Experimental News Clipping Site

Tag: disclosure

  • Slashdot: Texas Sues Allstate For Collecting Driver Data To Raise Premiums

    by

    Kurt Seifried
    in

    Source URL: https://tech.slashdot.org/story/25/01/14/2042251/texas-sues-allstate-for-collecting-driver-data-to-raise-premiums?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Texas Sues Allstate For Collecting Driver Data To Raise Premiums Feedly Summary: AI Summary and Description: Yes **Summary:** Texas has initiated a significant lawsuit against Allstate and its subsidiary Arity for allegedly violating the state’s privacy laws by secretly collecting location data from millions of drivers, which was used…

  • Microsoft Security Blog: Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions

    by

    Kurt Seifried
    in

    Source URL: https://www.microsoft.com/en-us/security/blog/2025/01/13/analyzing-cve-2024-44243-a-macos-system-integrity-protection-bypass-through-kernel-extensions/ Source: Microsoft Security Blog Title: Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions Feedly Summary: Microsoft discovered a macOS vulnerability allowing attackers to bypass System Integrity Protection (SIP) by loading third party kernel extensions, which could lead to serious consequences, such as allowing attackers to install rootkits, create persistent…

  • The Register: Cryptojacking, backdoors abound as attackers abuse Aviatrix Controller bug

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/13/severe_aviatrix_controller_vulnerability/ Source: The Register Title: Cryptojacking, backdoors abound as attackers abuse Aviatrix Controller bug Feedly Summary: This is what happens when you publish PoCs immediately “Several cloud deployments" are already compromised following the disclosure of the maximum-severity vulnerability in Aviatrix Controller, researchers say.… AI Summary and Description: Yes Summary: The text discusses a…

  • Hacker News: Biggest Privacy Erosion in 10 Years? On Google’s Policy Change

    by

    Kurt Seifried
    in

    Source URL: https://blog.lukaszolejnik.com/biggest-privacy-erosion-in-10-years-on-googles-policy-change-towards-fingerprinting/ Source: Hacker News Title: Biggest Privacy Erosion in 10 Years? On Google’s Policy Change Feedly Summary: Comments AI Summary and Description: Yes Short Summary with Insight: The text provides a critical analysis of Google’s impending policy changes regarding device fingerprinting for advertising, raising significant concerns about the erosion of internet privacy standards…

  • Slashdot: Hackers Are Exploiting a New Ivanti VPN Security Bug To Hack Into Company Networks

    by

    Kurt Seifried
    in

    Source URL: https://it.slashdot.org/story/25/01/09/1535218/hackers-are-exploiting-a-new-ivanti-vpn-security-bug-to-hack-into-company-networks?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Hackers Are Exploiting a New Ivanti VPN Security Bug To Hack Into Company Networks Feedly Summary: AI Summary and Description: Yes Summary: Ivanti has disclosed a critical zero-day vulnerability (CVE-2025-0282) in its widely utilized enterprise VPN appliance, which has been exploited to infiltrate the networks of corporate customers. This…

  • The Register: What happens when someone subpoenas Cloudflare to unmask a blogger? This…

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/09/uk_blog_cloudflare_subpoena/ Source: The Register Title: What happens when someone subpoenas Cloudflare to unmask a blogger? This… Feedly Summary: Ex-politician in UK claims he’s been defamed – and goes to court in US for answers A former deputy mayor in the UK has subpoenaed Cloudflare in the US to discover the identity of an…

  • Embrace The Red: AI Domination: Remote Controlling ChatGPT ZombAI Instances

    by

    Kurt Seifried
    in

    Source URL: https://embracethered.com/blog/posts/2025/spaiware-and-chatgpt-command-and-control-via-prompt-injection-zombai/ Source: Embrace The Red Title: AI Domination: Remote Controlling ChatGPT ZombAI Instances Feedly Summary: At Black Hat Europe I did a fun presentation titled SpAIware and More: Advanced Prompt Injection Exploits. Without diving into the details of the entire talk, the key point I was making is that prompt injection can impact…

  • The Register: MediaTek rings in the new year with a parade of chipset vulns

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/06/mediatek_chipset_vulnerabilities/ Source: The Register Title: MediaTek rings in the new year with a parade of chipset vulns Feedly Summary: Manufacturers should have had ample time to apply the fixes MediaTek kicked off the first full working week of the new year by disclosing a bevy of security vulnerabilities, including a critical remote code…

  • Cisco Talos Blog: Welcome to the party, pal!

    by

    system automation
    in

    Source URL: https://blog.talosintelligence.com/welcome-to-the-party-pal-2/ Source: Cisco Talos Blog Title: Welcome to the party, pal! Feedly Summary: In the last newsletter of the year, Thorsten recalls his tech-savvy gift to his family and how we can all incorporate cybersecurity protections this holiday season. AI Summary and Description: Yes **Summary:** The text serves as a discussion on personal…