Tag: permissions
-
Hacker News: Why anti-cheat software utilize kernel drivers (2020)
Source URL: https://secret.club/2020/04/17/kernel-anticheats.html Source: Hacker News Title: Why anti-cheat software utilize kernel drivers (2020) Feedly Summary: Comments AI Summary and Description: Yes Summary: The text provides a detailed analysis of the privacy and security implications of Riot Games’ anti-cheat software, Vanguard, which operates at a kernel level. It raises concerns about user privacy while addressing…
-
Hacker News: The Karma Connection in Chrome Web Store
Source URL: https://palant.info/2024/10/30/the-karma-connection-in-chrome-web-store/ Source: Hacker News Title: The Karma Connection in Chrome Web Store Feedly Summary: Comments AI Summary and Description: Yes Summary: The text outlines a significant security concern related to Chrome extensions that have transitioned into malicious actors, particularly focusing on the behaviors of the “Hide YouTube Shorts” extension and other associated extensions…
-
Cloud Blog: Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/russian-espionage-influence-ukrainian-military-recruits-anti-mobilization-narratives/ Source: Cloud Blog Title: Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives Feedly Summary: In September 2024, Google Threat Intelligence Group (consisting of Google’s Threat Analysis Group (TAG) and Mandiant) discovered UNC5812, a suspected Russian hybrid espionage and influence operation, delivering Windows and Android…
-
Hacker News: SELinux Bypasses
Source URL: https://klecko.github.io/posts/selinux-bypasses/ Source: Hacker News Title: SELinux Bypasses Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text provides an in-depth technical exploration of SELinux, specifically relating to its implementation, security mechanisms, and potential bypass methods on Android devices. This is significant for professionals in security and compliance who are focused on kernel-level…
-
Hacker News: A deep dive into Linux’s new mseal syscall
Source URL: https://blog.trailofbits.com/2024/10/25/a-deep-dive-into-linuxs-new-mseal-syscall/ Source: Hacker News Title: A deep dive into Linux’s new mseal syscall Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the introduction of a new syscall called `mseal` in the Linux kernel that implements a memory sealing protection mechanism. It highlights how `mseal` differs from previous memory protection…
-
Hacker News: Eartho: Open-Source, Privacy-Focused Alternative to Google Sign-In
Source URL: https://github.com/eartho-group/eartho Source: Hacker News Title: Eartho: Open-Source, Privacy-Focused Alternative to Google Sign-In Feedly Summary: Comments AI Summary and Description: Yes Summary: Eartho is an open-source authentication solution that emphasizes user privacy by acting as a layer between users and major authentication providers like Google and Facebook. This unique setup not only protects user…
-
Simon Willison’s Weblog: ZombAIs: From Prompt Injection to C2 with Claude Computer Use
Source URL: https://simonwillison.net/2024/Oct/25/zombais/ Source: Simon Willison’s Weblog Title: ZombAIs: From Prompt Injection to C2 with Claude Computer Use Feedly Summary: ZombAIs: From Prompt Injection to C2 with Claude Computer Use In news that should surprise nobody who has been paying attention, Johann Rehberger has demonstrated a prompt injection attack against the new Claude Computer Use…
-
Embrace The Red: ZombAIs: From Prompt Injection to C2 with Claude Computer Use
Source URL: https://embracethered.com/blog/posts/2024/claude-computer-use-c2-the-zombais-are-coming/ Source: Embrace The Red Title: ZombAIs: From Prompt Injection to C2 with Claude Computer Use Feedly Summary: A few days ago, Anthropic released Claude Computer Use, which is a model + code that allows Claude to control a computer. It takes screenshots to make decisions, can run bash commands and so forth.…
-
Hacker News: Why did you write a new RTOS for CHERIoT?
Source URL: https://cheriot.org/rtos/philosophy/history/2024/10/24/why-new-rtos.html Source: Hacker News Title: Why did you write a new RTOS for CHERIoT? Feedly Summary: Comments AI Summary and Description: Yes Summary: The text elaborates on the design and rationale behind the development of CHERIoT, a new real-time operating system (RTOS) that emphasizes hardware-software co-design and improves security through principles like least…
-
The Register: Microsoft SharePoint RCE flaw exploits in the wild – you’ve had 3 months to patch
Source URL: https://www.theregister.com/2024/10/23/microsoft_sharepoint_rce_exploited/ Source: The Register Title: Microsoft SharePoint RCE flaw exploits in the wild – you’ve had 3 months to patch Feedly Summary: Plus, a POC to make it extra easy for attackers A Microsoft SharePoint bug that can allow an attacker to remotely inject code into vulnerable versions is under active exploitation, according…