Meta AI Models Cracked Open With Exposed API Tokens

Click here to subscribe to Informationweek.com

Categories: Services | Professionals Business goods Financially Kantoor Marketing Retail Retail Industry Machines Age: 14 until 18 year 19 until 30 year 31 until 64 years

11 months ago

Html
Text

Researchers at Lasso Security found 1,500+ tokens in total that gave them varying levels of access to LLM repositories at Google, Microsoft, VMware, and some 720 other organizations.

Follow Dark Reading:

December 05, 2023

LATEST SECURITY NEWS & COMMENTARY

Meta AI Models Cracked Open With Exposed API Tokens Researchers at Lasso Security found 1,500+ tokens in total that gave them varying levels of access to LLM repositories at Google, Microsoft, VMware, and some 720 other organizations. 'AeroBlade' Group Hacks US Aerospace Company Aeroblade flew under the radar, slicing through detection checks on a quest to steal sensitive commercial data. 23andMe: Data Breach Was a Credential-Stuffing Attack The DNA testing company believes that the attack has now been contained and is notifying impacted individuals. Pro-Iran Attackers Access Multiple Water Facility Controllers Multiple agencies warn that attackers have been active since Nov. 22, targeting operational technology (OT) across the US. Establishing New Rules for Cyber Warfare Why we should applaud the Red Cross's efforts, even if they likely won't work. (Sponsored Article) The SOC's Future Is a Security Platform SOC tools must evolve, and a unified platform with a comprehensive, proactive protection and Gen AI can tip the scales in favor of your defenders. MORE NEWS / MORE COMMENTARY


HOT TOPICS
Okta Breach Widens to Affect 100% of Customer Base Early disclosures related to September compromise insisted less than 1% of Okta customers were impacted; now, the company says it was all of them. The US Needs to Follow Germany's Attack-Detection Mandate A more proactive approach to fighting cyberattacks for US companies and agencies is shaping up under the CISA's proposal to emphasize real-time attack detection and response. Simple Hacking Technique Can Extract ChatGPT Training Data Apparently all it takes to get a chatbot to start spilling its secrets is prompting it to repeat certain words like "poem" forever. Siemens PLCs Still Vulnerable to Stuxnet-like Cyberattacks Security updates are tedious and difficult, so users continue to use a weak version of a core protocol and remain exposed to major attacks on critical infrastructure. MORE

PRODUCTS & RELEASES

Zatik Security Gains Momentum, Announces Co-Founder, CTO, Partner Network Flow Security Launches GenAI DLP The Latest Delinea Secret Server Release Boosts Usability With New Features MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Critical 'LogoFAIL' Bugs Offer Secure Boot Bypass for Millions of PCs Hundreds of consumer and enterprise-grade x86 and ARM models from various vendors, including Intel, Acer, and Lenovo, are potentially vulnerable to bootkits and takeover. LATEST FROM THE EDGE
Name That Edge Toon: On Your Mark... Come up with a clever cybersecurity-related caption, and our panel of experts will reward the winner with a $25 Amazon gift card. LATEST FROM DR TECHNOLOGY
Enhancing Incident Response Playbooks With Machine Learning Cybersecurity analysts use playbooks as a guide to quickly investigate and respond to incidents, but regularly neglect to keep the process documents up to date. LATEST FROM DR GLOBAL
Former Uber CISO Speaks Out, After 6 Years, on Data Breach, SolarWinds Joe Sullivan, spared prison time, weighs in on the lessons learned from the 2016 Uber breach and the import of the SolarWinds CISO case.

WEBINARS

What's In Your Cloud? How to Combat the Latest Cloud Security Threats

More businesses have shifted critical assets and operations to the cloud, as service providers enhance their security capabilities and companies adapt to more remote workforces. In this webinar, experts outline the top ways that attackers are exploiting cloud services, applications ...

View More Dark Reading Webinars >>

WHITE PAPERS

9 Traits You Need to Succeed as a Cybersecurity Leader The Ultimate Guide to the CISSP

View More White Papers >>

FEATURED REPORTS

Passwords Are Passe: Next Gen Authentication Addresses Today's Threats Everything You Need to Know About DNS Attacks Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks

The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ...

View More Dark Reading Reports >>

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Share on

Other newsletters from Informationweek.com

More newsletters from Informationweek.com

Related newsletters

View other categories

Services | Professionals Business goods Financially Kantoor Marketing Retail Retail Industry Machines