Experimental News Clipping Site

Tag: backdoor

  • Hacker News: RomCom exploits Firefox and Windows zero days in the wild

    by

    system automation
    in

    Source URL: https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/ Source: Hacker News Title: RomCom exploits Firefox and Windows zero days in the wild Feedly Summary: Comments AI Summary and Description: Yes Summary: The text provides a detailed analysis of critical zero-day vulnerabilities discovered in Mozilla products, specifically Firefox, Thunderbird, and the Tor Browser, which are being exploited by a Russia-aligned cyber…

  • The Register: Salt Typhoon’s surge extends far beyond US telcos

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/11/27/salt_typhoons_us_telcos/ Source: The Register Title: Salt Typhoon’s surge extends far beyond US telcos Feedly Summary: Plus, a brand-new backdoor, GhostSpider, is linked to the cyber-spy crew’s operations The reach of the China-linked Salt Typhoon gang extends beyond American telecommunications giants, and its arsenal includes several backdoors, including a brand-new malware dubbed GhostSpider, according…

  • Hacker News: The Crime Messenger

    by

    system automation
    in

    Source URL: https://www.cbc.ca/newsinteractives/features/the-crime-messenger Source: Hacker News Title: The Crime Messenger Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the rise and fall of Sky Global’s encrypted phone service, Sky ECC, which was widely adopted by criminals for secure communications. Law enforcement agencies, particularly in Europe, successfully intercepted and decrypted the communications,…

  • Slashdot: Thousands of Palo Alto Networks Firewalls Compromised This Week After Critical Security Hole

    by

    system automation
    in

    Source URL: https://it.slashdot.org/story/24/11/25/063246/thousands-of-palo-alto-networks-firewalls-compromised-this-week-after-critical-security-hole?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Thousands of Palo Alto Networks Firewalls Compromised This Week After Critical Security Hole Feedly Summary: AI Summary and Description: Yes Summary: The text highlights a significant security breach involving Palo Alto Networks firewalls, where attackers exploited critical vulnerabilities to deploy malware and remotely control the devices. This incident serves…

  • The Register: 1000s of Palo Alto Networks firewalls hijacked as miscreants exploit critical hole

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/11/22/palo_alto_firewalls_under_exploit/ Source: The Register Title: 1000s of Palo Alto Networks firewalls hijacked as miscreants exploit critical hole Feedly Summary: PAN-PAN! Intruders inject web shell backdoors, crypto-coin miners, more Thousands of Palo Alto Networks firewalls were compromised by attackers exploiting two recently patched security bugs. The intruders were able to deploy web-accessible backdoors to…

  • Hacker News: Security researchers identify new malware targeting Linux

    by

    system automation
    in

    Source URL: https://www.welivesecurity.com/en/eset-research/unveiling-wolfsbane-gelsemiums-linux-counterpart-to-gelsevirine/ Source: Hacker News Title: Security researchers identify new malware targeting Linux Feedly Summary: Comments AI Summary and Description: Yes Summary: ESET researchers have revealed the emergence of Linux malware associated with the Gelsemium APT group, marking a significant shift in their tactics as they move beyond Windows-targeted malware. The malware includes notable…

  • Hacker News: Nothing-up-my-sleeve number

    by

    system automation
    in

    Source URL: https://en.wikipedia.org/wiki/Nothing-up-my-sleeve_number Source: Hacker News Title: Nothing-up-my-sleeve number Feedly Summary: Comments AI Summary and Description: Yes Summary: The text provides an in-depth exploration of “nothing-up-my-sleeve” numbers in cryptography, examining their importance in ensuring the integrity and security of cryptographic algorithms. This analysis is particularly relevant for professionals in security and compliance, as it highlights…

  • Schneier on Security: Criminals Exploiting FBI Emergency Data Requests

    by

    system automation
    in

    Source URL: https://www.schneier.com/blog/archives/2024/11/criminals-exploiting-fbi-emergency-data-requests.html Source: Schneier on Security Title: Criminals Exploiting FBI Emergency Data Requests Feedly Summary: I’ve been writing about the problem with lawful-access backdoors in encryption for decades now: that as soon as you create a mechanism for law enforcement to bypass encryption, the bad guys will use it too. Turns out the same…

  • The Register: Winos4.0 abuses gaming apps to infect, control Windows machines

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/11/08/winos40_targets_windows/ Source: The Register Title: Winos4.0 abuses gaming apps to infect, control Windows machines Feedly Summary: ‘Multiple’ malware samples likely targeting education orgs Criminals are using game-related applications to infect Windows systems with a malicious software framework called Winos4.0 that gives the attackers full control over compromised machines.… AI Summary and Description: Yes…

  • Schneier on Security: Subverting LLM Coders

    by

    system automation
    in

    Source URL: https://www.schneier.com/blog/archives/2024/11/subverting-llm-coders.html Source: Schneier on Security Title: Subverting LLM Coders Feedly Summary: Really interesting research: “An LLM-Assisted Easy-to-Trigger Backdoor Attack on Code Completion Models: Injecting Disguised Vulnerabilities against Strong Detection“: Abstract: Large Language Models (LLMs) have transformed code com- pletion tasks, providing context-based suggestions to boost developer productivity in software engineering. As users often…