continuous monitoring – Experimental News Clipping Site

The Register: HybridPetya: More proof that Secure Boot bypasses are not just an urban legend

Sep 12, 2025

—

by

Source URL: https://www.theregister.com/2025/09/12/hopefully_just_a_poc_hybridpetya/ Source: The Register Title: HybridPetya: More proof that Secure Boot bypasses are not just an urban legend Feedly Summary: Although it hasn’t been seen in the wild yet A new ransomware strain dubbed HybridPetya was able to exploit a patched vulnerability to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot on unrevoked…

Anchore: NPM Supply Chain Breach Response for Anchore Enterprise and Grype Users

Sep 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://anchore.com/blog/npm-supply-chain-breach-response-for-anchore-enterprise-and-grype-users/ Source: Anchore Title: NPM Supply Chain Breach Response for Anchore Enterprise and Grype Users Feedly Summary: On September 8, 2025 Anchore was made aware of an incident involving a number of popular NPM packages to insert malware. The technical details of the attack can be found in the Aikido blog post: npm…

The Register: This Patch Tuesday, SAP is the worst offender and Microsoft users can kinda chill

Sep 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/10/microsoft_patch_tuesday/ Source: The Register Title: This Patch Tuesday, SAP is the worst offender and Microsoft users can kinda chill Feedly Summary: ERP giant patches flaw that allows total takeover of NetWeaver, Microsoft has nothing under attack for once September’s Patch Tuesday won’t require Microsoft users to rapidly repair rancid software, but SAP users…

Slashdot: Plex Suffers Security Incident Exposing User Data and Urging Password Resets

Sep 8, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://yro.slashdot.org/story/25/09/08/229201/plex-suffers-security-incident-exposing-user-data-and-urging-password-resets?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Plex Suffers Security Incident Exposing User Data and Urging Password Resets Feedly Summary: AI Summary and Description: Yes Summary: The report discusses a security incident involving Plex, a media server company, where unauthorized access to user accounts occurred. The incident exposes emails, usernames, and hashed passwords, prompting Plex to…

Slashdot: Microsoft’s Cloud Services Disrupted by Red Sea Cable Cuts

Sep 8, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://tech.slashdot.org/story/25/09/07/2149212/microsofts-cloud-services-disrupted-by-red-sea-cable-cuts?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Microsoft’s Cloud Services Disrupted by Red Sea Cable Cuts Feedly Summary: AI Summary and Description: Yes Summary: The report highlights the recent disruption of Microsoft’s Azure cloud services due to undersea cable cuts in the Red Sea, impacting internet traffic in the Middle East and parts of Asia. This…

The Register: Crims claim HexStrike AI penetration tool makes quick work of Citrix bugs

Sep 3, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/03/hexstrike_ai_citrix_exploits/ Source: The Register Title: Crims claim HexStrike AI penetration tool makes quick work of Citrix bugs Feedly Summary: LLMs and 0-days – what could possibly go wrong? Attackers on underground forums claimed they were using HexStrike AI, an open-source red-teaming tool, against Citrix NetScaler vulnerabilities within hours of disclosure, according to Check…

The Register: Zscaler latest victim of Salesloft Drift attacks, customer data exposed

Sep 2, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/02/zscaler_customer_data_drift_compromise/ Source: The Register Title: Zscaler latest victim of Salesloft Drift attacks, customer data exposed Feedly Summary: Joins Google, Palo Alto Networks in the ever-growing supply chain compromise Zscaler is the latest company to disclose some of its customers’ data was exposed in the recent spate of Salesloft Drift attacks affecting Salesforce databases.……

The Register: In the rush to adopt hot new tech, security is often forgotten. AI is no exception

Sep 2, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/02/exposed_ollama_servers_insecure_research/ Source: The Register Title: In the rush to adopt hot new tech, security is often forgotten. AI is no exception Feedly Summary: Cisco finds hundreds of Ollama servers open to unauthorized access, creating various nasty risks Cisco’s Talos security research team has found over 1,100 Ollama servers exposed to the public internet,…

Embrace The Red: Wrap Up: The Month of AI Bugs

Aug 31, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/wrapping-up-month-of-ai-bugs/ Source: Embrace The Red Title: Wrap Up: The Month of AI Bugs Feedly Summary: That’s it. The Month of AI Bugs is done. There won’t be a post tomorrow, because I will be at PAX West. Overview of Posts ChatGPT: Exfiltrating Your Chat History and Memories With Prompt Injection | Video ChatGPT…

The Register: SK Telecom walloped with $97M fine after schoolkid security blunders let attackers run riot

Aug 28, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/28/sk_telecom_regulator_fine/ Source: The Register Title: SK Telecom walloped with $97M fine after schoolkid security blunders let attackers run riot Feedly Summary: Regulator points to lack of ‘basic access controls’ between internet-facing systems, internal network South Korea’s privacy watchdog has slapped SK Telecom with a record ₩134.5 billion ($97 million) fine after finding that…

Tag: continuous monitoring