InceptionXR’s Post

Hi LinkedIn, long time no see. Happy to announce that in the coming months, my colleague Mike Fagan and I will be researching the current state of immersive technologies, focusing on gathering insights and feedback on cybersecurity and privacy considerations from NIST’s stakeholder community. Among other things, we’re curious about what issues are novel or unique to this technology and what role NIST can play in supporting effective risk management and trust in the ecosystem. This work will include a call for input and comments, a workshop, and a final report outlining findings and recommendations for next steps. You can find more details in this blog post: https://lnkd.in/exduJwVW   We’ve got a big list of folks who we will be reaching out to. If you’re working on this issue, there’s a good chance you’ll be hearing from us in the near future. In the meantime, comments, feedback, and questions are welcome and can be sent to immersivetech@nist.gov at any time. Looking forward to working with you on this project!

Immersive Labs recently published its “Dark Side of GenAI” report about a #Generative #Artificial #Intelligence (#GenAI)-related #security #risk known as a #prompt #injection #attack, the analysis of Immersive Labs’ prompt injection challenge*, GenAI #bots are especially #susceptible to #manipulation by #people of all skill levels, not just #cyber #experts.

Turns out GenAI bots are susceptible to manipulation by people of all skill levels, not just cyber experts … 🫣 From June to September 2023 we ran our prompt injection GenAI Challenge which required individuals to trick a #GenAI bot into revealing a secret password with increasing difficulty at each of 10 levels. 🤖 Security Today explores the results of this challenge with key commentary from Immersive Labs Senior Director of Threat Intelligence, Kevin Breen who explains it is imperative “organizations implement security controls within Large Language Models and take a ‘defense in depth’ approach to GenAI”. Find out the percentage of participants that successfully tricked the bot and what measures can to be taken to secure your organisation 😲🧐

As an expert in social media marketing and U.S. consumer trends, I understand the immense potential of virtual reality (VR). It offers a new frontier for marketers, offering consumers an immersive way to engage with products and services in a way like never before. But, like all digital technologies, VR is not immune to cyberattacks; they have the potential to become a real concern for consumers. VR cybersecurity is an issue we must tackle proactively. These systems hold sensitive user data that could be exploited by cybercriminals. Beyond data concerns, there's also the psychological threat. According to the Pew Research Center, 64% of Americans have personally experienced a major data breach, and these cyberattacks can create pathologies related to the fear of being continually watched or tracked. Now, let’s amplify those emotions with the immersiveness of VR. The impact on the consumer psyche could be catastrophic, influencing their purchasing behaviors and their trust in brands. Third-party data by Symantec recently reported that the number of new malware variants for mobile increased by 54% in 2017 alone. Given the rise in VR usage on mobile platforms, it only emphasizes the need for robust defenses against such cyberattacks. On top of this, a study by Kaspersky Lab pointed out that 39% of respondents are concerned about VR's potential for espionage or theft of personal data. This worry is an obstacle for VR's mass adoption too. It's clear we need security solutions, not just for our present, but for future technological advancements in the U.S market. As marketers, we need to be part of the solution. Robust cybersecurity efforts should be made clearly visible to consumers to assuage their concerns. Such transparency will not only protect our consumers but also our brand reputation in a hyper-connected era. I invite all my fellow marketers, tech innovators, and cybersecurity experts to be part of this conversation. Let's tackle this challenge head-on and ensure the VR revolution is a secure one. After all, the future of our industries and our consumers' peace of mind depends on it. #Cybersecurity #VirtualReality #ConsumerTrust

We are pleased to announce that Treble has achieved SOC 2 Compliance! This achievement reflects our ongoing commitment to maintaining the highest standards of data security and privacy. 🙌 SOC 2 Compliance is a rigorous evaluation process that ensures a company adheres to strict information security policies and procedures. Achieving this compliance demonstrates that our operations and services meet the necessary requirements for security, availability, processing integrity, confidentiality, and privacy of customer data. 🔒 In our effort to be transparent and maintain trust with our clients and partners, we maintain a Trust page with live up-to-date status compliance status. The Trust page provides a transparent overview of the status of our security controls, offering our stakeholders insight into our commitment to data protection and security practices: https://trust.treble.tech/ Furthermore, for those interested in a deeper understanding of our security framework, our SOC 2 report is available for download. We believe in providing our clients and partners with all the information they need to feel secure and informed about their decision to work with us. We look forward to continuing to serve our customers and partners with the highest standards of security and trust. 🚀 #security #soc2 #soc2compliance #trebletechnologies

In today's rapidly evolving security landscape, having a heightened sense of situation awareness is paramount. This insightful article from Security Today delves into the latest advancements and strategies that are transforming how security professionals anticipate, recognize, and respond to threats. By integrating cutting-edge technologies and robust training programs, organizations can significantly improve their ability to maintain safety and security in various environments. Discover how these innovations are setting new standards for proactive security measures. #Rubicon #RubiconNation #PhysicalSecurity #Security #SituationAwareness #SecurityTechnology #ProactiveSecurity #SafetyFirst #CameraAccess #Awareness #LiveViewTechnologies #Partnership

⚠️𝐀𝐩𝐩𝐥𝐞 𝐕𝐢𝐬𝐢𝐨𝐧 𝐏𝐫𝐨 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲: 𝐆𝐀𝐙𝐄𝐩𝐥𝐨𝐢𝐭 𝐀𝐭𝐭𝐚𝐜𝐤 𝐑𝐞𝐯𝐞𝐚𝐥𝐬 𝐕𝐢𝐫𝐭𝐮𝐚𝐥 𝐊𝐞𝐲𝐛𝐨𝐚𝐫𝐝 𝐈𝐧𝐩𝐮𝐭𝐬⚠️ A significant security flaw (𝐂𝐕𝐄-2024-40865), known as 𝐆𝐀𝐙𝐄𝐩𝐥𝐨𝐢𝐭, was recently uncovered in 𝐀𝐩𝐩𝐥𝐞’𝐬 𝐕𝐢𝐬𝐢𝐨𝐧 𝐏𝐫𝐨 mixed reality headset. This vulnerability allowed attackers to monitor users' 𝐞𝐲𝐞 𝐦𝐨𝐯𝐞𝐦𝐞𝐧𝐭𝐬, or "gaze," and 𝐢𝐧𝐟𝐞𝐫 𝐰𝐡𝐚𝐭 𝐭𝐡𝐞𝐲 𝐰𝐞𝐫𝐞 𝐭𝐲𝐩𝐢𝐧𝐠 𝐨𝐧 𝐭𝐡𝐞 𝐯𝐢𝐫𝐭𝐮𝐚𝐥 𝐤𝐞𝐲𝐛𝐨𝐚𝐫𝐝, potentially compromising sensitive information like passwords. The flaw was linked to how avatars in virtual spaces shared eye-related biometrics, making it possible for malicious actors to analyze the 𝐠𝐚𝐳𝐞 𝐝𝐚𝐭𝐚 𝐢𝐧 𝐫𝐞𝐚𝐥-𝐭𝐢𝐦𝐞 during video calls or online meetings. Fortunately, 𝐀𝐩𝐩𝐥𝐞 𝐦𝐢𝐭𝐢𝐠𝐚𝐭𝐞𝐝 𝐭𝐡𝐢𝐬 𝐯𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 in the visionOS 1.3 update by disabling the 𝐏𝐞𝐫𝐬𝐨𝐧𝐚 𝐟𝐞𝐚𝐭𝐮𝐫𝐞  while the virtual keyboard is in use. Yet, this situation emphasizes the 𝐫𝐢𝐬𝐢𝐧𝐠 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐜𝐨𝐧𝐜𝐞𝐫𝐧𝐬 𝐚𝐬 𝐦𝐢𝐱𝐞𝐝 𝐫𝐞𝐚𝐥𝐢𝐭𝐲 and similar technologies continue to develop. For a detailed overview of GAZEploit and the steps taken to fix it, read the full article here: https://lnkd.in/g_BX42ka Follow Matisoft Cyber Security Labs for more insights and updates on this and related topics. #MatisoftLabs #AppleVisionPro #GAZEploit #CyberSecurity #TechVulnerability #VirtualReality #MixedReality #DataPrivacy #TechInnovation #AppleUpdate #CyberThreats #MatisoftInsights

Immersive Labs published a report detailing how prompt injection attacks can be used to manipulate generative AI platforms in ways that reveal sensitive data. #aisecurity #artificialintelligence #cybersecurity #immersivelabs

The permutation of every new device, platform, database, LLM, API, and user interface exponentially increases our individual and collective "attack surface area." And these permutations are growing by the hour. The rise in AI utilization brings both advancements and potential threats, especially to our legal sphere. The integration of AI, AR, and VR into the legal industry landscape can bolster efficiency and accuracy; however, it also invites an avalanche of unprecedented cyber threats that could jeopardize the sanctity of sensitive legal data and the privacy of individuals. This presents a unique challenge to all of us - lawyers, digital forensic examiners, ediscovery practitioners, and paralegals. It's clear we must all evolve and adapt, not only to leverage these digital tools but also to protect our systems and the people we serve from technological malfeasance. 💼🔐 #AIandTheLaw #CyberSecurity #forensicsweirdo;

Machine learning is transforming the way we work, and how we manage our data and privacy from hackers. The use of sophisticated machine learning can help attackers access your data and information both virtually and even in the real world. Recent research has found an attacker recording a person’s hand movements at a keyboard from a few metres away can extract 90% of their typed content. Join security and privacy researcher Zhuolin Yang for a free webinar exploring how we can identify and mitigate AI-enhanced privacy attacks. Register here: https://lnkd.in/gi28geDk