Tag: exploits
-
Microsoft Security Blog: The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation
Source URL: https://www.microsoft.com/en-us/security/blog/2025/02/12/the-badpilot-campaign-seashell-blizzard-subgroup-conducts-multiyear-global-access-operation/ Source: Microsoft Security Blog Title: The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation Feedly Summary: Microsoft is publishing for the first time our research into a subgroup within the Russian state actor Seashell Blizzard and its multiyear initial access operation, tracked by Microsoft Threat Intelligence as the “BadPilot campaign”.…
-
Cisco Talos Blog: Microsoft Patch Tuesday for February 2025 — Snort rules and prominent vulnerabilities
Source URL: https://blog.talosintelligence.com/february-patch-tuesday-release/ Source: Cisco Talos Blog Title: Microsoft Patch Tuesday for February 2025 — Snort rules and prominent vulnerabilities Feedly Summary: Microsoft has released its monthly security update for January of 2025 which includes 58 vulnerabilities, including 3 that Microsoft marked as “critical” and one marked as “moderate". The remaining vulnerabilities listed are classified…
-
Alerts: CISA Releases Two Industrial Control Systems Advisories
Source URL: https://www.cisa.gov/news-events/alerts/2025/02/11/cisa-releases-two-industrial-control-systems-advisories Source: Alerts Title: CISA Releases Two Industrial Control Systems Advisories Feedly Summary: CISA released two Industrial Control Systems (ICS) advisories on February 11, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-319-17 2N Access Commander (Update A) ICSA-25-037-04 Trimble Cityworks (Update A) CISA encourages users…
-
The Register: Man who SIM-swapped the SEC’s X account pleads guilty
Source URL: https://www.theregister.com/2025/02/11/sim_swapped_guilty_plea/ Source: The Register Title: Man who SIM-swapped the SEC’s X account pleads guilty Feedly Summary: Said to have asked search engine ‘What are some signs that the FBI is after you?’ An Alabama man is pleading guilty after being charged with SIM swapping the Securities and Exchange Commission’s (SEC) X account in…
-
Hacker News: Kaspersky finds hardware backdoor in 5 generations of Apple Silicon (2024)
Source URL: https://www.xstore.co.za/stuff/2024/01/kaspersky-finds-hardware-backdoor-in-5-generations-of-apple-silicon/ Source: Hacker News Title: Kaspersky finds hardware backdoor in 5 generations of Apple Silicon (2024) Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a significant security concern regarding a hardware backdoor found in Apple’s silicon. Identified as CVE-2023-38606, this vulnerability reportedly affects five generations of Apple mobile CPUs,…
-
The GenAI Bug Bounty Program | 0din.ai: The GenAI Bug Bounty Program
Source URL: https://0din.ai/blog/odin-secures-the-future-of-ai-shopping Source: The GenAI Bug Bounty Program | 0din.ai Title: The GenAI Bug Bounty Program Feedly Summary: AI Summary and Description: Yes Summary: This text delves into a critical vulnerability uncovered in Amazon’s AI assistant, Rufus, focusing on how ASCII encoding allowed malicious requests to bypass existing guardrails. It emphasizes the need for…
-
Slashdot: How To Make Any AMD Zen CPU Always Generate 4 As a Random Number
Source URL: https://it.slashdot.org/story/25/02/09/2021244/how-to-make-any-amd-zen-cpu-always-generate-4-as-a-random-number?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: How To Make Any AMD Zen CPU Always Generate 4 As a Random Number Feedly Summary: AI Summary and Description: Yes Summary: Google security researchers have identified a vulnerability in AMD’s security architecture, allowing them to inject unofficial microcode into processors, which can compromise the integrity of virtual environments…