[ad_1]
Black Hat and DEF CON are two of the foremost safety conferences within the U.S., drawing giant crowds of cyber and AI decision-makers to Las Vegas. Black Hat USA 2024 runs from Aug. 3-8, with many of the briefings occurring on Aug. 7 and eight; DEF CON 32 runs from Aug. 8-11.
We’re rounding up the enterprise enterprise tech information from Black Hat and DEF CON that’s most related for IT and tech decision-makers.
maintain generative AI accountable
A significant subject of dialog and analysis at Black Hat this week will likely be the best way to maintain generative AI accountable within the case of hallucinations, misinformation, or follow-on results from generated content material.
On the one-day AI Summit (ticketed individually from the remainder of Black Hat), specialists will talk about the best way to safe AI fashions and functions for enterprise use, in addition to the usage of AI in cyberattacks.
AI Village at DEF CON will process a crew of hackers with exploring the best way to detect and report AI flaws. This occasion is notable as a result of each the vulnerabilities and the strategies of reporting these vulnerabilities will likely be underneath scrutiny. Ideally, this occasion will assist AI distributors construct frameworks for extra thorough and correct reporting.
DARPA and different authorities organizations will work on securing generative AI at DEF CON as effectively. The AI Cyber Problem (AIxCC) Semifinal Competitors will take a look at hackers abilities in securing essential infrastructure in a hypothetical, futuristic metropolis.
Patches and vulnerabilities recognized
Many organizations at Black Hat and DEF CON will announce patches and memorable vulnerabilities. We’ll cowl these as they come up. For folks attending the convention, there are lots of briefings to select from.
Aqua Safety introduced on Aug. 7 that it had pinpointed a vulnerability in six AWS cloud providers that might let attackers execute code remotely or take over accounts. Amazon has since shut that door. The issue was that S3 buckets for these six providers — CloudFormation, Glue, EMR, SageMaker, ServiceCatalog, and CodeStar — had names with related patterns. Due to this, attackers might guess names to plant malicious code in authentic S3 buckets.
Enhancing safety intelligence
X-Ops, the safety response crew of IT-as-a-service supplier Sophos, launched a report on Tuesday about new ways ransomware attackers use to place strain on their victims. These ways can embrace:
- Encouraging clients to open authorized circumstances towards sufferer organizations.
- Opening authorized circumstances themselves.
- In search of monetary details about goal firms, significantly info which may reveal inaccuracies or subterfuge.
- Exposing felony exercise that will happen on firm units.
- Portray the organizations they aim as negligent or morally poor.
Notable product releases
Flashpoint launched new options and capabilities in Flashpoint Ignite and Echosec on Aug. 6. Flashpoint Ignite, the flagship platform, will now embrace investigations administration and intelligence necessities mapping, which matches Flashpoint collections with Precedence Intelligence Necessities. Echosec will embrace location safety beginning Aug. 6.
The AI safety firm CalypsoAI boosted its product line with out-of-the-box scanners for particular business-use circumstances and verticals and real-time risk updates
Keynotes carry nationwide and company gamers
Keynote audio system for Black Hat 2024 embrace Cybersecurity and Infrastructure Safety Company Director Jen Easterly, Google Safety Engineering Supervisor Ellen Cram Kowalczyk, and Microsoft Menace Intelligence Technique Director Sherrod DeGrippo.
DeGrippo spoke to TechRepublic earlier this month about conserving companies safe in the course of the Paris Olympics.
TechRepublic is protecting Black Hat and DEF CON remotely. This text will likely be up to date all through Black Hat and DEF CON with extra information highlights.
[ad_2]