Experimental News Clipping Site

Tag: exploits

  • Alerts: CISA Releases Eight Industrial Control Systems Advisories

    by

    Kurt Seifried
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2025/01/30/cisa-releases-eight-industrial-control-systems-advisories Source: Alerts Title: CISA Releases Eight Industrial Control Systems Advisories Feedly Summary: CISA released eight Industrial Control Systems (ICS) advisories on January 30, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-030-01 Hitachi Energy UNEM ICSA-25-030-02 New Rock Technologies Cloud Connected Devices ICSA-25-030-03 Schneider Electric…

  • The Register: Wacom says crooks probably swiped customer credit cards from its online checkout

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/30/wacom_data_loss/ Source: The Register Title: Wacom says crooks probably swiped customer credit cards from its online checkout Feedly Summary: Digital canvas slinger indicates dot-com was skimmed for over a month Graphics tablet maker Wacom has warned customers their credit card details may well have been stolen by miscreants while they were buying stuff…

  • Cisco Talos Blog: Whatsup Gold, Observium and Offis vulnerabilities

    by

    Kurt Seifried
    in

    Source URL: https://blog.talosintelligence.com/whatsup-gold-observium-offis-vulnerabilities/ Source: Cisco Talos Blog Title: Whatsup Gold, Observium and Offis vulnerabilities Feedly Summary: Cisco Talos’ Vulnerability Research team recently disclosed three vulnerabilities in Observium, three vulnerabilities in Offis, and four vulnerabilities in Whatsup Gold.   These vulnerabilities exist in Observium, a network observation and monitoring system; Offis DCMTK, a collection of libraries and applications…

  • Alerts: CISA Adds One Known Exploited Vulnerability to Catalog

    by

    Kurt Seifried
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2025/01/29/cisa-adds-one-known-exploited-vulnerability-catalog Source: Alerts Title: CISA Adds One Known Exploited Vulnerability to Catalog Feedly Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation, as confirmed by Fortinet. CVE-2025-24085 Apple Multiple Products Use-After-Free Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors…

  • The Register: Why is my Mitel phone DDoSing strangers? Oh, it was roped into a new Mirai botnet

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/29/ddos_attacks_aquabot_mitel/ Source: The Register Title: Why is my Mitel phone DDoSing strangers? Oh, it was roped into a new Mirai botnet Feedly Summary: And now you won’t stop calling me, I’m kinda busy A new variant of the Mirai-based malware Aquabot is actively exploiting a vulnerability in Mitel phones to build a remote-controlled…

  • Cloud Blog: Adversarial Misuse of Generative AI

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/adversarial-misuse-generative-ai/ Source: Cloud Blog Title: Adversarial Misuse of Generative AI Feedly Summary: Rapid advancements in artificial intelligence (AI) are unlocking new possibilities for the way we work and accelerating innovation in science, technology, and beyond. In cybersecurity, AI is poised to transform digital defense, empowering defenders and enhancing our collective security. Large language…

  • The Register: SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac Silicon

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/29/flop_and_slap_attacks_apple_silicon/ Source: The Register Title: SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac Silicon Feedly Summary: It’s another cousin of Spectre, here to read your email, browsing history, and more Many recent Apple laptops, desktops, tablets, and phones powered by Cupertino’s homegrown Silicon processors can be exploited…

  • Hacker News: New Speculative Attacks on Apple CPUs

    by

    Kurt Seifried
    in

    Source URL: https://predictors.fail/ Source: Hacker News Title: New Speculative Attacks on Apple CPUs Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses side-channel attacks, which exploit hardware-level vulnerabilities to extract sensitive information, highlighting the risks associated with shared CPU resources. This is particularly relevant for security professionals focused on hardware security and…

  • Hacker News: New Apple CPU side-channel attacks steals data from browsers

    by

    Kurt Seifried
    in

    Source URL: https://www.bleepingcomputer.com/news/security/new-apple-cpu-side-channel-attack-steals-data-from-browsers/ Source: Hacker News Title: New Apple CPU side-channel attacks steals data from browsers Feedly Summary: Comments AI Summary and Description: Yes Summary: A recent disclosure by security researchers reveals critical side-channel vulnerabilities in modern Apple processors, specifically regarding the FLOP and SLAP attacks. These flaws exploit speculative execution mechanisms to leak sensitive…