Tag: Exploitation
-
Hacker News: Listen to the whispers: web timing attacks that work
Source URL: https://portswigger.net/research/listen-to-the-whispers-web-timing-attacks-that-actually-work Source: Hacker News Title: Listen to the whispers: web timing attacks that work Feedly Summary: Comments AI Summary and Description: Yes **Summary:** This text introduces novel web timing attack techniques capable of breaching server security by exposing hidden vulnerabilities, misconfigurations, and attack surfaces more effectively than previous methods. It emphasizes the practical…
-
Hacker News: Child safety org launches AI model trained on real child sex abuse images
Source URL: https://arstechnica.com/tech-policy/2024/11/ai-trained-on-real-child-sex-abuse-images-to-detect-new-csam/ Source: Hacker News Title: Child safety org launches AI model trained on real child sex abuse images Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the development of a cutting-edge AI model by Thorn and Hive aimed at improving the detection of unknown child sexual abuse materials (CSAM).…
-
Wired: China’s Surveillance State Is Selling Citizen Data as a Side Hustle
Source URL: https://www.wired.com/story/chineses-surveillance-state-is-selling-citizens-data-as-a-side-hustle/ Source: Wired Title: China’s Surveillance State Is Selling Citizen Data as a Side Hustle Feedly Summary: Chinese black market operators are openly recruiting government agency insiders, paying them for access to surveillance data and then reselling it online—no questions asked. AI Summary and Description: Yes Summary: The text discusses the alarming phenomenon…
-
Simon Willison’s Weblog: A warning about tiktoken, BPE, and OpenAI models
Source URL: https://simonwillison.net/2024/Nov/21/a-warning-about-tiktoken/#atom-everything Source: Simon Willison’s Weblog Title: A warning about tiktoken, BPE, and OpenAI models Feedly Summary: A warning about tiktoken, BPE, and OpenAI models Tom MacWright warns that OpenAI’s tiktoken Python library has a surprising performance profile: it’s superlinear with the length of input, meaning someone could potentially denial-of-service you by sending you…
-
Slashdot: Ubuntu Linux Impacted By Decade-Old ‘needrestart’ Flaw That Gives Root
Source URL: https://it.slashdot.org/story/24/11/21/0057206/ubuntu-linux-impacted-by-decade-old-needrestart-flaw-that-gives-root?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Ubuntu Linux Impacted By Decade-Old ‘needrestart’ Flaw That Gives Root Feedly Summary: AI Summary and Description: Yes Summary: The text details five local privilege escalation vulnerabilities found in the Linux utility “needrestart,” crucial for professionals in security and compliance to recognize, as they highlight significant risks associated with resource…
-
The Register: Chinese cyberspies, Musk’s Beijing ties, labelled ‘real risk’ to US security by senator
Source URL: https://www.theregister.com/2024/11/20/musk_chinese_cyberspies/ Source: The Register Title: Chinese cyberspies, Musk’s Beijing ties, labelled ‘real risk’ to US security by senator Feedly Summary: Meet Liminal Panda, which prowls telecom networks in South Asia and Africa A senior US senator has warned that American tech companies’ activities in China represent a national security risk, in a hearing…