Hacker News with Generative AI: Information Security

Ex-NSA chief warns AI devs: Don't repeat infosec's early-day screwups (theregister.com)
AI engineers should take a lesson from the early days of cybersecurity and bake safety and security into their models during development, rather than trying to bolt it on after the fact, according to former NSA boss Mike Rogers.

Artificial Intelligence, Cybersecurity, Security, Information Security

5 points by rntn 3 days ago | 0 comments

OCC Notifies Congress of Incident Involving Email System (occ.gov)
WASHINGTON—The Office of the Comptroller of the Currency (OCC) today notified Congress of a major information security incident, as required by the Federal Information Security Modernization Act.

Cybersecurity, Government, Finance, Information Security

23 points by impish9208 11 days ago | 1 comments

SciOp torrents: download, seed erased US Gov sites and datasets (sciop.net)
A project emerging from a loose collaboration within Safeguarding Research and Culture

Government Data, Research, Information Security, Open Source, Collaboration

161 points by WarOnPrivacy 19 days ago | 14 comments

Security Teams Fail (lcamtuf.substack.com)
I spent 25 years working in information security. I published research, authored books, and led large security teams for publicly-traded companies. That said, when I kicked off this Substack in 2022, I wanted to try something different — so with few exceptions, I shied away from infosec punditry.

Cybersecurity, Information Security, Substack, Opinion

10 points by zdw 72 days ago | 1 comments

Agencies with investigations into Musk's companies with staffing cuts (infosec.exchange)

Elon Musk, Companies, Investigations, Staffing Cuts, Information Security

3 points by doener 73 days ago | 0 comments

Deep Fake Detector Extension by Mozilla Firefox (mozilla.org)
The Fakespot Deepfake Detector extension will help you sort out text written by humans from text that has been created using AI tools.

AI, Browser Extensions, Mozilla Firefox, Information Security

67 points by Topfi 76 days ago | 36 comments

Brian Krebs with some background on the story about Edward Coristine (infosec.exchange)

Cybersecurity, Information Security, Data Breaches, Privacy

9 points by qrios 79 days ago | 0 comments

Investigating an “evil” RJ45 dongle (lcamtuf.substack.com)
When it comes to information security headlines, a good rule of thumb is that claims about about widespread supply-chain sabotage are usually false.

Information Security, Hardware, Supply Chain

508 points by zdw 99 days ago | 169 comments

Help me find a blogpost I saw here once (ycombinator.com)
Within the past 2 years. It was specifically about correlating information obtained from dumps of breached websites to identify users and take advantage of password reuse to hack accounts.

Cybersecurity, Data Breaches, Password Security, Information Security, User Privacy

6 points by branon 121 days ago | 2 comments

Deception for Information Security Blog (bluepillsecurity.com)
Definitions of important terms in deception-for-security

Cybersecurity, Information Security, Deception Technology

7 points by koins 204 days ago | 1 comments

CMMC 2.0: A Well-Intentioned Misstep in Cybersecurity (nationaldefensemagazine.org)

Cybersecurity, Government Regulations, Information Security

6 points by ohjeez 212 days ago | 0 comments

5 Years of InfoSec Focused Homelabbing (archcloudlabs.com)

Cybersecurity, Homelabbing, Information Security

76 points by DLLCoolJ 237 days ago | 3 comments

The Cryptographic Doom Principle (2011) (moxie.org)