Today as part of our commitment to transparency in this space, we are proud to announce that we have reported the first 20 vulnerabilities discovered using our AI-based "Big Sleep" system powered by Gemini — goo.gle/bigsleep

Today during @MunSecConf #MSC2024 @google is announcing its AI Cyber Defense Initiative aimed at tapping into the potential AI can bring to cyber defenders and continuing investments in AI-ready infrastructure, tools, research and AI security training: blog.google/technology/safety-security/google-ai-cyber-defense-initiative/

‼️🚨NEW report and blog from the @google TAG and @Mandiant teams explores the implications of the Israel-Hamas war and where things stand with cyber in the Russian war in Ukraine: https://blog.google/technology/safety-security/tool-of-first-resort-israel-hamas-war-in-cyber/

Excited to see some awesome Safety Engineers in Munich this week!

The CSRB has released its second ever report on cyber safety, a study of a loosely affiliated hacker group that compromised dozens of well-defended companies with low-complexity attacks. https://www.cisa.gov/resources-tools/resources/review-attacks-associated-lapsus-and-related-threat-groups-report

Irrationally excited about Blackhat/Defcon/hacker summer camp. See you all in Vegas!

The 2021 Log4j bugs represent an endemic vulnerability we will be battling for a long time. Good data from Arctic Wolf. 11% of their breaches. Significant use by Ransomware groups. https://arcticwolf.com/resources/blog/log4j-retrospective/

Honored to join with CSRB colleagues (Under Secretary DHS and Chair, Rob Silvers, @dmitri, @k8em0, et al) for a rare opportunity to improve cybersecurity for everyone, by reviewing a grouping of related attacks affecting a wide variety of orgs. https://www.dhs.gov/news/2022/12/02/cyber-safety-review-board-conduct-second-review-lapsus