advisory – Experimental News Clipping Site

Slashdot: OpenAI Expands ChatGPT Memory To Draw on Full Conversation History

Apr 10, 2025

—

by

Source URL: https://slashdot.org/story/25/04/10/1727255/openai-expands-chatgpt-memory-to-draw-on-full-conversation-history?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: OpenAI Expands ChatGPT Memory To Draw on Full Conversation History Feedly Summary: AI Summary and Description: Yes Summary: OpenAI has enhanced ChatGPT’s memory functionality, allowing it to recall past conversations for more relevant interactions. This feature raises important considerations regarding user privacy and compliance with data protection regulations. Detailed…

The Register: Flux off: CISA, annexable allies warn of hot DNS threat

Apr 3, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/04/03/cisa_and_annexable_allies_warn/ Source: The Register Title: Flux off: CISA, annexable allies warn of hot DNS threat Feedly Summary: Shape shifting technique described as menace to national security The US govt’s Cybersecurity Infrastructure Agency, aka CISA, on Thursday urged organizations, internet service providers, and security firms to strengthen defenses against so-called fast flux attacks.… AI…

Cloud Blog: Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)

Apr 3, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-exploiting-critical-ivanti-vulnerability/ Source: Cloud Blog Title: Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457) Feedly Summary: Written by: John Wolfram, Michael Edie, Jacob Thompson, Matt Lin, Josh Murchie On Thursday, April 3, 2025, Ivanti disclosed a critical security vulnerability, CVE-2025-22457, impacting Ivanti Connect Secure (“ICS”) VPN appliances version 22.7R2.5 and…

Alerts: NSA, CISA, FBI, and International Partners Release Cybersecurity Advisory on “Fast Flux,” a National Security Threat

Apr 3, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2025/04/03/nsa-cisa-fbi-and-international-partners-release-cybersecurity-advisory-fast-flux-national-security Source: Alerts Title: NSA, CISA, FBI, and International Partners Release Cybersecurity Advisory on “Fast Flux,” a National Security Threat Feedly Summary: Today, CISA—in partnership with the National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), Canadian Centre for Cyber Security (CCCS), and New…

Hacker News: OSS-SEC: Three bypasses of Ubuntu’s unprivileged user namespace restrictions

Mar 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://seclists.org/oss-sec/2025/q1/253 Source: Hacker News Title: OSS-SEC: Three bypasses of Ubuntu’s unprivileged user namespace restrictions Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text describes three significant bypass vulnerabilities affecting Ubuntu’s unprivileged user namespace restrictions, as outlined in a Qualys Security Advisory. It highlights how unprivileged users can exploit these vulnerabilities to…

Alerts: CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure

Mar 28, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2025/03/28/cisa-releases-malware-analysis-report-resurge-malware-associated-ivanti-connect-secure Source: Alerts Title: CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure Feedly Summary: CISA has published a Malware Analysis Report (MAR) with analysis and associated detection signatures on a new malware variant CISA has identified as RESURGE. RESURGE contains capabilities of the SPAWNCHIMERA[1] malware variant, including surviving…

Alerts: CISA Releases One Industrial Control Systems Advisory

Mar 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2025/03/27/cisa-releases-one-industrial-control-systems-advisory Source: Alerts Title: CISA Releases One Industrial Control Systems Advisory Feedly Summary: CISA released one Industrial Control Systems (ICS) advisory on March 27, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-037-01 Schneider Electric EcoStruxure Power Monitoring Expert (PME) (Update A) CISA encourages users and…

The Register: CrushFTP CEO’s feisty response to VulnCheck’s CVE for critical make-me-admin bug

Mar 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/03/27/crushftp_cve/ Source: The Register Title: CrushFTP CEO’s feisty response to VulnCheck’s CVE for critical make-me-admin bug Feedly Summary: Screenshot shows company head unhappy, claiming ‘real CVE is pending’ CrushFTP’s CEO is not happy with VulnCheck after the CVE numbering authority (CNA) released an unofficial ID for the critical vulnerability in its file transfer…

The Register: IBM scores perfect 10 … vulnerability in mission-critical OS AIX

Mar 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/03/19/ibm_aix_critical_vulnerabilities/ Source: The Register Title: IBM scores perfect 10 … vulnerability in mission-critical OS AIX Feedly Summary: Big Blue’s workstation workhorse patches hole in network installation manager that could let the bad guys in IBM “strongly recommends" customers running its Advanced Interactive eXecutive (AIX) operating system apply patches after disclosing two critical vulnerabilities,…

The Register: ‘Dead simple’ hijacking hole in Apache Tomcat ‘now actively exploited in the wild’

Mar 18, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/03/18/apache_tomcat_java_rce_flaw/ Source: The Register Title: ‘Dead simple’ hijacking hole in Apache Tomcat ‘now actively exploited in the wild’ Feedly Summary: One PUT request, one poisoned session file, and the server’s yours A trivial flaw in Apache Tomcat that allows remote code execution and access to sensitive files is said to be under attack…

Tag: advisory