The 2023 Lifetime Fundraiser brings you rare usernames and 11 chances to win Proton’s most exclusive account!
We’ve received hundreds of community-nominations for organizations that advance privacy, freedom, and human rights around the world.
Check who we’re supporting this year. ⬇️ (1/3)
Cool Firefox is rolling out ECH, bring on the #privacy.
https://blog.mozilla.org/en/products/firefox/encrypted-hello/
🚀 Leveraging Local Language Models for Enhanced Privacy and Control
In the rapidly evolving landscape of artificial intelligence and natural language processing, the shift towards running large language models (LLMs) locally represents a significant stride in data privacy and operational control. I recently had the opportunity to delve into this domain by developing ollamachat.py – a Python-based conversational AI tool utilizing Streamlit and LangChain with local Ollama models.
🔒 Privacy First
One of the foremost advantages of operating LLMs like Ollama on a local server is the bolstered privacy. When you process data in-house, sensitive information never leaves your premises, dramatically reducing the risk of data breaches and external snooping. This approach is crucial for industries handling confidential data, such as healthcare, legal, and finance, where client confidentiality is paramount.
🎛️ Customized Control
Running LLMs locally also grants unparalleled control over the model's functionality. Users can tailor the AI to their specific needs, be it tweaking the model for niche tasks or ensuring compliance with industry-specific regulations. This level of customization is a game-changer, particularly for sectors requiring highly specialized knowledge bases.
🔧 Tech Deep Dive
In ollamachat.py, users can interact with various AI models, choosing the one that best fits their query or conversation style. This script is more than just a tool; it's a testament to how local AI deployment can seamlessly integrate into our workflows, enhancing user experiences while upholding stringent privacy standards.
🌍 Community Contributions
I thank the Streamlit and LangChain communities for their invaluable resources. Their contributions have been pivotal in exploring new frontiers in AI and pushing the boundaries of what's possible with local LLMs.
🤖 Looking Ahead
The landscape of AI is continually shifting, and the move towards localized, privacy-centric models is just the beginning. As I continue to innovate, integrating advanced components like vector databases and Retriever-Augmented Generation (RAG) models is next on the roadmap. These technologies will further enhance the abilities of AI models in information retrieval and synthesis, opening up new possibilities for more nuanced and contextually rich AI interactions.
🔗 Explore the code here: https://github.com/schwartz1375/ollamachat
I’m happy to share a valuable tool for my fellow threat hunters and blue teams - Sweethoney, a PE file static analysis tool.
Sweethoney is a Python application designed to facilitate automated file analysis by performing comprehensive analyses of executable files and identifying potential suspicious behaviors across various alert categories. It streamlines the malware analysis process, saving time and enhancing detection capabilities.
Key features include in-depth PE analysis, detection of suspicious behaviors, security feature checks, file characteristics assessment, and a powerful string analysis tool that extracts and analyzes strings from executable files to detect potential indicators of compromise (IoCs). Additionally, it leverages OpenAI’s GPT-3.5 Turbo model to understand the purpose of APIs and their potential security implications.
Indicators of Compromise (IoC) (via regular expressions) include IPv4/IPv6 addresses, URLs, Windows Registry keys, HTTP user agents, email addresses, Windows services, common malware commands, and more. (See fileUtils.py for the complete list)
Using OpenAI’s powerful language model, Sweethoney provides valuable insights for assessing potential security risks and vulnerabilities, enhancing cybersecurity efforts.
A big thank you to my friends and colleagues who provided insights and suggestions over the years to make this tool better!
Check out the project on GitHub (https://github.com/schwartz1375/sweethoney) and contribute to making cyberspace safer for everyone!
#cybersecurity #threatdetection #fileanalysis #opensource #openai #tool
🚀 Unveiling TUNGSTENBLADE: NLP Meets Malware Analysis
I’m thrilled to introduce the fruits of my latest endeavors in applied machine learning: TUNGSTENBLADE.
Blending the worlds of NLP and cybersecurity, TUNGSTENBLADE innovatively analyzes malware by interpreting strings within binary files as 'words' in a textual document. The mission? To reveal concealed patterns and decisively classify binaries as benign or malicious.
🛠 Key Techniques:
Tokenization: Segmenting lengthy paragraphs into smaller chunks or tokens.
N-grams: Capturing the contextual essence of words in sequences.
TF-IDF: Gauging the significance of a word in a document relative to its entire collection.
🔧 Project Highlights:
Seamlessly integrates traditional malware analysis with avant-garde NLP techniques.
Features a plethora of scripts, each utilizing a unique NLP approach.
It boasts encouraging outcomes, with specific methods achieving an astounding accuracy of up to 99.3%!
🔗 Explore Now! Delve into the intricacies and navigate the codebase on GitHub: https://github.com/schwartz1375/tungstenblade
🌐 Final Thoughts: The demand for groundbreaking solutions intensifies as malware continues its relentless evolution.
🌐💻 To all my network involved in remote device connection using SSH, I'd like to recommend a game-changer: Mosh (https://mosh.org). Mosh is an efficient and reliable shell that's optimized for intermittent connections and is incredibly mobile-friendly.
Especially for those who often use mobile devices, Mosh's responsive nature makes remote work far less of a hassle. It's built to withstand packet loss, which means you can expect a seamless work experience even when your internet connection isn't perfect.
For those on iOS, there's another excellent tool I'd like to share: Blink Shell (https://blink.sh). It's robust, versatile, and very intuitive to use.
Consider giving these tools a try and upgrade your remote device connection experience. Looking forward to hearing about your experience with them! 💡💻🚀 #TechTips #RemoteWork #Mosh #BlinkShell #SSH
@superevr End Of Day usually means the end of the business day, not midnight.
📚💡 I've been reflecting on Michael N. Kennedy's insightful book "Product Development for the Lean Enterprise" (ISBN 1-892538-09-1) and came across this profound quote:
"You cannot effectively buy knowledge, because unless you have it, you can't tell the quality of what you are buying."
This statement has really resonated with me, particularly in the context of adding consultants to a project. Consultants can be valuable assets, offering their specialized expertise to navigate complex challenges. However, how do we discern the quality of their contribution without some foundational knowledge in their area of expertise?
This brings to light a critical element of project management: while we can leverage external expertise, investing in our own knowledge growth is crucial. It helps us make informed decisions, manage external resources effectively, and ultimately drive our projects toward success.
We can't merely 'buy' our way to project success; we must also be willing to learn, understand, and grow. Let's ensure we aren't just consumers of knowledge but active learners and informed decision-makers.
#ProductDevelopment #LeanEnterprise #Consulting #KnowledgeIsPower #ProjectManagement
I am excited to share that a new milestone has been achieved on my ML/AI cybersecurity journey! My recent project underscores the immense potential of natural language processing, text vectorization, and sequential model architecture in enhancing our defenses against digital threats. This is just the beginning, and I'm thrilled about what's next on this remarkable journey. Here's to pushing boundaries, driving innovation, and creating safer digital spaces! 🚀 #CyberSecurity #MachineLearning #DeepLearning #NLP #AI
When discussing executable files in Windows, the first thing that comes to mind is the .exe file extension. But did you know the same underlying Portable Executable (PE) file format is used by several other file extensions as well?
Apart from .exe, here are some common ones:
✔️ .dll: Dynamic Link Libraries - reusable code modules.
✔️ .sys: System files - often used for device drivers.
✔️ .ocx: OLE Control Extension - used for interactive UI elements.
✔️ .scr: Screensaver files - yes, screensavers can contain executable code!
✔️ .efi: Part of UEFI, the firmware interface on modern PCs.
✔️.cpl: Control Panel files - used to extend the Control Panel’s functionality.
These file types can serve various functions, from operating hardware devices to enhancing user interface interactions. They illustrate the flexible utility of the PE format, but it’s also worth noting that each of them could be exploited by malware in various ways.
iOS 16.4 beta 3 lets users sign in with a different Apple ID to download beta software - 9to5Mac https://apple.news/A_n4JJUDQSqyTEiH9UJ2NRA
Kaspersky got ChatGPT to do some threat intelligence and this confirms that it mostly talks like a confident white guy on the Internet https://securelist.com/ioc-detection-experiments-with-chatgpt/108756/
@Sidneys1 WinMain is the user-defined entry point for GUI. If built with VS WinMainCRTStart will call this function.
For those looking to understand AWS IAM, take a look at @iann0036 Mapping The AWS IAM Universe ( https://fwdcloudsec.org/presentations/2021/Mapping_the_AWS_IAM_universe.pdf)
This week, LastPass, and its parent company GoTo, both published blog posts about their recent data breach: http://tcrn.ch/3ucMvBx
But if you search for GoTo's blog post in Google, you won't find it, because GoTo hid its breach notice from search engines using "noindex" code.
