Experimental News Clipping Site

Tag: malicious activities

  • Cloud Blog: Backscatter: Automated Configuration Extraction

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/backscatter-automated-configuration-extraction/ Source: Cloud Blog Title: Backscatter: Automated Configuration Extraction Feedly Summary: Written by: Josh Triplett Executive Summary Backscatter is a tool developed by the Mandiant FLARE team that aims to automatically extract malware configurations. It relies on static signatures and emulation to extract this information without dynamic execution, bypassing anti-analysis logic present in…

  • Schneier on Security: Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme

    by

    Kurt Seifried
    in

    Source URL: https://www.schneier.com/blog/archives/2025/01/microsoft-takes-legal-action-against-ai-hacking-as-a-service-scheme.html Source: Schneier on Security Title: Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme Feedly Summary: Not sure this will matter in the end, but it’s a positive move: Microsoft is accusing three individuals of running a “hacking-as-a-service” scheme that was designed to allow the creation of harmful and illicit…

  • Slashdot: New LLM Jailbreak Uses Models’ Evaluation Skills Against Them

    by

    Kurt Seifried
    in

    Source URL: https://it.slashdot.org/story/25/01/12/2010218/new-llm-jailbreak-uses-models-evaluation-skills-against-them?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: New LLM Jailbreak Uses Models’ Evaluation Skills Against Them Feedly Summary: AI Summary and Description: Yes **Summary:** The text discusses a novel jailbreak technique for large language models (LLMs) known as the ‘Bad Likert Judge,’ which exploits the models’ evaluative capabilities to generate harmful content. Developed by Palo Alto…

  • Hacker News: Securely Disposing of Smart Devices

    by

    Kurt Seifried
    in

    Source URL: https://www.rapid7.com/blog/post/2025/01/06/out-with-the-old-in-with-the-new-securely-disposing-of-smart-devices/ Source: Hacker News Title: Securely Disposing of Smart Devices Feedly Summary: Comments AI Summary and Description: Yes Summary: The text provides critical insights on the security implications of improper disposal of smart devices, emphasizing the importance of factory resetting IoT devices before resale or disposal. This presents a significant privacy and security…

  • The Register: FireScam infostealer poses as Telegram Premium app to surveil Android devices

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/06/firescam_android_malware/ Source: The Register Title: FireScam infostealer poses as Telegram Premium app to surveil Android devices Feedly Summary: Once installed, it helps itself to your data like it’s a free buffet Android malware dubbed FireScam tricks people into thinking they are downloading a Telegram Premium application that stealthily monitors victims’ notifications, text messages,…

  • Krebs on Security: Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

    by

    system automation
    in

    Source URL: https://krebsonsecurity.com/2024/12/web-hacking-service-araneida-tied-to-turkish-it-firm/ Source: Krebs on Security Title: Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm Feedly Summary: Cybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix, a powerful commercial web app vulnerability scanner, new research finds. The cracked software is being resold as…

  • Microsoft Security Blog: Microsoft Defender XDR demonstrates 100% detection coverage across all cyberattack stages in the 2024 MITRE ATT&CK® Evaluations: Enterprise​​

    by

    system automation
    in

    Source URL: https://www.microsoft.com/en-us/security/blog/2024/12/11/microsoft-defender-xdr-demonstrates-100-detection-coverage-across-all-cyberattack-stages-in-the-2024-mitre-attck-evaluations-enterprise/ Source: Microsoft Security Blog Title: Microsoft Defender XDR demonstrates 100% detection coverage across all cyberattack stages in the 2024 MITRE ATT&CK® Evaluations: Enterprise​​ Feedly Summary: For the sixth year in a row, Microsoft Defender XDR demonstrated industry-leading extended detection and response (XDR) capabilities in the independent MITRE ATT&CK® Evaluations: Enterprise. The cyberattack…

  • Hacker News: Zizmor would have caught the Ultralytics workflow vulnerability

    by

    system automation
    in

    Source URL: https://blog.yossarian.net/2024/12/06/zizmor-ultralytics-injection Source: Hacker News Title: Zizmor would have caught the Ultralytics workflow vulnerability Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text describes a security incident involving the compromise of the Ultralytics machine learning package, which led to the release of malicious software via multiple versions uploaded to PyPI. The root…

  • Krebs on Security: Why Phishers Love New TLDs Like .shop, .top and .xyz

    by

    system automation
    in

    Source URL: https://krebsonsecurity.com/2024/12/why-phishers-love-new-tlds-like-shop-top-and-xyz/ Source: Krebs on Security Title: Why Phishers Love New TLDs Like .shop, .top and .xyz Feedly Summary: Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz —…