Malware & Cybersecurity Threats on the Horizon

Поделиться
HTML-код
  • Опубликовано: 3 апр 2024
  • jh.live/x-force-tii || Join me as I take a deep dive into the IBM Threat Intelligence Index with Malware Reverse Engineer at IBM X-Force, Golo Mühr. In our discussion, Golo shares his perspective on the trends in this year’s report, takes a closer look at IBM X-Force’s work and provides his predictions for the year ahead in cybersecurity.
    You can check out the full IBM X-Force Threat Intelligence Index report here jh.live/x-force-tii and learn more about IBM X-Force here: jh.live/x-force-info
    Learn Cybersecurity - Name Your Price Training with John Hammond: nameyourpricetraining.com
    📧JOIN MY NEWSLETTER ➡ jh.live/email
    🙏SUPPORT THE CHANNEL ➡ jh.live/patreon
    🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
    🌎FOLLOW ME EVERYWHERE ➡ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/discord ↔ jh.live/instagram ↔ jh.live/tiktok
    💥 SEND ME MALWARE ➡ jh.live/malware
    🔥RUclips ALGORITHM ➡ Like, Comment, & Subscribe!

Комментарии • 51

  • @cedmim6461
    @cedmim6461 Месяц назад +30

    Do you plan to make a video on the tukaani-project/xz package backdoor?

    • @BlablablaBla-tp1ws
      @BlablablaBla-tp1ws Месяц назад +2

      Just what I was about to ask!

    • @aga1nstall0dds
      @aga1nstall0dds Месяц назад +2

      Imagine john hammond is Jia tang :) just kidding plz dont hack me

    • @Nutle159
      @Nutle159 Месяц назад +1

      Just read through the xz shell script (posted on research swtch) and thought that it would be nice to see all that in action with John's commentaries! I'm sure a video is coming, can't wait!

    • @lowerclasswarfare
      @lowerclasswarfare Месяц назад

      Came here to ask this

    • @ahr0cdovlzk3my1lahqtbmftdw7
      @ahr0cdovlzk3my1lahqtbmftdw7 Месяц назад

      Boring

  • @joaovaz1289
    @joaovaz1289 Месяц назад +4

    AI is definitely over hyped, unfortunately AI today is like "blockchain" was a couple years ago where just by adding "blockchain" to your company's name would multiply it's value by 10x... On the phishing part thou it's a real risk, 99.9% of phishing mails are super easy to identify due to grammar errors or badly spelled words but with the LLM's that are being made available it will get harder to identify it like that (yeah, normal every day users do not have the skill to do a deeper analysis, they just go by the "basics" like wrong mail account, spelling errors and grammar errors)

  • @list1726
    @list1726 Месяц назад +1

    Thanks for posting

  • @Cubear99
    @Cubear99 Месяц назад +1

    I have a question. Sometimes, explore starts by open settings, then starts typing a website after that gets links and closed up. I think it will save it in the bookmarks. What do I need to do about it?.

  • @user-cv1ij4dv5b
    @user-cv1ij4dv5b Месяц назад +1

    great video.

  • @fankyWunk
    @fankyWunk Месяц назад +5

    I just read a paper on IEEE Explore called Automated Penetration Testing with Fine-Grained Control through Deep Reinforcement Learning (not allowed to link it), I’m curious as to what you think the future implications of things like this could be?

    • @fankyWunk
      @fankyWunk Месяц назад +3

      Abstract: Penetration testing (PT) is an active method of evaluating the security of a network by simulating various types of cyber attacks in order to identify and exploit vulnerabilities. Traditional PT involves a time-consuming and labor-intensive process that is prone to errors and cannot be easily formulated. Researchers have been investigating the potential of deep reinforcement learning (DRL) to develop automated PT (APT) tools. However, using DRL in APT is challenged by partial observability of the environment and the intractability problem of the huge action space. This paper introduces RLAPT, a novel DRL approach that directly overcomes these challenges and enables intelligent automation of the PT process with precise control. The proposed method exhibits superior efficiency, stability, and scalability in finding the optimal attacking policy on the simulated experiment scenario.

    • @kcnl2522
      @kcnl2522 Месяц назад +1

      Things like this have made me reconsider my desire to go into security. Still in uni but i think i would have a better future if i just go for software development or something more low level. Other stuff is getting automated, and even if it isnt good enough, companies will chose automated tools over real pentests anyday just to cut the costs. They just need the automated tools to be good enough so they can pass standards.

    • @fankyWunk
      @fankyWunk Месяц назад +1

      @@kcnl2522I get that, though we are still a long way off from this really being applicable outside of research and simulations, and there still need to be humans to run and manage it, so I wouldn’t be too worried, I’m also an IT student and there are so many facets to things like this that I would not worry about AI taking over the field anytime soon

    • @kcnl2522
      @kcnl2522 Месяц назад

      @@fankyWunk AI is just the buzzword they are using to cheap out on employers. I dont worry about it because i dont plan nor want to work for someone else my whole life. The point is, that they will make it really hard to work a fulfilling jov

    • @smnomad9276
      @smnomad9276 Месяц назад +1

      Could you elaborate? What is that exactly?

  • @willredmambo3777
    @willredmambo3777 Месяц назад +1

    awesome content

  • @furyzlm7853
    @furyzlm7853 Месяц назад +4

    xz backdoor vid ,plz? 🥺

  • @claudiamanta1943
    @claudiamanta1943 Месяц назад

    6:58 How do you determine that the attack is orchestrated by a state?

  • @mercenarie666
    @mercenarie666 Месяц назад +2

    Good content, are there links to articles and info from their research?

    • @brentsalassi5245
      @brentsalassi5245 Месяц назад +2

      That’s the link John shared several videos back.

    • @brentsalassi5245
      @brentsalassi5245 Месяц назад +1

      Never mind. Looks like I can’t post the link.

    • @nordgaren2358
      @nordgaren2358 Месяц назад +1

      @@brentsalassi5245Which link are you trying to post? Is it to the xforce report? There is a link in the description for it. It's the jh.live/x-force-tii link, I think.

    • @brentsalassi5245
      @brentsalassi5245 Месяц назад +1

      @@nordgaren2358 That’s the one. I swear it wasn’t there earlier, but I’m probably wrong.

  • @JamesonMcree
    @JamesonMcree Месяц назад +1

    does anyone know what keyboard he is using now is?

    • @takatoekoe
      @takatoekoe Месяц назад

      Would like to know too

    • @clarkey8598
      @clarkey8598 Месяц назад +1

      Keyboard: Macally 2.4G Small Wireless Keyboard
      Mouse: Logitech MX MASTER 3S

  • @shakibbro2
    @shakibbro2 Месяц назад

    please 1 video how to hacked gmail password please please new video
    🙏🙏🙏🙏🙏🙏

  • @Barty_unky
    @Barty_unky Месяц назад

    Hello 👋🏻

  • @mk-ps6xv
    @mk-ps6xv Месяц назад

    gg

  • @lyxcheats
    @lyxcheats Месяц назад

    hii

  • @somexne
    @somexne Месяц назад

    Nice AI Generated thumbnail

  • @SpectralAI
    @SpectralAI Месяц назад

    This is why we should never have accepted document technologies that allow executable code in a document. Try telling that to Microsoft or Adobe. Dumb dumb dumb. And same goes for embedded URLs.

    • @apIthletIcc
      @apIthletIcc Месяц назад

      How do you suppose files get executed when everything is technically just a text file at heart? Genuinely curious how, because even with a lot of knowledge into the matter, I can't make sense of not using documents... What am I missing

    • @apIthletIcc
      @apIthletIcc Месяц назад

      i think what you're saying is sanitation and stripping of executable code needs to be improved

  • @mathieucaron4957
    @mathieucaron4957 Месяц назад

    Another reason to send NATO in Naziland.