data exfiltration – Page 10 – Experimental News Clipping Site

Hacker News: Hacker infects 18,000 "script kiddies" with fake malware builder

Jan 25, 2025

—

by

Source URL: https://www.bleepingcomputer.com/news/security/hacker-infects-18-000-script-kiddies-with-fake-malware-builder/ Source: Hacker News Title: Hacker infects 18,000 "script kiddies" with fake malware builder Feedly Summary: Comments AI Summary and Description: Yes Summary: A recent report by CloudSEK reveals how a Trojanized version of the XWorm RAT builder was weaponized and distributed, unknowingly compromising low-skilled hackers, or “script kiddies”. This incident underscores the…

Simon Willison’s Weblog: Lessons From Red Teaming 100 Generative AI Products

Jan 18, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Jan/18/lessons-from-red-teaming/ Source: Simon Willison’s Weblog Title: Lessons From Red Teaming 100 Generative AI Products Feedly Summary: Lessons From Red Teaming 100 Generative AI Products New paper from Microsoft describing their top eight lessons learned red teaming (deliberately seeking security vulnerabilities in) 100 different generative AI models and products over the past few years.…

CSA: Unpacking the LastPass Hack: A Case Study

Jan 15, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://insidersecurity.co/lastpass-hack-illustrative-case-study/ Source: CSA Title: Unpacking the LastPass Hack: A Case Study Feedly Summary: AI Summary and Description: Yes Summary: The text provides an in-depth analysis of the LastPass hack, emphasizing the importance of security practices in cloud computing and software services. It discusses the vulnerabilities exploited during the breach, the implications of the…

Slashdot: Snyk Researcher Caught Deploying Malicious Code Targeting AI Startup

Jan 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://it.slashdot.org/story/25/01/14/0920245/snyk-researcher-caught-deploying-malicious-code-targeting-ai-startup Source: Slashdot Title: Snyk Researcher Caught Deploying Malicious Code Targeting AI Startup Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a dependency confusion attack targeting Cursor, an AI coding startup, via the publication of malicious NPM packages. This incident raises significant concerns regarding supply chain security and illustrates potential…

The Register: Cryptojacking, backdoors abound as attackers abuse Aviatrix Controller bug

Jan 13, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/13/severe_aviatrix_controller_vulnerability/ Source: The Register Title: Cryptojacking, backdoors abound as attackers abuse Aviatrix Controller bug Feedly Summary: This is what happens when you publish PoCs immediately “Several cloud deployments" are already compromised following the disclosure of the maximum-severity vulnerability in Aviatrix Controller, researchers say.… AI Summary and Description: Yes Summary: The text discusses a…

Cloud Blog: What’s new with Google Cloud – 2024

Jan 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/inside-google-cloud/whats-new-google-cloud-2024/ Source: Cloud Blog Title: What’s new with Google Cloud – 2024 Feedly Summary: Week of Dec 16 – Dec 20Windows Server 2025 is now available on Google Compute Engine. We are excited to announce the general availability of Windows Server 2025 on Google Compute Engine. You can now run Windows Server 2025…

Cloud Blog: Get ready for a unique, immersive security experience at Next ‘25

Jan 9, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/identity-security/unique-immersive-security-experience-coming-to-next-25/ Source: Cloud Blog Title: Get ready for a unique, immersive security experience at Next ‘25 Feedly Summary: Few things are more critical to IT operations than security. Security incidents, coordinated threat actors, and regulatory mandates are coupled with the imperative to effectively manage risk and the vital business task of rolling out…

Embrace The Red: AI Domination: Remote Controlling ChatGPT ZombAI Instances

Jan 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/spaiware-and-chatgpt-command-and-control-via-prompt-injection-zombai/ Source: Embrace The Red Title: AI Domination: Remote Controlling ChatGPT ZombAI Instances Feedly Summary: At Black Hat Europe I did a fun presentation titled SpAIware and More: Advanced Prompt Injection Exploits. Without diving into the details of the entire talk, the key point I was making is that prompt injection can impact…

The Register: FireScam infostealer poses as Telegram Premium app to surveil Android devices

Jan 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/06/firescam_android_malware/ Source: The Register Title: FireScam infostealer poses as Telegram Premium app to surveil Android devices Feedly Summary: Once installed, it helps itself to your data like it’s a free buffet Android malware dubbed FireScam tricks people into thinking they are downloading a Telegram Premium application that stealthily monitors victims’ notifications, text messages,…

Hacker News: Time to check if you ran any of these malicious Chrome extensions

Jan 3, 2025

—

by

system automation

in Uncategorized

Source URL: https://arstechnica.com/security/2025/01/dozens-of-backdoored-chrome-extensions-discovered-on-2-6-million-devices/ Source: Hacker News Title: Time to check if you ran any of these malicious Chrome extensions Feedly Summary: Comments AI Summary and Description: Yes Summary: The text highlights a critical security incident involving malicious browser extensions in Google’s Chrome Web Store that compromised sensitive data from approximately 2.6 million devices. The threat…

Tag: data exfiltration