Tag: security professionals

  • The Register: Microsoft admits GitHub used to store malware that infected almost a million devices

    Source URL: https://www.theregister.com/2025/03/10/infosec_in_brief/ Source: The Register Title: Microsoft admits GitHub used to store malware that infected almost a million devices Feedly Summary: Also, phone cleaner apps are a data-sucking scam, Singapore considering the literal rod for scammers, and more Infosec in Brief Microsoft has spotted a malvertising campaign that downloaded nastyware hosted on GitHub and…

  • Hacker News: The ESP32 "backdoor" that wasn’t

    Source URL: https://darkmentor.com/blog/esp32_non-backdoor/ Source: Hacker News Title: The ESP32 "backdoor" that wasn’t Feedly Summary: Comments AI Summary and Description: Yes Summary: The text addresses the misconception that the ESP32 Bluetooth chips contain a backdoor, clarifying that the vendor-specific HCI commands discovered are common in Bluetooth technology and do not inherently indicate malicious intent. It discusses…

  • Hacker News: Backdoor detected in ESP32 Espressif IoT chip

    Source URL: https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/ Source: Hacker News Title: Backdoor detected in ESP32 Espressif IoT chip Feedly Summary: Comments AI Summary and Description: Yes Summary: The text details significant new findings by Tarlogic Security regarding a backdoor in the widely used ESP32 microchip, affecting millions of IoT devices. This vulnerability poses serious risks for security and privacy…

  • Simon Willison’s Weblog: Politico: 5 Questions for Jack Clark

    Source URL: https://simonwillison.net/2025/Mar/8/questions-for-jack-clark/ Source: Simon Willison’s Weblog Title: Politico: 5 Questions for Jack Clark Feedly Summary: Politico: 5 Questions for Jack Clark I tend to ignore statements with this much future-facing hype, especially when they come from AI labs who are both raising money and trying to influence US technical policy. Anthropic’s Jack Clark has…

  • Hacker News: Undocumented backdoor found in Bluetooth chip used by a billion devices

    Source URL: https://www.bleepingcomputer.com/news/security/undocumented-backdoor-found-in-bluetooth-chip-used-by-a-billion-devices/ Source: Hacker News Title: Undocumented backdoor found in Bluetooth chip used by a billion devices Feedly Summary: Comments AI Summary and Description: Yes Summary: The discovery of an undocumented backdoor in the widely used ESP32 microchip presents significant security risks, especially in IoT devices. This backdoor allows for device spoofing, unauthorized access,…

  • The Register: Kernel saunters – How Apple rearranged its XNU kernel with exclaves

    Source URL: https://www.theregister.com/2025/03/08/kernel_sanders_apple_rearranges_xnu/ Source: The Register Title: Kernel saunters – How Apple rearranged its XNU kernel with exclaves Feedly Summary: iPhone giant compartmentalizes OS for the sake of security Apple has been working to harden the XNU kernel that powers its various operating systems, including iOS and macOS, with a feature called “exclaves."… AI Summary…

  • Google Online Security Blog: Vulnerability Reward Program: 2024 in Review

    Source URL: http://security.googleblog.com/2025/03/vulnerability-reward-program-2024-in.html Source: Google Online Security Blog Title: Vulnerability Reward Program: 2024 in Review Feedly Summary: AI Summary and Description: Yes Summary: The text discusses Google’s Vulnerability Reward Program (VRP) for 2024, highlighting its financial support for security researchers and improvements to the program. Notable enhancements include revamped reward structures for mobile, Chrome, and…

  • The Register: Like whitebox servers, rent-a-crew crime ‘affiliates’ have commoditized ransomware

    Source URL: https://www.theregister.com/2025/03/07/commoditization_ransomware/ Source: The Register Title: Like whitebox servers, rent-a-crew crime ‘affiliates’ have commoditized ransomware Feedly Summary: Which is why taking down chiefs and infra behind big name brand operations isn’t working Interview There’s a handful of cybercriminal gangs that Jason Baker, a ransomware negotiator with GuidePoint Security, regularly gets called in to respond…