Tag: Exploitation

Source URL: https://blog.scottlogic.com/2025/01/22/the-uks-ai-opportunities-action-plan-somewhat-quiet-on-risks.html Source: Scott Logic Title: The UK’s AI Opportunities Action Plan – somewhat quiet on risks Feedly Summary: Last week the UK government launched their 50-point AI Opportunities Action Plan. The plan is ambitious, but it is something of a mixed bag. Some sizeable and worthwhile investments, alongside others which are quite questionable.…

The Register: Ransomware scum make it personal for <i>Reg</i> readers by impersonating tech support

Jan 22, 2025

—

by

Source URL: https://www.theregister.com/2025/01/22/ransomware_crews_abuse_microsoft_teams/ Source: The Register Title: Ransomware scum make it personal for <i>Reg</i> readers by impersonating tech support Feedly Summary: That invitation to a Teams call on which IT promises to mop up a spamstorm may not be what it seems Two ransomware campaigns are abusing Microsoft Teams to infect organizations and steal data,…

The Register: Patch procrastination leaves 50,000 Fortinet firewalls vulnerable to zero-day

—

by

Source URL: https://www.theregister.com/2025/01/21/fortinet_firewalls_still_vulnerable/ Source: The Register Title: Patch procrastination leaves 50,000 Fortinet firewalls vulnerable to zero-day Feedly Summary: Seven days after disclosure and little action taken, data shows Fortinet customers need to get with the program and apply the latest updates as nearly 50,000 management interfaces are still vulnerable to the latest zero-day exploit.… AI…

Cloud Blog: Securing Cryptocurrency Organizations

—

by

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/securing-cryptocurrency-organizations/ Source: Cloud Blog Title: Securing Cryptocurrency Organizations Feedly Summary: Written by: Joshua Goddard The Rise of Crypto Heists and the Challenges in Preventing Them Cryptocurrency crime encompasses a wide range of illegal activities, from theft and hacking to fraud, money laundering, and even terrorist financing, all exploiting the unique characteristics of digital…

Hacker News: 0click deanonymization attack targeting Signal, Discord and other platforms

—

by

Source URL: https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117 Source: Hacker News Title: 0click deanonymization attack targeting Signal, Discord and other platforms Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text outlines a novel deanonymization attack targeting popular applications, particularly highlighting vulnerabilities in Cloudflare’s caching system. It emphasizes the dangers posed to users, especially those in sensitive roles, such…

Hacker News: It sure looks like Meta stole a lot of books to build its AI

—

by

Source URL: https://lithub.com/it-sure-looks-like-meta-stole-a-lot-of-books-to-build-its-ai/ Source: Hacker News Title: It sure looks like Meta stole a lot of books to build its AI Feedly Summary: Comments AI Summary and Description: Yes **Summary:** This text discusses the implications of Meta’s use of pirated material to train its AI systems, raising significant legal and ethical concerns. It highlights ongoing…

The Register: OpenAI’s ChatGPT crawler can be tricked into DDoSing sites, answering your queries

Jan 19, 2025

—

by

Source URL: https://www.theregister.com/2025/01/19/openais_chatgpt_crawler_vulnerability/ Source: The Register Title: OpenAI’s ChatGPT crawler can be tricked into DDoSing sites, answering your queries Feedly Summary: The S in LLM stands for Security OpenAI’s ChatGPT crawler appears to be willing to initiate distributed denial of service (DDoS) attacks on arbitrary websites, a reported vulnerability the tech giant has yet to…

The Register: Fortinet: FortiGate config leaks are genuine but misleading

Jan 17, 2025

—

by

Source URL: https://www.theregister.com/2025/01/17/fortinet_fortigate_config_leaks/ Source: The Register Title: Fortinet: FortiGate config leaks are genuine but misleading Feedly Summary: Competition hots up with Ivanti over who can have the worst start to a year Fortinet has confirmed that previous analyses of records leaked by the Belsen Group are indeed genuine FortiGate configs stolen during a zero-day raid…

Hacker News: A New type of web hacking technique: DoubleClickjacking

Jan 17, 2025

—

by