Unsupervised Learning: No. 181
Unsupervised Learning11 Jun 2019

Unsupervised Learning: No. 181

Some absolutely fascinating research has just come out on what percentages and types of vulnerabilities are actually exploited in the wild. It found that only 5.5% of vulnerabilities discovered between 2009 and 2018 were actually exploited, with most of those being issues with a CVSS score of 9 or 10. The best part of the paper, however, was a discussion of optimal patching strategies, where they looked at different methodologies for what to patch and measured them against each other based on coverage (no misses) and efficiency (not patching what you don't have to). Options included patching by CVSS, whether or not there are public exploits, by vulnerability tags, etc. The ML model performed best, but it seemed that patching the CVSS 7 and above was decent as well, and for more efficiency but less coverage—CVSS 9 and above. Super interesting paper. More

The US is going to start requiring 5 years of social media account history from Visa applicants, as part of the filtering process. I'm genuinely curious as to how effective this is going to be. On the one hand, there will now be a market for creating and maintaining fake social media accounts that people can use for this purpose. But on the other hand, there will be many who don't want to go to that effort and either won't try to come, or will get caught in the filter. As with most things, the efficacy will come down to execution. More

A team at Stanford has made it possible to edit video using a text editor. So, editing the things that were said by the actual subject, to say something else entirely, but having it seamlessly injected into the video so it looks completely natural. More

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Episoder(532)

A Conversation with Faisal Khan from Vanta

A Conversation with Faisal Khan from Vanta

In this episode, I speak with Faisal Khan, a GRC Solution Specialist at Vanta, about how their platform is transforming trust management for organizations. We talk about: Vanta as a Trust-Management Platform:How Vanta helps organizations build, scale, and showcase their security and compliance programs through automation, efficiency, and tools like the Trust Center. Key Features and Solutions Offered by Vanta:How Vanta’s integrations automate compliance checks, streamline vendor risk management, and address industry standards like SOC 2, ISO 27001, and CMMC to save time and improve efficiency. Future Directions and AI Integration:How Vanta is expanding into new frameworks like the EU AI Act and leveraging AI to simplify compliance, optimize workflows, and address evolving trends in governance and security.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

28 Jan 39min

UL NO. 465 | The SaaS Attack Vector, Project Stargate, and Undersea Cable Drones

UL NO. 465 | The SaaS Attack Vector, Project Stargate, and Undersea Cable Drones

also...Joseph goes independent, Perplexity's new search API, Stoicism's gift, and much more... Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

26 Jan 21min

UL NO. 464 | AI Phishing Matches Humans, Under Sea Cable Cutter Patents, and Siri is About to Not Suck

UL NO. 464 | AI Phishing Matches Humans, Under Sea Cable Cutter Patents, and Siri is About to Not Suck

also...Russia's actual playbook, CISA's new rating system, and everyone's doing robots now Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

18 Jan 28min

UL NO. 463 | Launching 2025, US Soldier Data Leak, AI Agents Emerge, China's Global Spy Network, Robotaxis Now Safer Than Humans

UL NO. 463 | Launching 2025, US Soldier Data Leak, AI Agents Emerge, China's Global Spy Network, Robotaxis Now Safer Than Humans

Navigating AI's impact on work, the rise of transnational threats, a grim new reality in air travel, and how to harness the chaos of 2025 for personal and professional growth. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

11 Jan 44min

UL NO. 462: Full-Face Mask Deceptions, VS Code Tunnel Hacks, Quiet AI Emergence at Apple, and Tokyo’s Three-Day Weekend Gamble

UL NO. 462: Full-Face Mask Deceptions, VS Code Tunnel Hacks, Quiet AI Emergence at Apple, and Tokyo’s Three-Day Weekend Gamble

...plus building personal TELOS files, the ChatGPT Pro vs. Claude coding face-off, a human bird flu case in Louisiana, and ketones fighting Alzheimer’s. ➡ Make your app enterprise-ready and start selling to enterprise customers with WorkOS: workos.com Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

22 Des 202427min

How Much AI Do We Need? - My AI Industry Prediction

How Much AI Do We Need? - My AI Industry Prediction

In this episode, Daniel Miessler explores how AI can transform our understanding of the present and create actionable paths for a better future. He talks about: The Current State, Desired State, and Transition in AI Applications:How AI frameworks can analyze the current state, define a desired state, and propose action plans to address challenges in education, climate, health, and beyond. The Infrastructure and Scale of AI:Why we’re only at the beginning of building the AI infrastructure required for future demands, from GPUs and data centers to startups pushing the boundaries of what’s possible. The Role of AI in Human and Organizational Development:How AI can revolutionize personal lives, enhance businesses, and solve societal issues by gathering and analyzing massive amounts of contextual data to provide actionable insights. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one! Chapters: 0:00 - Introduction to Unsupervised Learning Podcast 1:10 - Concept: Predicting AI Infrastructure Needs3:45 - The Challenge of Predicting Technology vs Human Desires6:20 - Exploring AI Infrastructure Metrics (GPUs, Data Centers, Startups)8:55 - Philosophical Insight: Current State vs Desired State 12:15 - AI’s Role in Learning from the Past and Anticipating the Future 14:50 - Addressing Global Issues with AI (Education, Poverty, Climate) 18:30 - Transitioning from Current State to Desired State 22:05 - Context Gathering: Granularity and Technology Limitations 25:40 - AI's Impact on Individual and Family Contexts 29:10 - AI’s Potential in Business: Granularity and Cost 32:50 - Vision of Life OS and Personalized Assistance 36:15 - AI in Society: Predicting and Preventing Problems 40:00 - Infinite Context and the Scaling of AI Capabilities 44:30 - Predictions on AI Context Size and Infrastructure Demand 48:20 - The Importance of Understanding the Current State 52:10 - ConclusionBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

11 Des 202428min

UL NO. 459: New Active 0-day Exploitation, AI That Sees Your Open Apps, The RebootAI Project

UL NO. 459: New Active 0-day Exploitation, AI That Sees Your Open Apps, The RebootAI Project

A conversation with Rob Allen from ThreatLocker, UL's Black Friday sale, Finland's internet disrupted, and more... ➡️ Get Your Free Cloud Security Scan with Wiz: wiz.io/ul Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

21 Nov 202423min

A Conversation with Rob Allen from ThreatLocker

A Conversation with Rob Allen from ThreatLocker

In this conversation, I speak with Rob Allen, Chief Product Officer at ThreatLocker. We talk about: ThreatLocker’s Unique Zero Trust Approach to Cybersecurity:How ThreatLocker’s "deny by default, permit by exception" methodology, along with automated application learning and built-in definitions for over 4,000 applications, simplifies allowlisting and enhances endpoint security. Innovations in ThreatLocker’s Control Features:How ThreatLocker’s ringfencing prevents unauthorized application interactions and data access, and dynamic firewalls mitigate risks like lateral movement and ransomware attacks through endpoint-level network segmentation. Recent Developments and Cloud Expansion:How ThreatLocker Detect and Cloud Detect provide advanced detection capabilities for endpoint and cloud environments, including Office 365, enabling anomaly detection, centralized alerts, and proactive threat management. And more. Into (00:00:00)ThreatLocker's Zero Trust Cybersecurity Approach (00:00:31)Understanding Allow Listing in Cybersecurity (00:01:49)Managing Software Updates with ThreatLocker (00:02:13)Automated Application Updates for Over 4000 Programs (00:04:11)Vendor Collaboration for Early Software Updates (00:05:40)Challenges and Risks of Immediate Software Updates (00:06:53)Assuming Breach: A Core Cybersecurity Principle (00:08:10)Implementing Zero Trust Strategies with Ring Fencing (00:09:30)Controlling Application Interactions to Prevent Threats (00:09:50)Advanced Data Protection with Storage Control (00:13:17)Dynamic ACLs for Smarter Network Control (00:15:48)Ransomware Risks from Open Ports (00:16:50)Using Shodan to Identify Open Port Vulnerabilities (00:17:19)Building Application Allow Lists with Contextual Data (00:18:43)Learning Mode for Application and Traffic Visibility (00:19:36)Balancing User Behavior Control and Workflow (00:20:44)Integrating Detection and Control with ThreatLocker Detect (00:21:44)Why Detection is Critical in Cybersecurity Layers (00:22:41)Response Mechanisms and Automated Remediation (00:24:02)Lockdown Mode: Ultimate Isolation from Threats (00:25:38)Streamlined Application Approvals with Cyber Hero (00:26:36)Breaking Down Ransomware Attack Stages (00:27:46)Introducing Cloud Detect for Cloud Security (00:29:39)How to Learn More About ThreatLocker Solutions (00:30:47)Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

18 Nov 202432min

Populært innen Teknologi

romkapsel
rss-avskiltet
teknisk-sett
energi-og-klima
tomprat-med-gunnar-tjomlid
shifter
rss-impressions-2
nasjonal-sikkerhetsmyndighet-nsm
smart-forklart
rss-alt-som-gar-pa-strom
pedagogisk-intelligens
rss-digitaliseringspadden
elektropodden
rss-heis
i-loopen
kunstig-intelligens-med-morten-goodwin
rss-snakk-om-sikkerhet
rss-alt-vi-kan
rss-plateprat
rss-fjorsilkebris-podcast