Inceite was established in 2017 and provides software development, cybersecurity and machine learning services for companies from a wide range of industries including banking, telecommunications and public sector. By leveraging years of experience at leading tech firms, our team employs best in class practices, cutting edge technology, and increasing Artificial Intelligence (AI) capabilities to deliver customized solutions to complex problems.
Link zewnętrzny organizacji Inceite
Warsaw, mazowieckie PL
Inceite ponownie to opublikował(a)
Product Manager @ Microsoft 👉 Sign up to Entra.News my weekly newsletter | Creator of cmd.ms • maester.dev • idPowerToys.merill.net • graphxray.merill.net
Folks, Microsoft just released a Microsoft Recovery Tool. See details at https://lnkd.in/g_mRRnJ8
Inceite ponownie to opublikował(a)
It seems that the PoC for CVE-2024-6387 (Remote Code Execution in OpenSSH) is publicly available (unconfirmed):
If you are using local #LLM models, remember that the software used to run models such as #Ollama has a young codebase and it may be easier to find critical vulnerabilities in it, as mentioned in the following article. You should include such risks in your threat analysis process. https://lnkd.in/eXwZpnNN #Cybersecurity #AI
💥 EXCLUSIVE: Wiz Research uncovers CVE-2024-37032, aka #Probllama — a vulnerability in Ollama that left thousands of AI models exposed 😲 This flaw could allow attackers to gain remote code execution and alter prompt answers to generate misleading information. Security teams should update their Ollama instances to the latest version to mitigate this vulnerability. Kudos to our research team, Sagi Tzadik and Shir Tamari for uncovering this and to Ollama for the collaboration with the fast fix 🚀 https://lnkd.in/eXwZpnNN
This is not a good month for firewalls - critical fixes are available for CISCO ASA and FTD (CVE-2024-20353 and CVE-2024-20359). Update your firmware and perform a forensic investigation as described in the following article by Cisco Talos Intelligence Group https://lnkd.in/dHq4E-vZ #cybersecurity
Important recent update for Palo Alto PAN-OS RCE Vulnerability (CVE-2024-3400): disabling the telemetry as a mitigation is not enough - it is possible to exploit the vulnerability with telemetry disabled. #CVE20243400 #Cybersecurity https://lnkd.in/dNyHExrv
Open-source alternative for Devin (AI Software Engineer) from Princeton University looks promising: "SWE-agent turns LMs (e.g. GPT-4) into software engineering agents that can fix bugs and issues in real GitHub repositories. On the full SWE-bench test set, SWE-agent resolves 12.29% of issues." https://lnkd.in/dvx3yrEh
Inceite ponownie to opublikował(a)
"We introduce the first model-stealing attack that extracts precise, nontrivial information from black-box production language models like OpenAI's ChatGPT or Google's PaLM-2. Specifically, our attack recovers the embedding projection layer (up to symmetries) of a transformer model, given typical API access. For under $20 USD, our attack extracts the entire projection matrix of OpenAI's Ada and Babbage language models. We thereby confirm, for the first time, that these black-box models have a hidden dimension of 1024 and 2048, respectively. We also recover the exact hidden dimension size of the gpt-3.5-turbo model, and estimate it would cost under $2,000 in queries to recover the entire projection matrix. We conclude with potential defenses and mitigations, and discuss the implications of possible future work that could extend our attack." An interesting paper jointly authored by Google DeepMind, ETH Zurich, University of Washington, OpenAI, McGill University.
Check why using TPM (without PIN) to decrypt your drive is not the best idea in Linux as well - bypassing TPM-LUKS encryption without soldering - article written by Michael Fincham https://lnkd.in/gN-H-TYw