Author Archives
-
Shadow Models — When Employees Train Off-the-Grid AI Inside Your Org
Overview As AI adoption accelerates, so does the unauthorized development of AI models inside organizations. These are known as shadow models — AI systems trained or fine-tuned by internal teams or individuals outside official governance structures. Like shadow IT, these… Read More ›
-
The Insider Threat in AI-Driven Organizations — When the Prompt Engineer Goes Rogue
Overview As organizations adopt AI tools across critical operations, a new threat vector has emerged from within: the prompt engineer. These individuals have deep access to AI systems, know how to influence outputs, and often manage the prompts that control… Read More ›
-
AI Supply Chain Attacks — Poisoning the Model Before It’s Deployed
Overview Modern AI systems don’t emerge from a vacuum — they’re built on layers of dependencies: public datasets, third-party model weights, code libraries, pre-trained embeddings, and cloud APIs. This complex supply chain introduces a critical risk: AI supply chain attacks… Read More ›
-
Adversarial Examples in Computer Vision — Breaking AI with Tiny Pixels
Overview Computer vision models are remarkably powerful — they detect tumors, unlock your phone, and power autonomous vehicles. But what if you could fool them with a few strategically placed pixels? Welcome to the world of adversarial examples — a… Read More ›
-
Synthetic Identity Fraud in AI-Driven Authentication Systems
Overview As financial institutions and digital services increasingly rely on AI for identity verification, a new wave of fraud is emerging: synthetic identity fraud powered by generative AI. This type of fraud blends real and fake information to create believable… Read More ›
-
Prompt Injection Attacks — The Silent Killer of AI Trust
Overview As AI systems become integral to enterprise workflows, customer service, and decision-making, they also introduce new threat surfaces. One of the most underestimated threats in the AI space today is the prompt injection attack. These attacks don’t exploit code… Read More ›
-
Windows Security Logs
UltimateWindowsSecurity.com has created a Windows Security Log Encyclopedia which contains a extensive collection of logs for Windows, SQL, SharePoint, Exchange, and Sysmon.
-
MITRE Engage
MITRE Engage is a framework to help plan and discuss how to engage adversaries. These resources will allow defenders and decision makers to perform analysis and develop a plan to engage adversaries on their terms using denial and deception techniques.
-
Malware Traffic Analysis.net
MalwareTrafficAnalysis.net provides malware traffic analysis, training, and samples focused on network traffic related to malware infections.