Experimental News Clipping Site

Tag: attack

  • Krebs on Security: Microsoft Patch Tuesday, February 2025 Edition

    by

    Kurt Seifried
    in

    Source URL: https://krebsonsecurity.com/2025/02/microsoft-patch-tuesday-february-2025-edition/ Source: Krebs on Security Title: Microsoft Patch Tuesday, February 2025 Edition Feedly Summary: Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited. AI Summary and Description: Yes **Summary:** Microsoft has issued crucial updates…

  • Slashdot: New Hack Uses Prompt Injection To Corrupt Gemini’s Long-Term Memory

    by

    Kurt Seifried
    in

    Source URL: https://it.slashdot.org/story/25/02/12/0011205/new-hack-uses-prompt-injection-to-corrupt-geminis-long-term-memory?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: New Hack Uses Prompt Injection To Corrupt Gemini’s Long-Term Memory Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a newly demonstrated attack by researcher Johann Rehberger that compromises Google’s Gemini chatbot by manipulating its long-term memory functionality through untrusted document summarization. The attack bypasses existing prompt…

  • The Register: February’s Patch Tuesday sees Microsoft offer just 63 fixes

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/02/12/patch_tuesday_february_2025/ Source: The Register Title: February’s Patch Tuesday sees Microsoft offer just 63 fixes Feedly Summary: Don’t relax just yet: Redmond has made some certificate-handling changes that could trip unprepared admins Patch Tuesday Microsoft’s February patch collection is mercifully smaller than January’s mega-dump. But don’t get too relaxed – some deserve close attention,…

  • Cloud Blog: Cybercrime: A Multifaceted National Security Threat

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/cybercrime-multifaceted-national-security-threat/ Source: Cloud Blog Title: Cybercrime: A Multifaceted National Security Threat Feedly Summary: Executive Summary Cybercrime makes up a majority of the malicious activity online and occupies the majority of defenders’ resources. In 2024, Mandiant Consulting responded to almost four times more intrusions conducted by financially motivated actors than state-backed intrusions. Despite this…

  • Slashdot: AUKUS Blasts Holes In LockBit’s Bulletproof Hosting Provider

    by

    Kurt Seifried
    in

    Source URL: https://it.slashdot.org/story/25/02/11/2156211/aukus-blasts-holes-in-lockbits-bulletproof-hosting-provider?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: AUKUS Blasts Holes In LockBit’s Bulletproof Hosting Provider Feedly Summary: AI Summary and Description: Yes **Summary:** The US, UK, and Australia have sanctioned Zservers, a Russian bulletproof hosting provider, due to its involvement with the LockBit ransomware operations. This collaborative effort underscores the importance of disrupting criminal infrastructures that…

  • Cisco Talos Blog: Microsoft Patch Tuesday for February 2025 — Snort rules and prominent vulnerabilities

    by

    Kurt Seifried
    in

    Source URL: https://blog.talosintelligence.com/february-patch-tuesday-release/ Source: Cisco Talos Blog Title: Microsoft Patch Tuesday for February 2025 — Snort rules and prominent vulnerabilities Feedly Summary: Microsoft has released its monthly security update for January of 2025 which includes 58 vulnerabilities, including 3 that Microsoft marked as “critical” and one marked as “moderate". The remaining vulnerabilities listed are classified…

  • Alerts: CISA Adds Four Known Exploited Vulnerabilities to Catalog

    by

    Kurt Seifried
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2025/02/11/cisa-adds-four-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Four Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added four vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-40891 Zyxel DSL CPE OS Command Injection Vulnerability CVE-2024-40890 Zyxel DSL CPE OS Command Injection Vulnerability CVE-2025-21418 Microsoft Windows Ancillary Function Driver for…