based security – Experimental News Clipping Site

The Register: HybridPetya: More proof that Secure Boot bypasses are not just an urban legend

Sep 12, 2025

—

by

Source URL: https://www.theregister.com/2025/09/12/hopefully_just_a_poc_hybridpetya/ Source: The Register Title: HybridPetya: More proof that Secure Boot bypasses are not just an urban legend Feedly Summary: Although it hasn’t been seen in the wild yet A new ransomware strain dubbed HybridPetya was able to exploit a patched vulnerability to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot on unrevoked…

Cisco Talos Blog: ReVault! When your SoC turns against you… deep dive edition

Aug 9, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/revault-when-your-soc-turns-against-you-2/ Source: Cisco Talos Blog Title: ReVault! When your SoC turns against you… deep dive edition Feedly Summary: Talos reported 5 vulnerabilities to Broadcom and Dell affecting both the ControlVault3 Firmware and its associated Windows APIs that we are calling “ReVault”. AI Summary and Description: Yes **Summary:** The text conducts an in-depth analysis…

Cloud Blog: How SUSE and Google Cloud collaborate on Confidential Computing

Jul 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/identity-security/how-suse-and-google-cloud-collaborate-on-confidential-computing/ Source: Cloud Blog Title: How SUSE and Google Cloud collaborate on Confidential Computing Feedly Summary: Securing sensitive data is a crucial part of moving workloads to the cloud. While encrypting data at rest and in transit are standard security practices, safeguarding data in use — while it’s actively being processed in memory…

Simon Willison’s Weblog: TIL: Rate limiting by IP using Cloudflare’s rate limiting rules

Jul 3, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Jul/3/rate-limiting-by-ip/#atom-everything Source: Simon Willison’s Weblog Title: TIL: Rate limiting by IP using Cloudflare’s rate limiting rules Feedly Summary: TIL: Rate limiting by IP using Cloudflare’s rate limiting rules My blog started timing out on some requests a few days ago, and it turned out there were misbehaving crawlers that were spidering my /search/…

Cisco Security Blog: Redefining Zero Trust in the Age of AI Agents and Agentic Workflows

Jun 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://feedpress.me/link/23535/17063922/redefining-zero-trust-in-the-age-of-ai-agents-agentic-workflows Source: Cisco Security Blog Title: Redefining Zero Trust in the Age of AI Agents and Agentic Workflows Feedly Summary: AI-powered threats demand intent-based security. Cisco’s Semantic Inspection Proxy redefines zero trust by analyzing agent behavior, ensuring semantic verification. AI Summary and Description: Yes Summary: The text highlights the growing need for intent-based…

Bulletins: Vulnerability Summary for the Week of June 9, 2025

Jun 16, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/bulletins/sb25-167 Source: Bulletins Title: Vulnerability Summary for the Week of June 9, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Acer–ControlCenter Acer ControlCenter contains Remote Code Execution vulnerability. The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named…

Cloud Blog: How Project Shield helped defend against one of the largest DDoS attacks to date

Jun 2, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/identity-security/project-shield-blocked-a-massive-recent-ddos-attack-heres-how/ Source: Cloud Blog Title: How Project Shield helped defend against one of the largest DDoS attacks to date Feedly Summary: You can never be sure when you’ll be the target of a distributed denial-of-service (DDoS) attack. For investigative journalist Brian Krebs, that day came on May 12, when his site KrebsOnSecurity experienced…

Wired: Deepfakes, Scams, and the Age of Paranoia

May 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.wired.com/story/paranoia-social-engineering-real-fake/ Source: Wired Title: Deepfakes, Scams, and the Age of Paranoia Feedly Summary: As AI-driven fraud becomes increasingly common, more people feel the need to verify every interaction they have online. AI Summary and Description: Yes Summary: The text addresses the rising concerns regarding AI-driven fraud, highlighting the necessity for individuals to verify…

Microsoft Security Blog: Securing our future: April 2025 progress report on Microsoft’s Secure Future Initiative

Apr 21, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/04/21/securing-our-future-april-2025-progress-report-on-microsofts-secure-future-initiative/ Source: Microsoft Security Blog Title: Securing our future: April 2025 progress report on Microsoft’s Secure Future Initiative Feedly Summary: The Microsoft Secure Future Initiative (SFI) stands as the largest cybersecurity engineering project in history and most extensive effort of its kind at Microsoft. Now, we are sharing the second SFI progress report,…

Slashdot: Microsoft Announces ‘Hyperlight Wasm’: Speedy VM-Based Security at Scale with a WebAssembly Runtime

Mar 30, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://developers.slashdot.org/story/25/03/30/0627205/microsoft-announces-hyperlight-wasm-speedy-vm-based-security-at-scale-with-a-webassembly-runtime?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Microsoft Announces ‘Hyperlight Wasm’: Speedy VM-Based Security at Scale with a WebAssembly Runtime Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the innovative Hyperlight open-source Rust library developed by Microsoft’s Azure Core Upstream team, designed to execute functions quickly and securely within virtual machines (VMs). This…

Tag: based security