Tag: fuzzing
-
The Register: The Feds want developers to stop coding ‘unforgivable’ buffer overflow vulns
Source URL: https://www.theregister.com/2025/02/13/fbi_cisa_unforgivable_buffer_overflow/ Source: The Register Title: The Feds want developers to stop coding ‘unforgivable’ buffer overflow vulns Feedly Summary: FBI, CISA harrumph at Microsoft and VMware in call for coders to quit baking avoidable defects into stuff US authorities have labelled buffer overflow vulnerabilities “unforgivable defects”, pointed to the presence of the holes in…
-
MCP Server Cloud – The Model Context Protocol Server Directory: Slowtime MCP Server – MCP Server Integration
Source URL: https://mcpserver.cloud/server/slowtime-mcp-server Source: MCP Server Cloud – The Model Context Protocol Server Directory Title: Slowtime MCP Server – MCP Server Integration Feedly Summary: AI Summary and Description: Yes **Summary:** The text outlines the architecture and functionality of the Slowtime MCP Server, which utilizes a Model Context Protocol for secure time-based operations, highlighting its features…
-
Google Online Security Blog: Leveling Up Fuzzing: Finding more vulnerabilities with AI
Source URL: http://security.googleblog.com/2024/11/leveling-up-fuzzing-finding-more.html Source: Google Online Security Blog Title: Leveling Up Fuzzing: Finding more vulnerabilities with AI Feedly Summary: AI Summary and Description: Yes **Summary:** The text discusses significant advancements in automated vulnerability discovery utilizing AI, specifically highlighting the OSS-Fuzz project’s recent successes with AI-powered fuzzing, which led to the identification of critical vulnerabilities, including…
-
The Register: Google’s AI bug hunters sniff out two dozen-plus code gremlins that humans missed
Source URL: https://www.theregister.com/2024/11/20/google_ossfuzz/ Source: The Register Title: Google’s AI bug hunters sniff out two dozen-plus code gremlins that humans missed Feedly Summary: OSS-Fuzz is making a strong argument for LLMs in security research Google’s OSS-Fuzz project, which uses large language models (LLMs) to help find bugs in code repositories, has now helped identify 26 vulnerabilities,…
-
The Register: Google claims Big Sleep ‘first’ AI to spot freshly committed security bug that fuzzing missed
Source URL: https://www.theregister.com/2024/11/05/google_ai_vulnerability_hunting/ Source: The Register Title: Google claims Big Sleep ‘first’ AI to spot freshly committed security bug that fuzzing missed Feedly Summary: You snooze, you lose, er, win Google claims one of its AI models is the first of its kind to spot a memory safety vulnerability in the wild – specifically an…
-
Simon Willison’s Weblog: From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code
Source URL: https://simonwillison.net/2024/Nov/1/from-naptime-to-big-sleep/#atom-everything Source: Simon Willison’s Weblog Title: From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code Feedly Summary: From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code Google’s Project Zero security team used a system based around Gemini 1.5 Pro to find…
-
Hacker News: Using Large Language Models to Catch Vulnerabilities
Source URL: https://googleprojectzero.blogspot.com/2024/10/from-naptime-to-big-sleep.html Source: Hacker News Title: Using Large Language Models to Catch Vulnerabilities Feedly Summary: Comments AI Summary and Description: Yes Summary: The Big Sleep project, a collaboration between Google Project Zero and Google DeepMind, has successfully discovered a previously unknown exploitable memory-safety vulnerability in SQLite through AI-assisted analysis, marking a significant advancement in…
-
Hacker News: Fuzzing between the lines in popular barcode software
Source URL: https://blog.trailofbits.com/2024/10/31/fuzzing-between-the-lines-in-popular-barcode-software/ Source: Hacker News Title: Fuzzing between the lines in popular barcode software Feedly Summary: Comments AI Summary and Description: Yes Summary: This text provides an in-depth analysis of fuzz testing applied to the ZBar barcode scanning library, highlighting the discovery of critical security vulnerabilities. The article emphasizes the importance of fuzzing in…
-
Hacker News: Safer with Google: Advancing Memory Safety
Source URL: https://security.googleblog.com/2024/10/safer-with-google-advancing-memory.html Source: Hacker News Title: Safer with Google: Advancing Memory Safety Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses Google’s strategic commitment to enhancing memory safety in software, revealing a two-pronged approach that includes increasing the adoption of memory-safe languages and improving the risk management of existing memory-unsafe languages.…