Experimental News Clipping Site

Tag: email

  • The Register: Supply chain attack hits Chrome extensions, could expose millions

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/22/supply_chain_attack_chrome_extension/ Source: The Register Title: Supply chain attack hits Chrome extensions, could expose millions Feedly Summary: Threat actor exploited phishing and OAuth abuse to inject malicious code Cybersecurity outfit Sekoia is warning Chrome users of a supply chain attack targeting browser extension developers that has potentially impacted hundreds of thousands of individuals already.……

  • Microsoft Security Blog: New Star Blizzard spear-phishing campaign targets WhatsApp accounts

    by

    Kurt Seifried
    in

    Source URL: https://www.microsoft.com/en-us/security/blog/2025/01/16/new-star-blizzard-spear-phishing-campaign-targets-whatsapp-accounts/ Source: Microsoft Security Blog Title: New Star Blizzard spear-phishing campaign targets WhatsApp accounts Feedly Summary: In mid-November 2024, Microsoft Threat Intelligence observed the Russian threat actor we track as Star Blizzard sending their typical targets spear-phishing messages, this time offering the supposed opportunity to join a WhatsApp group. This is the first…

  • Krebs on Security: MasterCard DNS Error Went Unnoticed for Years

    by

    Kurt Seifried
    in

    Source URL: https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years/ Source: Krebs on Security Title: MasterCard DNS Error Went Unnoticed for Years Feedly Summary: The payment card giant MasterCard just fixed a glaring error in its domain name server settings that could have allowed anyone to intercept or divert Internet traffic for the company by registering an unused domain name. The misconfiguration…

  • CSA: How to Combat Social Engineering Attacks

    by

    Kurt Seifried
    in

    Source URL: https://abnormalsecurity.com/blog/soc-expert-perspectives-social-engineering-threats Source: CSA Title: How to Combat Social Engineering Attacks Feedly Summary: AI Summary and Description: Yes **Summary:** The text discusses the increasing threat of social engineering attacks and highlights key insights from cybersecurity experts regarding the vulnerabilities associated with human behavior, advanced attack techniques such as deepfakes, and the necessity for AI-driven…

  • The Register: Ransomware scum make it personal for <i>Reg</i> readers by impersonating tech support

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/22/ransomware_crews_abuse_microsoft_teams/ Source: The Register Title: Ransomware scum make it personal for <i>Reg</i> readers by impersonating tech support Feedly Summary: That invitation to a Teams call on which IT promises to mop up a spamstorm may not be what it seems Two ransomware campaigns are abusing Microsoft Teams to infect organizations and steal data,…

  • The Register: Datacus extractus: Harry Potter publisher breached without resorting to magic

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/20/harry_potter_publisher_breach/ Source: The Register Title: Datacus extractus: Harry Potter publisher breached without resorting to magic Feedly Summary: PLUS: Allstate sued for allegedly tracking drivers; Dutch DDoS; More fake jobs from Pyongyang; and more Infosec in brief Hogwarts doesn’t teach an incantation that could have saved Harry Potter publisher Scholastic from feeling the power…

  • The Register: OpenAI’s ChatGPT crawler can be tricked into DDoSing sites, answering your queries

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/19/openais_chatgpt_crawler_vulnerability/ Source: The Register Title: OpenAI’s ChatGPT crawler can be tricked into DDoSing sites, answering your queries Feedly Summary: The S in LLM stands for Security OpenAI’s ChatGPT crawler appears to be willing to initiate distributed denial of service (DDoS) attacks on arbitrary websites, a reported vulnerability the tech giant has yet to…

  • Hacker News: Zuckerberg appeared to know Llama trained on Libgen

    by

    Kurt Seifried
    in

    Source URL: https://www.rollingstone.com/culture/culture-news/ai-meta-pirated-library-zuckerberg-1235235394/ Source: Hacker News Title: Zuckerberg appeared to know Llama trained on Libgen Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The unsealed internal communications at Meta reveal its questionable practices in using pirated text from Library Genesis for training its AI model, Llama. This raises significant legal concerns about copyright infringement…

  • Simon Willison’s Weblog: Lessons From Red Teaming 100 Generative AI Products

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Jan/18/lessons-from-red-teaming/ Source: Simon Willison’s Weblog Title: Lessons From Red Teaming 100 Generative AI Products Feedly Summary: Lessons From Red Teaming 100 Generative AI Products New paper from Microsoft describing their top eight lessons learned red teaming (deliberately seeking security vulnerabilities in) 100 different generative AI models and products over the past few years.…

  • Cloud Blog: Cloud CISO Perspectives: Talk cyber in business terms to win allies

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-talk-cyber-in-business-terms-to-win-allies/ Source: Cloud Blog Title: Cloud CISO Perspectives: Talk cyber in business terms to win allies Feedly Summary: Welcome to the first Cloud CISO Perspectives for January 2025. We’re starting off the year at the top with boards of directors, and how talking about cybersecurity in business terms can help us better convey…