Tag: permissions
-
Irrational Exuberance: How should we control access to user data?
Source URL: https://lethain.com/user-data-access-strategy/ Source: Irrational Exuberance Title: How should we control access to user data? Feedly Summary: At some point in a startup’s lifecycle, they decide that they need to be ready to go public in 18 months, and a flurry of IPO-readiness activity kicks off. This strategy focuses on a company working on IPO…
-
CSA: BeyondTrust Breach: We Need Remote Access Security
Source URL: https://cloudsecurityalliance.org/blog/2025/02/07/beyondtrust-breach-a-wake-up-call-for-remote-access-security Source: CSA Title: BeyondTrust Breach: We Need Remote Access Security Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a recent security incident involving BeyondTrust and the US Treasury Department, emphasizing vulnerabilities in traditional remote access solutions. It advocates for adopting proactive security measures such as the principle of least…
-
Hacker News: Google Fixes Android Kernel Zero-Day Exploited in Attacks
Source URL: https://thedefendopsdiaries.com/google-fixes-android-kernel-zero-day-exploited-in-attacks/ Source: Hacker News Title: Google Fixes Android Kernel Zero-Day Exploited in Attacks Feedly Summary: Comments AI Summary and Description: Yes Summary: CVE-2024-53104 has emerged as a significant zero-day vulnerability within the Linux kernel, particularly impacting the USB Video Class driver, and presents severe risks to Android devices. The exploration of this flaw…
-
Simon Willison’s Weblog: Using pip to install a Large Language Model that’s under 100MB
Source URL: https://simonwillison.net/2025/Feb/7/pip-install-llm-smollm2/ Source: Simon Willison’s Weblog Title: Using pip to install a Large Language Model that’s under 100MB Feedly Summary: I just released llm-smollm2, a new plugin for LLM that bundles a quantized copy of the SmolLM2-135M-Instruct LLM inside of the Python package. This means you can now pip install a full LLM! If…
-
Cisco Talos Blog: Google Cloud Platform Data Destruction via Cloud Build
Source URL: https://blog.talosintelligence.com/gcp-data-destruction-via-cloud-build/ Source: Cisco Talos Blog Title: Google Cloud Platform Data Destruction via Cloud Build Feedly Summary: A technical overview of Cisco Talos’ investigations into Google Cloud Platform Cloud Build, and the threat surface posed by the storage permission family. AI Summary and Description: Yes **Summary:** The text discusses security vulnerabilities associated with Google…
-
Slashdot: iOS App Store Apps With Screenshot-Reading Malware Found For the First Time
Source URL: https://it.slashdot.org/story/25/02/05/2010251/ios-app-store-apps-with-screenshot-reading-malware-found-for-the-first-time?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: iOS App Store Apps With Screenshot-Reading Malware Found For the First Time Feedly Summary: AI Summary and Description: Yes Summary: The discovery of “SparkCat” malware infiltrating iOS and Android apps marks a significant breach of security, being the first to implement malicious screenshot-reading capabilities in Apple’s App Store. This…
-
Simon Willison’s Weblog: o3-mini is really good at writing internal documentation
Source URL: https://simonwillison.net/2025/Feb/5/o3-mini-documentation/#atom-everything Source: Simon Willison’s Weblog Title: o3-mini is really good at writing internal documentation Feedly Summary: o3-mini is really good at writing internal documentation I wanted to refresh my knowledge of how the Datasette permissions system works today. I already have extensive hand-written documentation for that, but I thought it would be interesting…
-
The Register: DeepSeek rated too dodgy down under: Banned from Australian government devices
Source URL: https://www.theregister.com/2025/02/05/australia_deepseek_ban/ Source: The Register Title: DeepSeek rated too dodgy down under: Banned from Australian government devices Feedly Summary: As American big tech companies lashed for their slow efforts to prevent harms Australia’s Department of Home Affairs has banned the use of DeepSeek on federal government devices.… AI Summary and Description: Yes Summary: Australia’s…
-
The Register: Google: How to make any AMD Zen CPU always generate 4 as a random number
Source URL: https://www.theregister.com/2025/02/04/google_amd_microcode/ Source: The Register Title: Google: How to make any AMD Zen CPU always generate 4 as a random number Feedly Summary: Malicious microcode vulnerability discovered, fixes rolling out for Epycs at least Googlers have not only figured out how to break AMD’s security – allowing them to load unofficial microcode into its…
-
Unit 42: Stealers on the Rise: A Closer Look at a Growing macOS Threat
Source URL: https://unit42.paloaltonetworks.com/?p=138244 Source: Unit 42 Title: Stealers on the Rise: A Closer Look at a Growing macOS Threat Feedly Summary: Atomic Stealer, Poseidon Stealer and Cthulhu Stealer target macOS. We discuss their various properties and examine leverage of the AppleScript framework. The post Stealers on the Rise: A Closer Look at a Growing macOS…