I have posted my second blog in an ongoing series that is focused on using graph databases as a method to improve both automated and manual #security reviews by making more robust connections between application and network security data: blogs.adobe.com/security/2020/…

A quick reminder for everyone to go out and vote. While states like Texas and Hawai’i have already exceeded their 2016 turnout, states like California are still only at 2/3 of their 2016 turnout. Additional in-person voting locations have been opened throughout CA this weekend.

We’re supporting community #security research by partnering with Trend Zero Day Initiative for this year’s #Pwn2Own competition – check out the details and get involved here: bit.ly/396Uwht

This year at #CanSecWest, I will be kicking off the conference talking about deepfakes and the research being done to combat them by groups such as the #C2PA. The conference begins on April 13th and more details will be coming soon! secwest.net/csw21presentat…

Next week, Peleus Uhley joins the all-digital #CanSecWest conference for a conversation about the Content Authenticity Initiative– and what the tech industry can do to help combat it. #deepfakes bit.ly/3cXXFCA

#deepfakes & other forms of disinformation online become increasingly hard to spot, organizations like the Content Authenticity Initiative are exploring ways to fight back and empower consumers. Today at noon PST, learn more at #CanSecWest w/ Peleus Uhley: bit.ly/3cXXFCA

A major step forward for our work: NYTimes R&D launches a prototype showing our secure system in place in photos published on their CMS. Read @slyon66 on the proof of concept, showcasing images from a secure Qualcomm Truepic test device: contentauthenticity.org/blog/new-york-…

Twitter’s participation as a leader in our efforts, cemented today with C2PA membership, marks an important milestone on the journey to empowering consumers with transparency. Read more on this big news: contentauthenticity.org/blog/twitter-j…

Today we announce, The Washington Post as an important addition to Content Authenticity Initiative. Read more about this important partnership for content authenticity and provenance. adobe.ly/2RhcJTN

The Coalition for Content Provenance and Authenticity (#C2PA) has published its draft technical specifications for public review. This is the initiative to combat #disinformation that I discussed in my CanSecWest keynote. Please check it out & contribute: contentauthenticity.org/blog/announcin…

Major milestones in digital content provenance today with release of #C2PA specification and three open-source projects from us: a #JavaScript UI kit, a command line utility, and full SDK (using #rustlang). Read more: contentauthenticity.org/blog/milestone…

And join us today for the C2PA launch event. There will be a set of discussions on the path forward and a comprehensive demonstration of what is available now. c2pa.org/register

The #C2PA v.1.0 specification is now live. This standard is designed to help combat online disinformation by enabling end-users to access the original author and contextual information of the images that they are viewing online.

This article gives a good TL;DR summary about what today's #C2PA launch means.

Today marks a watershed moment in driving mainstream awareness and adoption of Content Credentials — Google has joined the Coalition for Content Provenance and Authenticity (C2PA) steering committee.   Google will collaborate with other steering committee members (Adobe, The

Rich Mogull beehiiv 🐝 He offers these in-person training for big bucks, so this self-guided hands-on lab course is an absolute steal. Highly recommend, especially for beginners looking for hands-on experience. slaw.securosis.com

Tomorrow, I'll be giving the opening keynote at the ToroHack security conference. ToroHack is open to all students and is hosted by CSU Dominguez Hills. The talk will discuss LLM Security and how students can handle emerging tech throughout their career. torohack.net/schedule/

"In streaming mode, the LLM tokens are emitted sequentially, introducing a token-length side-channel. Malicious actors could eavesdrop on packets via public networks or within an ISP. ... it is easy to infer how many tokens were transmitted and their sequence and individual

General LLMs like ChatGPT are Swiss Army knives. They are useful for a lot of simple tasks. However, sometimes you need a socket wrench. While it's fun to see all the things you can do with a Swiss Army knife, they also reinforce the need for specialized tools for advanced tasks.

#bugbountytips: If #BugBounty hunters are looking for something to do this weekend, AdobeSecurity has just expanded our public bug bounty program (hackerone.com/adobe?type=team) to include several new targets on HackerOne: medium.com/adobetech/adob…