Lmst

ITmedia AI＋ (@itm_aiplus)

NASA가 AI를 활용해 허블 우주망원경 아카이브를 분석한 결과, 단 2일 반 만에 약 1300개의 '이상한 천체' 후보를 발견했다는 보도입니다. 대규모 천문 데이터에서 이상 신호를 자동 탐지한 사례로, AI 기반 천문 탐사·데이터 마이닝의 효율성과 잠재력을 보여줍니다.

https://x.com/itm_aiplus/status/2018180102232903826

#ai #astronomy #nasa #hubble #anomalydetection

VictoriaMetrics Anomaly Detection is a component of #VictoriaMetrics Enterprise, which enhances your observability framework by identifying irregularities within metrics data.
Learn how one US software and services provider improved traffic alerting with VictoriaMetrics Anomaly Detection.
Learn more in this blog post: https://bit.ly/3LFNeI2

#AnomalyDetection

Anomaly Detection Analysis with Python
Find unusual transactions without labels, using a baseline + Isolation Forest + practical verification.
This post shows a clean workflow: define “unusual” with a baseline, train Isolation Forest, validate with simple sanity checks, and reduce false alarms with practical rules.

🔗 https://medium.com/towards-artificial-intelligence/anomaly-detection-analysis-with-python-af21e87ae1c3

#Python #DataScience #AnomalyDetection #MachineLearning #Fraud

@chartrdaily @programming @pythonclcoding @theartificialintelligence @medium

Nice story about #AI assisting a rescue mission in the alps: https://www.bbc.com/future/article/20260108-how-ai-solved-the-mystery-of-a-missing-mountaineer

Well, in this case it was slightly too late, it is an interesting use case for AI nonetheless. Note that this is not #LLMs obviously, but some kind of #AnomalyDetection for #ComputerVision.

When no data is still important 📊

Missing data isn’t always noise ⚠️ sometimes it’s the signal 🚨. Handling it correctly is key for accurate anomaly detection 🔍

👉 Learn more: https://opensearch.org/blog/a-customer-impact-journey-when-no-data-is-still-important-data/

#OpenSearch #Anomalydetection #searchinnovation #datamanagement

Dự án LionLock FDE vừa cập nhật lớn: công bố công khai Module 2, 3 và 4. Module 2 xử lý điểm số và phát hiện mệt mỏi; Module 3 phát hiện bất thường và dịch chuyển dữ liệu; Module 4 cung cấp telemetry SQL an toàn, bảo vệ quyền riêng tư. Sắp tới là Module 5 (gating logic). Mở đón cộng tác viên và phản hồi từ cộng đồng. #LionLock #OpenSource #AIreliability #AnomalyDetection #FDE #DựánLionLock #Mởnguồn #Pháthiệnbấtthường #Độtincai

https://www.reddit.com/r/LocalLLaMA/comments/1pzlruj/update_to_proje

What Is a Supply Chain Attack? Lessons from Recent Incidents

924 words, 5 minutes read time.

I’ve been in computer programming with a vested interest in Cybersecurity long enough to know that your most dangerous threats rarely come through the obvious channels. It’s not always a hacker pounding at your firewall or a phishing email landing in an inbox. Sometimes, the breach comes quietly through the vendors, service providers, and software updates you rely on every day. That’s the harsh reality of supply chain attacks. These incidents exploit trust, infiltrating organizations by targeting upstream partners or seemingly benign components. They’re not theoretical—they’re real, costly, and increasingly sophisticated. In this article, I’m going to break down what supply chain attacks are, examine lessons from high-profile incidents, and share actionable insights for SOC analysts, CISOs, and anyone responsible for protecting enterprise assets.

Understanding Supply Chain Attacks: How Trusted Vendors Can Be Threat Vectors

A supply chain attack occurs when a threat actor compromises an organization through a third party, whether that’s a software vendor, cloud provider, managed service provider, or even a hardware supplier. The key distinction from conventional attacks is that the adversary leverages trust relationships. Your defenses often treat trusted partners as safe zones, which makes these attacks particularly insidious. The infamous SolarWinds breach in 2020 is a perfect example. Hackers injected malicious code into an update of the Orion platform, and thousands of organizations unknowingly installed the compromised software. From the perspective of a SOC analyst, it’s a nightmare scenario: alerts may look normal, endpoints behave according to expectation, and yet an attacker has already bypassed perimeter defenses. Supply chain compromises come in many forms: software updates carrying hidden malware, tampered firmware or hardware, and cloud or SaaS services used as stepping stones for broader attacks. The lesson here is brutal but simple: every external dependency is a potential attack vector, and assuming trust without verification is a vulnerability in itself.

Lessons from Real-World Supply Chain Attacks

History has provided some of the most instructive lessons in this area, and the pain was often widespread. The NotPetya attack in 2017 masqueraded as a routine software update for a Ukrainian accounting package but quickly spread globally, leaving a trail of destruction across multiple sectors. It was not a random incident—it was a strategic strike exploiting the implicit trust organizations placed in a single provider. Then came Kaseya in 2021, where attackers leveraged a managed service provider to distribute ransomware to hundreds of businesses in a single stroke. The compromise of one MSP cascaded through client systems, illustrating that upstream vulnerabilities can multiply downstream consequences exponentially. Even smaller incidents, such as a compromised open-source library or a misconfigured cloud service, can serve as a launchpad for attackers. What these incidents have in common is efficiency, stealth, and scale. Attackers increasingly prefer the supply chain route because it requires fewer direct compromises while yielding enormous operational impact. For anyone working in a SOC, these cases underscore the need to monitor not just your environment but the upstream components that support it, as blind trust can be fatal.

Mitigating Supply Chain Risk: Visibility, Zero Trust, and Preparedness

Mitigating supply chain risk requires a proactive, multifaceted approach. The first step is visibility—knowing exactly what software, services, and hardware your organization depends on. You cannot defend what you cannot see. Mapping these dependencies allows you to understand which systems are critical and which could serve as entry points for attackers. Second, you need to enforce Zero Trust principles. Even trusted vendors should have segmented access and stringent authentication. Multi-factor authentication, network segmentation, and least-privilege policies reduce the potential blast radius if a compromise occurs. Threat hunting also becomes crucial, as anomalies from trusted sources are often the first signs of a breach. Beyond technical controls, preparation is equally important. Tabletop exercises, updated incident response plans, and comprehensive logging equip teams to react swiftly when compromise is detected. For CISOs, it also means communicating supply chain risk clearly to executives and boards. Stakeholders must understand that absolute prevention is impossible, and resilience—rapid detection, containment, and recovery—is the only realistic safeguard.

The Strategic Imperative: Assume Breach and Build Resilience

The reality of supply chain attacks is unavoidable: organizations are connected in complex webs, and attackers exploit these dependencies with increasing sophistication. The lessons are clear: maintain visibility over your entire ecosystem, enforce Zero Trust rigorously, hunt for subtle anomalies, and prepare incident response plans that include upstream components. These attacks are not hypothetical scenarios—they are the evolving face of cybersecurity threats, capable of causing widespread disruption. Supply chain security is not a checkbox or a one-time audit; it is a mindset that prioritizes vigilance, resilience, and strategic thinking. By assuming breach, questioning trust, and actively monitoring both internal and upstream environments, security teams can turn potential vulnerabilities into manageable risks. The stakes are high, but so are the rewards for those who approach supply chain security with discipline, foresight, and a relentless commitment to defense.

Call to Action

If this breakdown helped you think a little clearer about the threats out there, don’t just click away. Subscribe for more no-nonsense security insights, drop a comment with your thoughts or questions, or reach out if there’s a topic you want me to tackle next. Stay sharp out there.

D. Bryan King

Sources

Disclaimer:

The views and opinions expressed in this post are solely those of the author. The information provided is based on personal research, experience, and understanding of the subject matter at the time of writing. Readers should consult relevant experts or authorities for specific guidance related to their unique situations.

#anomalyDetection #attackVector #breachDetection #breachResponse #CISO #cloudSecurity #cyberattackLessons #cybersecurity #cybersecurityGovernance #cybersecurityIncident #cybersecurityMindset #cybersecurityPreparedness #cybersecurityResilience #cybersecurityStrategy #EndpointSecurity #enterpriseRiskManagement #enterpriseSecurity #hardwareCompromise #hardwareSecurity #incidentResponse #incidentResponsePlan #ITRiskManagement #ITSecurityPosture #ITSecurityStrategy #Kaseya #maliciousUpdate #MFASecurity #MSPSecurity #networkSegmentation #NotPetya #organizationalSecurity #perimeterBypass #ransomware #riskAssessment #SaaSRisk #securityAudit #securityControls #SOCAnalyst #SOCBestPractices #SOCOperations #softwareSecurity #softwareSupplyChain #softwareUpdateThreat #SolarWinds #supplyChainAttack #supplyChainMitigation #supplyChainRisk #supplyChainSecurityFramework #supplyChainVulnerabilities #thirdPartyCompromise #threatHunting #threatLandscape #trustedVendorAttack #upstreamCompromise #upstreamMonitoring #vendorDependency #vendorRiskManagement #vendorSecurity #vendorTrust #zeroTrust

Illustration of a digital network under attack, highlighting compromised vendors and software updates, titled “What Is a Supply Chain Attack? Lessons from Recent Incidents.”

What do Microsoft’s 2026 security features tell us about how attackers are actually breaching collaboration platforms?

On this week’s Cyberside Chats, Sherri Davidoff and Matt Durrin break down the updates—from anomaly reporting to tenant restrictions—and show why every organization needs clearer data classifications, stronger identity boundaries, and easier ways for users to report suspicious activity. It’s a practical roadmap for securing the tools employees rely on every day.

Watch the video: https://www.youtube.com/watch?v=60bYlgCI7zw

Listen here: https://www.chatcyberside.com/e/collaboration-under-siege-microsoft-s-teams-security-overhaul/

Or find Cyberside Chats wherever you get your podcasts.

#CollaborationTools #Microsoft365 #IdentityManagement #AnomalyDetection #AICopilots #DataSecurity #SecurityTraining #CybersideChats

Sử dụng LLM để kiểm tra logic phát hiện bất thường trong dữ liệu giá sản phẩm (ví dụ: tăng giá ảo trước khi giảm giá). LLM giúp phát hiện các trường hợp biên, tạo dữ liệu kiểm thử đối nghịch & làm rõ các giả định trong logic. Rất hữu ích trong giai đoạn thiết kế!

#LLM #AI #Programming #AnomalyDetection #TimeSeries #VietNam #CôngNghệ #TríTuệNhânTạo

https://www.reddit.com/r/programming/comments/1pbzinp/using_llms_to_reason_over_pricehistory_time/

🚨 New CRAN Task View: Anomaly Detection
#rstats #anomalydetection

By Priyanga Dilini Talagala @pridiltal , Rob J. Hyndman @robjhyndman Gaetano Romano

URL: https://CRAN.R-project.org/view=AnomalyDetection

Screenshot of the CRAN Task View "Anomaly Detection" at https://CRAN.R-project.org/view=AnomalyDetection

Most security systems are reactive, designed to catch a fire after it has already started. Our conceptual architectural blueprint includes a proactive, Context-Aware Anomaly Detection System that learns "normal" behavior and flags suspicious intent-not just malicious IP addresses. This is the difference between a clumsy shield and an intelligence-driven defense.
#DataSecurity #AnomalyDetection #Al #MachineLearning #BehavioralAnalytics
#ProactiveSecurity #Strategiclntelligence #ShaolinDataScience

MultiADS: Defect-aware Supervision for Multi-type Anomaly Detection and Segmentation in Zero-Shot Learning

In manufacturing, quality control remains a critical yet complex task, especially when multiple defect types are involved. MultiADS introduces a system capable of detecting and segmenting a wide range of anomalies (e.g., scratches, bends, holes), even in zero-shot settings.

By combining visual analysis with descriptive textual input and using a curated Knowledge Base for Anomalies, MultiADS generalizes to unseen defect types without requiring prior visual examples and consistently outperforms state-of-the-art models across several benchmarks, offering a robust and scalable solution for industrial inspection tasks.

Sadikaj, Y., Zhou, H., Halilaj, L., Schmid, S., Staab, S., & Plant, C. MultiADS: Defect-aware Supervision for Multi-type Anomaly Detection and Segmentation in Zero-Shot Learning. International Conference on Computer Vision, ICCV 2025, Hawai, Oct 19-23, 2025, #ICCV2025. https://arxiv.org/abs/2504.06740.

#AI #AIResearch #ComputerVision #AnomalyDetection #ZeroShot

Recent weeks show defensive AI maturing rapidly, with anomaly detection models advancing toward deployment. ❤️ #adaptivesecurity #AnomalyDetection #APIIntegration #CloudNativeSolutions #cyberdefense #humanAIcollaboration #regulatoryframeworks #threatintelligence #redrobot

https://redrobot.online/2025/06/ai-cybersecurity-enters-adaptive-phase-as-defense-innovations-accelerate/

Smart Home Security: AI-Driven Protection for Safer Living

https://rackenzik.com/smart-home-security-ai-driven-protection-for-safer-living/

#SmartHome #HomeAutomation #CyberSecurity #HomeSecurity #AI #PrivacyMatters #IoT #SmartDevices #AnomalyDetection #FaceRecognition #DigitalSecurity #TechSafety

🚨🚂 Welcome aboard the 🚀 #AppSignal 🛤️ express, where buzzwords like "Solid Queue" sound like a hipster brunch choice and "Anomaly Detection" is your morning coffee spilling! ☕ Who knew Ruby on Rails needed more rails and less ruby? 🤷‍♂️
https://blog.appsignal.com/2025/05/07/an-introduction-to-solid-queue-for-ruby-on-rails.html #SolidQueue #AnomalyDetection #RubyOnRails #TechTrends #HackerNews #ngated