Security Researcher – Experimental News Clipping Site

Microsoft Security Blog: Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions

Jan 14, 2025

—

by

Source URL: https://www.microsoft.com/en-us/security/blog/2025/01/13/analyzing-cve-2024-44243-a-macos-system-integrity-protection-bypass-through-kernel-extensions/ Source: Microsoft Security Blog Title: Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions Feedly Summary: Microsoft discovered a macOS vulnerability allowing attackers to bypass System Integrity Protection (SIP) by loading third party kernel extensions, which could lead to serious consequences, such as allowing attackers to install rootkits, create persistent…

The Register: Snyk appears to deploy ‘malicious’ packages targeting Cursor for unknown reason

Jan 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/14/snyk_npm_deployment_removed/ Source: The Register Title: Snyk appears to deploy ‘malicious’ packages targeting Cursor for unknown reason Feedly Summary: Packages removed, vendor said to have apologized to AI code editor as onlookers say it could have been a test Developer security company Snyk is at the center of allegations concerning the possible targeting or…

Slashdot: Snyk Researcher Caught Deploying Malicious Code Targeting AI Startup

Jan 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://it.slashdot.org/story/25/01/14/0920245/snyk-researcher-caught-deploying-malicious-code-targeting-ai-startup Source: Slashdot Title: Snyk Researcher Caught Deploying Malicious Code Targeting AI Startup Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a dependency confusion attack targeting Cursor, an AI coding startup, via the publication of malicious NPM packages. This incident raises significant concerns regarding supply chain security and illustrates potential…

The Register: Miscreants ‘mass exploited’ Fortinet firewalls, ‘highly probable’ zero-day used

Jan 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/14/miscreants_mass_exploited_fortinet_firewalls/ Source: The Register Title: Miscreants ‘mass exploited’ Fortinet firewalls, ‘highly probable’ zero-day used Feedly Summary: Ransomware ‘not off the table,’ Arctic Wolf threat hunter tells El Reg Miscreants running a “mass exploitation campaign" against Fortinet firewalls, which peaked in December, may be using an unpatched zero-day vulnerability to compromise the equipment, according…

Hacker News: Snyk security researcher deploys malicious NPM packages targeting Cursor.com

Jan 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://sourcecodered.com/snyk-malicious-npm-package/ Source: Hacker News Title: Snyk security researcher deploys malicious NPM packages targeting Cursor.com Feedly Summary: Comments AI Summary and Description: Yes Summary: The text describes a significant security incident involving potential dependency confusion attacks on NPM (Node Package Manager) packages. It underscores the importance of package analysis and highlights the actions taken…

The Register: Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days

Jan 13, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/13/ransomware_crew_abuses_compromised_aws/ Source: The Register Title: Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days Feedly Summary: ‘Codefinger’ crims on the hunt for compromised keys A new ransomware crew dubbed Codefinger targets AWS S3 buckets and uses the cloud giant’s own server-side encryption with customer provided keys (SSE-C) to lock up…

The Register: Europe coughs up €400 to punter after breaking its own GDPR data protection rules

Jan 13, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/13/data_broker_hacked/ Source: The Register Title: Europe coughs up €400 to punter after breaking its own GDPR data protection rules Feedly Summary: PLUS: Data broker leak reveals extent of info trading; Hot new ransomware gang might be all AI, no bark; and more Infosec in brief Gravy Analytics, a vendor of location intelligence info…

The Register: Security pros baited with fake Windows LDAP exploit traps

Jan 9, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/09/security_pros_baited_by_fake/ Source: The Register Title: Security pros baited with fake Windows LDAP exploit traps Feedly Summary: Tricky attackers trying yet again to deceive the good guys on home territory Security researchers are once again being lured into traps by attackers, this time with fake exploits of serious Microsoft security flaws.… AI Summary and…

The Register: Crims backdoored the backdoors they supplied to other miscreants. Then the domains lapsed

Jan 8, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/08/backdoored_backdoors/ Source: The Register Title: Crims backdoored the backdoors they supplied to other miscreants. Then the domains lapsed Feedly Summary: Here’s what $20 gets you these days More than 4,000 unique backdoors are using expired domains and/or abandoned infrastructure, and many of these expose government and academia-owned hosts – thus setting these hosts…

Wired: License Plate Readers Are Leaking Real-Time Video Feeds and Vehicle Data

Jan 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.wired.com/story/license-plate-reader-live-video-data-exposed/ Source: Wired Title: License Plate Readers Are Leaking Real-Time Video Feeds and Vehicle Data Feedly Summary: Misconfigured license plate recognition systems reveal the livestreams of individual cameras and the wealth of data they collect about every vehicle that passes them by. AI Summary and Description: Yes Summary: The text reports on a…

Tag: Security Researcher