Learn how to implement post-quantum cryptographic agility within Model Context Protocol (MCP) tool definition schemas to secure AI infrastructure against quantum threats.
The post Post-Quantum Cryptographic Agility in MCP Tool Definition Schemas appeared first on Security Boulevard.
What Is Corporate Governance? Corporate governance refers to the system of rules, practices, and processes used to direct and control an organization. It establishes how decisions are made, who has the authority to make them, and how those decisions are reviewed over time. Corporate governance defines the relationship between the board of directors, executive leadership, […]
The post The Key Principles of Corporate Governance appeared first on Centraleyes.
The post The Key Principles of Corporate Governance appeared first on Security Boulevard.
With AI taking the top spot for 2026 government CIO priorities, what are the next-level questions that leaders must focus on regarding AI projects and trends in the new year?
The post 10 Tough AI Questions for the 2026 Public-Sector CIO appeared first on Security Boulevard.
Are You Guarding Your Machine Identities Effectively? The management of Non-Human Identities (NHIs) is a critical component of cybersecurity strategies for organizations operating in cloud environments. NHIs, essentially machine identities, represent a fusion of encrypted credentials, such as passwords or tokens, and their corresponding permissions. To draw an analogy, think of an NHI as a […]
The post Why being proactive in NHI management is critical for security appeared first on Entro.
The post Why being proactive in NHI management is critical for security appeared first on Security Boulevard.
How Can We Ensure Non-Human Identities Remain Protected? Are your organization’s Non-Human Identities (NHIs) secure from the impending cyber threats lurking in digital corners? While we delve into the intricacies of NHI security, the crucial aspects of managing these machine identities become apparent. Ensuring the safety of NHIs is a multidimensional effort involving end-to-end protection […]
The post What makes Non-Human Identities safe? appeared first on Entro.
The post What makes Non-Human Identities safe? appeared first on Security Boulevard.
What Makes Agentic AI a Game Changer in Cloud Security? How can organizations ensure the seamless protection of their digital assets when transitioning to the cloud? It’s a question that many industries such as financial services, healthcare, travel, and more are grappling with. Where enterprise systems increasingly leverage cloud environments, the role of Agentic AI […]
The post How can Agentic AI enhance cloud security? appeared first on Entro.
The post How can Agentic AI enhance cloud security? appeared first on Security Boulevard.
Nisos
How OSINT Strengthens Executive Threat Intelligence
High-profile leaders face risks that often start online and can lead to real-world consequences. Personal information exposed across public sources can be used for...
The post How OSINT Strengthens Executive Threat Intelligence appeared first on Nisos by Nisos
The post How OSINT Strengthens Executive Threat Intelligence appeared first on Security Boulevard.
Securonix is detailing a multi-stage campaign that starts with a bogus Booking.com message that runs through a ClickFix technique and a fake Blue Screen of Death before dropping the DCRat malware that gives the attackers full remote control of the victim's system.
The post Malware Campaign Abuses Booking.com Against Hospitality Sector appeared first on Security Boulevard.
Session 7D: ML Security
Authors, Creators & Presenters: Ruyi Ding (Northeastern University), Tong Zhou (Northeastern University), Lili Su (Northeastern University), Aidong Adam Ding (Northeastern University), Xiaolin Xu (Northeastern University), Yunsi Fei (Northeastern University)
PAPER
Probe-Me-Not: Protecting Pre-Trained Encoders From Malicious Probing
Adapting pre-trained deep learning models to customized tasks has become a popular choice for developers to cope with limited computational resources and data volume. More specifically, probing--training a classifier on a pre-trained encoder--has been widely adopted in transfer learning, which helps to prevent overfitting and catastrophic forgetting. However, such generalizability of pre-trained encoders raises concerns about the potential misuse of probing for harmful applications, such as discriminatory speculation and warfare applications. In this work, we introduce EncoderLock, a novel applicability authorization method designed to protect pre-trained encoders from malicious probing, i.e., yielding poor performance on specified prohibited domains while maintaining their utility in authorized ones. Achieving this balance is challenging because of the opposite optimization objectives and the variety of downstream heads that adversaries can utilize adaptively. To address these challenges, EncoderLock employs two techniques: domain-aware weight selection and updating to restrict applications on prohibited domains/tasks, and self-challenging training scheme that iteratively strengthens resistance against any potential downstream classifiers that adversaries may apply. Moreover, recognizing the potential lack of data from prohibited domains in practical scenarios, we introduce three EncoderLock variants with different levels of data accessibility: supervised (prohibited domain data with labels), unsupervised (prohibited domain data without labels), and zero-shot (no data or labels available). Extensive experiments across fifteen domains and three model architectures demonstrate EncoderLock's effectiveness over baseline methods using non-transferable learning. Additionally, we verify EncoderLock's effectiveness and practicality with a real-world pre-trained Vision Transformer (ViT) encoder from Facebook. These results underscore the valuable contributions EncoderLock brings to the development of responsible AI.
ABOUT NDSS
The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.
Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the Organizations' YouTube Channel.
The post NDSS 2025 – Probe-Me-Not: Protecting Pre-trained Encoders From Malicious Probing appeared first on Security Boulevard.
On December 12, 2025, the MongoDB Security Engineering team disclosed a high-severity vulnerability in MongoDB that allows unauthenticated memory disclosure. The issue is tracked as CVE-2025-14847 and has a CVSS score of 8.7 and was quickly nicknamed MongoBleed in the security community due to the way it exposes server memory. Technical Details MongoDB uses a…
The post MongoBleed: unauthenticated memory disclosure in MongoDB (CVE-2025-14847) appeared first on Sentrium Security.
The post MongoBleed: unauthenticated memory disclosure in MongoDB (CVE-2025-14847) appeared first on Security Boulevard.
Artificial intelligence is transforming business models and competitive advantage. Leadership teams agree AI matters, but far fewer know how to turn AI potential into real,...Read More
The post What the CEO and C-Suite Must Ask Before Building an AI Enabled Enterprise appeared first on ISHIR | Custom AI Software Development Dallas Fort-Worth Texas.
The post What the CEO and C-Suite Must Ask Before Building an AI Enabled Enterprise appeared first on Security Boulevard.
AWS CISO Amy Herzog urges security leaders to invest in visibility and automation to counter increasingly AI-driven cyberattacks in real time.
The post AWS CISO: Need for Continuous Observability is Now Critical appeared first on Security Boulevard.
The encryption protecting billions of dollars, which experts once called unbreakable, no longer works. Hackers don’t need passwords. They don’t brute-force keys. They simply walk through digital vaults that were supposed to last for decades. This is the future quantum computing is pulling toward us quietly, steadily, and faster than most organizations realize. Quantum computersRead More
The post Quantum Computing Stats, Trends & Future 2026: Crucial Year for Quantum Security appeared first on EncryptedFence by Certera - Web & Cyber Security Blog.
The post Quantum Computing Stats, Trends & Future 2026: Crucial Year for Quantum Security appeared first on Security Boulevard.
New research reveals how ransomware groups like LockBit and Black Basta exploit visibility gaps, leaving security teams struggling to keep pace.
The post Inside 2025’s Top Threat Groups: Why Familiar Actors Still Have the Upper Hand appeared first on Security Boulevard.
Silent authentication strengthens security while reducing friction for customers and employees, protecting accounts without disrupting the user experience.
The post Silent Authentication: Redefining Security, Flexibility and Customer Engagement appeared first on Security Boulevard.
Agentic AI is transforming cybersecurity with autonomous reasoning and action—but it also expands the attack surface. Learn how it reshapes enterprise security.
The post Will Agentic AI Hurt or Help Your Security Posture? appeared first on Security Boulevard.
California's DROP Program Changes Everything
The post California’s DROP Program Changes Everything: How B2C Companies Can Eliminate Authentication Liabilities and Meet Global Privacy Compliance with MojoAuth appeared first on Security Boulevard.
A very happy New Year 2026 to you. Those of you who are familiar with my work know that I preach breach readiness, cyber resilience, and building practical capabilities to remain “unaffected” by cyberattacks. A lot of what I have written in 2025 came from how great wars were fought. There is still a lot to learn about modern cyber resilience from them. […]
The post 2026 Is the Year to Be Breach Ready: Augment Cyber Resilience with Operational Excellence appeared first on ColorTokens.
The post 2026 Is the Year to Be Breach Ready: Augment Cyber Resilience with Operational Excellence appeared first on Security Boulevard.
How California's groundbreaking data deletion law signals a fundamental shift in enterprise identity lifecycle management—and why your SSO infrastructure matters more than ever
The post California’s DROP Platform Launches: What Enterprise B2B SaaS Companies Need to Know About Data Deletion Compliance appeared first on Security Boulevard.
Session 7D: ML Security
Authors, Creators & Presenters: Tianpei Lu (The State Key Laboratory of Blockchain and Data Security, Zhejiang University), Bingsheng Zhang (The State Key Laboratory of Blockchain and Data Security, Zhejiang University), Xiaoyuan Zhang (The State Key Laboratory of Blockchain and Data Security, Zhejiang University), Kui Ren (The State Key Laboratory of Blockchain and Data Security, Zhejiang University)
PAPER
A New PPML Paradigm For Quantized Models
Model quantization has become a common practice in machine learning (ML) to improve efficiency and reduce computational/communicational overhead. However, adopting quantization in privacy-preserving machine learning (PPML) remains challenging due to the complex internal structure of quantized operators, which leads to inefficient protocols under the existing PPML frameworks. In this work, we propose a new PPML paradigm that is tailor-made for and can benefit from quantized models. Our main observation is that look-up tables can ignore the complex internal constructs of any functions which can be used to simplify the quantized operator evaluation. We view the model inference process as a sequence of quantized operators, and each operator is implemented by a look-up table. We then develop an efficient private look-up table evaluation protocol, and its online communication cost is only log n, where $n$ is the size of the look-up table. On a single CPU core, our protocol can evaluate 2^{26} tables with 8-bit input and 8-bit output per second. The resulting PPML framework for quantized models offers extremely fast online performance. The experimental results demonstrate that our quantization strategy achieves substantial speedups over SOTA PPML solutions, improving the online performance by 40sim 60 times w.r.t. convolutional neural network (CNN) models, such as AlexNet, VGG16, and ResNet18, and by 10sim 25 times w.r.t. large language models (LLMs), such as GPT-2, GPT-Neo, and Llama2.
ABOUT NDSS
The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.
Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the Organizations' YouTube Channel.
The post NDSS 2025 – A New PPML Paradigm For Quantized Models appeared first on Security Boulevard.
