4.88 million in 2023 in keeping with the Value of a Knowledge Breach Report 2024. MORE

China is tightening its civilian drone export guidelines beginning September 1 to stop their use in army or terrorist actions. The brand new controls will goal drones with IR imaging, laser steering, and high-precision inertial measurement gadgets, whereas lifting restrictions on long-range civilian drones. MORE

AI / TECH

OpenAI has began rollout of its new ChatGPT Voice characteristic for ChatGPT Plus customers, enabling real-time conversations with emotion detection. Initially obtainable to a small group, it is going to broaden to all Plus customers by fall 2024. MORE

I’m a part of this preliminary rollout and I can let you know that the conversations with the product are much more pure now.

I discuss to AI quite a bit utilizing the Cove voice on ChatGPT (Cove sounds an terrible lot like TARS from Iterstellar btw) and that I’ve mapped to double-tap and my Motion Button on my cellphone for fast entry.

Now it’s only a bit extra pure sounding, though I’m getting a whole lot of bizarre artifacts within the voice which might be attributable to load or bandwidth points. Undecided.

Black Hat USA 2024 Preview: AI, AI, and Extra AI — Decipher editors Dennis Fisher and Lindsey O’Donnell-Welch, together with Brian Donohue, talk about the upcoming Black Hat talks they’re enthusiastic about. Highlights embrace classes with H D Moore, Sherrod DeGrippo, and Moxie Marlinspike, in addition to some intriguing talks with cryptic titles. MORE

California’s SB-1047, the “Protected and Safe Innovation for Frontier Synthetic Intelligence Fashions Act,” goals to control giant AI fashions by mandating security measures to stop catastrophic incidents. Critics argue that the invoice’s give attention to existential threats may stifle present AI analysis and growth. MORE

The EU’s risk-based AI regulation started on August 1 with staggered compliance deadlines categorizing AI purposes into low/no-risk, high-risk, and restricted threat tiers. It imposes transparency, threat administration, and penalties for violations, with requirements for high-risk and highly effective general-purpose AI fashions to be finalized by April 2025. MORE

OpenAI has launched the GPT-4o Lengthy Output mannequin (in restricted availability), which extends its output capability to 64,000 tokens—16 instances greater than the unique GPT-4o. I believe the most effective use instances for this might be issues like writing long-form content material. MORE

Google’s experimental Gemini 1.5 Professional has claimed the highest spot on the AI Chatbot Enviornment leaderboard, surpassing OpenAI’s GPT-4 and Anthropic’s Claude 3.5 with a rating of 1300. I’ve personally not used it but as a result of I discover utilizing Google merchandise to be excrucatingly painful—particularly their AI merchandise. MORE

Meta says it is going to want 10x extra computing energy to coach Llama 4 in comparison with Llama 3. So impressed with how Mark has gone from Metaverse Failing to AI Successful in like a 12 months. I credit score Jujitsu. | MORE

Elliott Administration is asking Nvidia a ‘bubble’ and says AI is ‘overhyped’. They argue that the market is overly optimistic about AI’s potential and Nvidia’s function in it. I believe it’s a bubble, but it surely’s a bubble just like the web in 1995. In different phrases, there might be a bursting of AI hype, however that’s fully unrelated to the hockeystick AI is about to provide. These are unrelated issues. MORE | MY ANALYSIS

Bellingcat has put collectively a information on figuring out explosive ordnance (EO) in social media imagery. It covers find out how to confirm the authenticity of pictures, use reverse picture searches, and determine EO primarily based on textual content, colours, shapes, and contextual clues. MORE

CrowdStrike is going through huge lawsuit after Blue Friday crashed over 8 million computer systems globally. The lawsuit claims the corporate made “false and deceptive” statements about its software program testing, resulting in a 32% drop in share worth and a $25 billion loss in market worth. MORE

Intel is shedding over 15% of its workforce as a part of a $10 billion price discount plan after lacking quarterly earnings expectations. The corporate reported a $1.61 billion internet loss for Q2 2024 and won’t pay its dividend within the fiscal fourth quarter. MORE

Apple simply posted a record-breaking Q3 2024 with $85.78 billion in income, surpassing analyst expectations of $84.46 billion. Undecided why Berkshire Hathaway simply bought a lot of it. Individuals are saying he’s anticipating a large sell-off and he desires to be in money. MORE

Apple is ramping up spending to get Apple Intelligence prepared for launch this fall. I’m utilizing the beta that has it, and it’s already fairly spectacular even with out many of the stuff turned on. MORE

HUMANS

A number of the world tried to push Huawei out of their infrastructure, however they’re truly getting extra highly effective, not much less. MORE

A software program firm elevated person engagement by 8x by drastically shortening their emails. Netlify’s preliminary 150-word emails had a 1% reply price, however reducing the textual content to 37 phrases boosted replies to 4%, and additional lowering it to 14 phrases doubled that price to eight%. Insane. Possibly the takeaway is folks don’t have a lot time, and it’s best to respect it. MORE

Final month, Shane Mac supplied everybody at his firm $25,000 to stop, and 6 folks took it. He did this as a result of he realized he had oversold the tradition and wanted to reset expectations to align with their formidable mission of constructing a decentralized and safe messaging protocol. The transfer was a part of a broader effort to rewrite their values, elevate the hiring bar, and guarantee solely these deeply dedicated to the mission stayed on board. MORE

That is what I’ve been on about with the Alaskan Fishing Boat analogy. Firms solely need fully-dedicated murderers now. Entitled folks, people who find themselves are C and B gamers—all of these are going to get more and more phased out.

And AI will lower much more individuals who’ve been hiding in center administration and different elements of the org the place they receives a commission tons of cash to not add a lot worth.

All of the consultancies are going to make use of AI to come back in and consider enterprise operations and discover all these folks, and suggest to the C-team that they be fired and changed with 1/tenth their variety of A-players, and AI.

Journalist Evan Gershkovich was amongst a bunch of Individuals and Russian dissidents launched from Russia in a seven-nation prisoner swap, the most important because the Chilly Battle. The US and Europe launched eight Russian prisoners, together with hitman Vadim Krasikov. MORE

Researchers on the College of California, Santa Barbara have developed an AI mannequin known as SharkEye to assist forestall shark assaults. The mannequin makes use of drones to detect sharks with higher accuracy than people, even recognizing these beneath the water’s floor. MORE

Treating failing eyesight and excessive ldl cholesterol are two new methods to decrease the chance of creating dementia, in keeping with a significant report. The Lancet Fee’s newest findings recommend that addressing 14 well being points may theoretically forestall practically half of all dementia instances worldwide. MORE

Self-control is about 60% heritable, that means genes clarify roughly 60% of the variations in self-control amongst people. A meta-analysis of 31 research involving over 30,000 twins confirmed that similar twins are extra related in self-control than non-identical twins, highlighting the genetic affect. MORE

Holy crap this might be devastating if it’s supported in additional research. I fear in regards to the narrative that each IQ and self-discipline are principally genetic, thus giving folks a simple ramp to put in writing off people or teams if they’ve decrease averages.

Fortunately, even when true, 1) teams don’t outline people, and a couple of) there’s possible a LOT of slack within the environmental half that we’re not—as a society—tapping into but.

A brand new research reveals that folks have a tendency to change their look to match their names. Researchers discovered that adults’ faces typically align with social stereotypes related to their names, whereas youngsters’s faces don’t present this sample. I assume be much more cautious what you identify your children? MORE

A key protein known as Reelin could assist stave off Alzheimer’s illness. Various new research recommend that Reelin helps keep considering and reminiscence in getting old brains, and when its ranges fall, neurons turn into extra susceptible. Individuals are beginning to work on medicine for this, clearly. MORE

Wizards of the Coast will launch the 2024 Dungeons & Dragons rulebooks below a Artistic Commons license, fulfilling a promise made after backlash over makes an attempt to vary the Open Gaming License. MORE

“If Novelists Wrote Your Bug Studies” imagines how well-known authors would describe software program bugs of their distinctive types. Ernest Cline likens a display screen flicker to scenes from “Again to the Future” and “Ghostbusters,” whereas Ursula Ok. Le Guin philosophizes in regards to the existential ache of coding errors. MORE

IDEAS

Extra evaluation on how dangerous the outcomes had been of the latest UBI research carried out by Sam Altman. It seems to be fairly dangerous, similar to we talked about final week.

A extremely cool thought from Jonathan Haidt about free-range children, and a cool thought for giving them extra freedom.

DISCOVERY

Farmbot is an open-source farming machine for rising meals in your personal yard. MORE

Supermemory — An AI-powered platform to prepare, search, and make the most of saved data, appearing as a digital second mind. Key options embrace importing bookmarks from Twitter, saving content material from any supply, and retrieving information with prompt solutions. It is open supply. | by Supermemory AI | MORE

Buddy — Avi Schiffmann’s new AI pendant, Buddy, is designed to fight loneliness by sending you reassuring or playful texts primarily based on what it overhears. The always-listening machine, which does not retailer recordings, has been in comparison with an grownup Tamagotchi and is accessible for preorder at $99. | by Avi Schiffmann | MORE

Material – Daniel Kossmann walks you thru putting in Material, an open-source AI framework by Daniel Miessler, on Ubuntu Linux. | by Daniel Kossmann | MORE

Fleet – An open-source model of FleetDM’s instrument constructed on Osquery for vulnerability monitoring, MDM, detection engineering, and extra purposes. | by Fleet | MORE

SOC2 Coverage Templates – A group of templates for SOC2 insurance policies and procedures that may be outputted as an HTML dashboard or PDF. MORE

Clutch Safety – A platform offering visibility into all non-human identities inside a corporation, serving to safety groups determine related dangers. | by Clutch Safety | MORE

RECOMMENDATION OF THE WEEK

For those who’re at Blackhat this week, keep in mind that 10 and 20 years from now you gained’t bear in mind the talks you noticed this 12 months. However you’ll bear in mind spending that point with your pals.

Prioritize friend-time over presentation-time.

Not solely is the pal time extra valuable and helpful, however you may get the talks later for those who actually need to.

APHORISM OF THE WEEK

Associates present their love in instances of hassle, not in happiness.

Euripides

Add a Comment

Your email address will not be published. Required fields are marked *