433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

The case for fixing CWE weakness patterns instead of patching one bug at a time

In this Help Net Security interview, Alec Summers, MITRE CVE/CWE Project Lead, discusses how CWE is moving from a background reference into active use in vulnerability disclosure. More CVE records now include CWE mappings from CNAs, which tends to produce more precise root-cause data. Automation tools help analysts map weaknesses faster, but can reinforce bad patterns if trained on poor examples. Summers argues that fixing weakness patterns reduces recurring work for security teams, even those … More → The post The case for fixing CWE weakness patterns instead of patching one bug at a time appeared first on Help Net Security.
http://news.poseidon-us.com/TRvfcg

This new chip survives 1300°F (700°C) and could change AI forever

A team of engineers has created a breakthrough memory device that keeps working at temperatures hotter than molten lava, shattering one of electronics’ biggest limits. Built from an unusual stack of ultra-durable materials, the tiny component can store data and perform calculations even at 700°C (1300°F), far beyond what today’s chips can handle. The discovery was partly accidental, but it revealed a powerful new mechanism that prevents heat-induced failure at the atomic level.
http://news.poseidon-us.com/TRvbc4

Google study finds LLMs are embedded at every stage of abuse detection

Online platforms are running large language models at every stage of LLM content moderation, from generating training data to auditing their own systems for bias. Researchers at Google mapped how this is happening across what the authors call the Abuse Detection Lifecycle, a four-stage framework covering labeling, detection, review and appeals, and auditing. Earlier moderation systems, built on models like BERT and RoBERTa fine-tuned on static hate-speech datasets, could identify explicit slurs with reasonable accuracy. … More → The post Google study finds LLMs are embedded at every stage of abuse detection appeared first on Help Net Security.
http://news.poseidon-us.com/TRvYy6

Residential proxies make a mockery of IP-based defenses

Attack traffic moved through ordinary home and mobile connections in ways that limited the usefulness of IP reputation on its own. GreyNoise observed 4 billion malicious sessions during a 90-day period and described activity that appeared indistinguishable from normal user traffic at the network level. Residential proxies routed traffic through consumer broadband, mobile data, and small-business connections. These same IP ranges were used by employees, customers, and partners, which made it difficult to separate malicious … More → The post Residential proxies make a mockery of IP-based defenses appeared first on Help Net Security.
http://news.poseidon-us.com/TRtnNJ

Product showcase: Proton Authenticator is an end-to-end encrypted, open source 2FA app

Proton Authenticator is a free and open-source two-factor authentication (2FA) app that generates time-based one-time passwords (TOTP) to help secure online accounts. It is available on Windows, macOS, Linux, iOS, and Android, allowing users to access their verification codes across devices. The app is designed to work without ads or tracking. A Proton account is optional and mainly used for encrypted sync between devices. How Proton Authenticator works Setup starts with installing the app from … More → The post Product showcase: Proton Authenticator is an end-to-end encrypted, open source 2FA app appeared first on Help Net Security.
http://news.poseidon-us.com/TRtnMw