Aggregator

人工智能（AI）正日益应用于所有利用信息技术的行业，并预计将成为主要的经济驱动力之一。这一趋势的一个结果是，某些应用在未来几年可能会引发社会挑战。本文旨在帮助组织在涉及AI系统（例如使用、开发、监控或提供利用AI的产品或服务）时，负责任地履行其职责。AI可能引发以下特定的考虑因素，例如：

• 以自动决策为目的的AI使用，有时以非透明和不可解释的方式进行，这可能需要超出传统IT系统管理的特定管理。
• 使用数据分析、洞察和机器学习，而非人类编码的逻辑来设计系统，既增加了AI系统的应用机会，也改变了这些系统的开发、论证和部署方式。
• 能够进行持续学习的AI系统在使用过程中会改变其行为。这些系统需要特别考虑，以确保在行为变化的情况下其负责任的使用能够持续下去。

本文件提供了在组织背景下建立、实施、维护和持续改进AI管理系统的要求。预计组织将把这些要求的应用重点放在AI独有的特征上。AI的某些特征，如持续学习和改进的能力，或缺乏透明性和可解释性，如果它们引发的担忧超出传统执行任务的范围，可能需要不同的保障措施。采用AI管理系统来扩展现有的管理结构是组织的一项战略决策。

A sophisticated technique dubbed “ECScape” that allows malicious containers running on Amazon Elastic Container Service (ECS) to steal AWS credentials from other containers sharing the same EC2 instance. The discovery highlights critical isolation weaknesses in multi-tenant ECS deployments and underscores the security advantages of AWS Fargate’s micro-VM architecture. The technique, developed by security researcher Naor […]

The post ECScape: Exploiting ECS Protocol on EC2 to Exfiltrate Cross-Task IAM and Execution Role Credentials appeared first on Cyber Security News.

You must login to view this content

Ransomware isn’t dying — it’s evolving, swapping encryption for aggressive extortion as attacks and data theft hit record highs.

The post Ransomware: Still Dangerous After All These Years appeared first on Security Boulevard.

A sophisticated cybercriminal operation known as GreedyBear has orchestrated one of the most extensive cryptocurrency theft campaigns to date, deploying over 650 malicious tools across multiple attack vectors to steal more than $1 million from unsuspecting victims. Unlike traditional threat groups that typically specialize in single attack methods, GreedyBear has adopted an industrial-scale approach, simultaneously […]

The post Biggest Ever GreedyBear Attack With 650 Hacking Tools Stolen $1 Million from Victims appeared first on Cyber Security News.