This Splunk Lantern blog post highlights new articles on instrumenting LLMs with Splunk, leveraging Kubernetes for Splunk, and using Splunk Asset and Risk Intelligence.
This article exposes vulnerabilities in GitHub's repository network, allowing access to deleted and private repository data, even after deletion or forking. It details how to access data from deleted forks, deleted repositories, and private repositories, highlighting security risks and potential solutions.
A look at the social aspects of the Incompatible Timesharing (ITS) operating system, focusing on its lack of security and how that facilitated collaboration and a sense of community among users. The author argues that ITS was a forerunner to modern social media.
Aegis is a free, open source Android app that securely manages 2-step verification tokens. It supports HOTP and TOTP, is compatible with thousands of services, and offers features like screen capture prevention, biometric unlock, and automatic backups.
Learn about JSON Web Tokens (JWT) authentication, its working, components, benefits, and implementation with examples using Node.js and Express. This guide covers the process, key components, and security of JWT.
ExpressVPN retains CNET's Editors' Choice for best overall VPN thanks to its increased transparency efforts and solid commitment to privacy. It's a premium service, but it offers excellent speed, security and a user-friendly interface.
An analysis of Large Language Models' (LLMs) vulnerability to prompt injection attacks and potential risks when used in adversarial situations, like on the Internet. The author notes that, similar to the old phone system, LLMs are vulnerable to prompt injection attacks and other security risks due to the intertwining of data and control paths.
This post highlights how the GitHub Copilot Chat VS Code Extension was vulnerable to data exfiltration via prompt injection when analyzing untrusted source code.
SIEM market is undergoing significant changes, with many vendors included in Gartner's latest Magic Quadrant report. However, amid the cloud transformation, vendor consolidation, and competition and integration with extended detection and response (XDR), the future is uncertain. The recent acquisition of Splunk by Cisco and IBM selling its QRadar software-as-a-service (SaaS) assets to Palo Alto Networks indicate that some big players are shifting strategies. Gartner Distinguished VP Analyst Peter Firstbrook suggests that IBM is giving up on SIEM and SOAR markets in favor of XDR, while Cisco is trying to figure out how to integrate Splunk with its XDR strategy. Many existing SIEM vendors will either be acquired, shift toward niche markets, or go out of business. Over the next 10 years, the SIEM market will transition to a few dominant players offering integrated platforms supplemented by specialized partner solutions.
This article discusses the MIT Artificial Intelligence (AI) Lab's 'Tourist Policy' and how it impacted students' access to its resources. As a high school student in Maryland, the author shares their experience of using the lab's PDP-10s over the ARPANET and how it inspired them to learn and contribute to the MIT community.
