defense strategies – Page 7 – Experimental News Clipping Site

The Register: Russia’s Sandworm caught snarfing credentials, data from American and Brit orgs

Feb 12, 2025

—

by

Source URL: https://www.theregister.com/2025/02/12/russias_sandworm_caught_stealing_credentials/ Source: The Register Title: Russia’s Sandworm caught snarfing credentials, data from American and Brit orgs Feedly Summary: ‘Near-global’ initial access campaign active since 2021 An initial-access subgroup of Russia’s Sandworm last year wriggled its way into networks within the US, UK, Canada and Australia, stealing credentials and data from “a limited number…

Alerts: CISA Adds Four Known Exploited Vulnerabilities to Catalog

Feb 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2025/02/11/cisa-adds-four-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Four Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added four vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-40891 Zyxel DSL CPE OS Command Injection Vulnerability CVE-2024-40890 Zyxel DSL CPE OS Command Injection Vulnerability CVE-2025-21418 Microsoft Windows Ancillary Function Driver for…

Krebs on Security: FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Jan 31, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://krebsonsecurity.com/2025/01/fbi-dutch-police-disrupt-manipulaters-phishing-gang/ Source: Krebs on Security Title: FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang Feedly Summary: The FBI and authorities in The Netherlands this week seized a number of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective…

Simon Willison’s Weblog: How we estimate the risk from prompt injection attacks on AI systems

Jan 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Jan/29/prompt-injection-attacks-on-ai-systems/ Source: Simon Willison’s Weblog Title: How we estimate the risk from prompt injection attacks on AI systems Feedly Summary: How we estimate the risk from prompt injection attacks on AI systems The “Agentic AI Security Team" at Google DeepMind share some details on how they are researching indirect prompt injection attacks. They…

Google Online Security Blog: How we estimate the risk from prompt injection attacks on AI systems

Jan 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://security.googleblog.com/2025/01/how-we-estimate-risk-from-prompt.html Source: Google Online Security Blog Title: How we estimate the risk from prompt injection attacks on AI systems Feedly Summary: AI Summary and Description: Yes Summary: The text discusses emerging security challenges in modern AI systems, specifically focusing on a class of attacks called “indirect prompt injection.” It presents a comprehensive evaluation…

Slashdot: FBI: North Korean IT Workers Steal Source Code To Extort Employers

Jan 24, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://it.slashdot.org/story/25/01/24/1851209/fbi-north-korean-it-workers-steal-source-code-to-extort-employers?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: FBI: North Korean IT Workers Steal Source Code To Extort Employers Feedly Summary: AI Summary and Description: Yes Summary: The text discusses cyber threats posed by North Korean IT workers who exploit their access to steal proprietary source code and demand ransoms, highlighting the need for enhanced security measures…

The Register: One of Salt Typhoon’s favorite flaws still wide open on 91% of at-risk Exchange Servers

Jan 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/23/proxylogon_flaw_salt_typhoons_open/ Source: The Register Title: One of Salt Typhoon’s favorite flaws still wide open on 91% of at-risk Exchange Servers Feedly Summary: But we mean, you’ve had nearly four years to patch One of the critical security flaws exploited by China’s Salt Typhoon to breach US telecom and government networks has had a…

Hacker News: DHS removes all members of cyber security advisory boards, halts investigations

Jan 22, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://bsky.app/profile/ericjgeller.com/post/3lgbpqmxeok2f Source: Hacker News Title: DHS removes all members of cyber security advisory boards, halts investigations Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the U.S. Treasury Department’s sanctions against a Chinese cyber actor and a cybersecurity company linked to malicious cyber activities threatening U.S. national security. This reflects…

The Register: Hackers game out infowar against China with the US Navy

Jan 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/20/china_taiwan_wargames/ Source: The Register Title: Hackers game out infowar against China with the US Navy Feedly Summary: Taipei invites infosec bods to come and play on its home turf Picture this: It’s 2030 and China’s furious with Taiwan after the island applies to the UN to be recognized as an independent state. After…

Unit 42: One Step Ahead in Cyber Hide-and-Seek: Automating Malicious Infrastructure Discovery With Graph Neural Networks

Jan 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/graph-neural-networks/ Source: Unit 42 Title: One Step Ahead in Cyber Hide-and-Seek: Automating Malicious Infrastructure Discovery With Graph Neural Networks Feedly Summary: Graph neural networks aid in analyzing domains linked to known attack indicators, effectively uncovering new malicious domains and cybercrime campaigns. The post One Step Ahead in Cyber Hide-and-Seek: Automating Malicious Infrastructure Discovery…

Tag: defense strategies