threat model – Experimental News Clipping Site

Cloud Blog: The oracles of DeFi: How to build trustworthy data feeds for decentralized applications

Oct 2, 2025

—

by

Source URL: https://cloud.google.com/blog/topics/financial-services/blockchain-oracles-dz-bank-solution-defi-enterprise-applications/ Source: Cloud Blog Title: The oracles of DeFi: How to build trustworthy data feeds for decentralized applications Feedly Summary: Distributed ledger technology (DLT) emerged with Bitcoin as a censorship-resistant way to conduct payments between distrusting peers. After a period, traditional financial institutions began to explore the technology, recognizing the potential of its…

Schneier on Security: Digital Threat Modeling Under Authoritarianism

Sep 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.schneier.com/blog/archives/2025/09/digital-threat-modeling-under-authoritarianism.html Source: Schneier on Security Title: Digital Threat Modeling Under Authoritarianism Feedly Summary: Today’s world requires us to make complex and nuanced decisions about our digital security. Evaluating when to use a secure messaging app like Signal or WhatsApp, which passwords to store on your smartphone, or what to share on social media…

Cloud Blog: Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors

Sep 24, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/brickstorm-espionage-campaign/ Source: Cloud Blog Title: Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors Feedly Summary: Written by: Sarah Yoder, John Wolfram, Ashley Pearson, Doug Bienstock, Josh Madeley, Josh Murchie, Brad Slaybaugh, Matt Lin, Geoff Carstairs, Austin Larsen Introduction Google Threat Intelligence Group (GTIG) is tracking BRICKSTORM malware activity, which is…

The Register: Kaspersky: RevengeHotels checks back in with AI-coded malware

Sep 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/23/kaspersky_revengehotels_checks_back_in/ Source: The Register Title: Kaspersky: RevengeHotels checks back in with AI-coded malware Feedly Summary: Old hotel scam gets an AI facelift, leaving travellers’ card details even more at risk Kaspersky has raised the alarm over the resurgence of hotel-hacking outfit “RevengeHotels," which it claims is now using artificial intelligence to supercharge its…

Anton on Security – Medium: Anton’s Security Blog Quarterly Q3 2025

Sep 22, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://medium.com/anton-on-security/antons-security-blog-quarterly-q3-2025-74fc422be3d3?source=rss—-8e8c3ed26c4c—4 Source: Anton on Security – Medium Title: Anton’s Security Blog Quarterly Q3 2025 Feedly Summary: AI Summary and Description: Yes Summary: The provided text outlines various security topics and resources related to cloud security and AI security, emphasizing the ongoing discussions and research in these fields. It highlights key articles and podcasts…

Bulletins: Vulnerability Summary for the Week of August 25, 2025

Sep 2, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/bulletins/sb25-245 Source: Bulletins Title: Vulnerability Summary for the Week of August 25, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000projects–Online Project Report Submission and Evaluation System A vulnerability has been found in 1000projects Online Project Report Submission and Evaluation System 1.0. This issue affects some unknown…

NCSC Feed: From bugs to bypasses: adapting vulnerability disclosure for AI safeguards

Sep 2, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.ncsc.gov.uk/blog-post/from-bugs-to-bypasses-adapting-vulnerability-disclosure-for-ai-safeguards Source: NCSC Feed Title: From bugs to bypasses: adapting vulnerability disclosure for AI safeguards Feedly Summary: Exploring how far cyber security approaches can help mitigate risks in generative AI systems AI Summary and Description: Yes Summary: The text addresses the intersection of cybersecurity strategies and generative AI systems, highlighting how established cybersecurity…

Embrace The Red: Amazon Q Developer for VS Code Vulnerable to Invisible Prompt Injection

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-interprets-hidden-instructions/ Source: Embrace The Red Title: Amazon Q Developer for VS Code Vulnerable to Invisible Prompt Injection Feedly Summary: The Amazon Q Developer VS Code Extension (Amazon Q) is a very popular coding agent, with over 1 million downloads. In previous posts we showed how prompt injection vulnerabilities in Amazon Q could lead…

Cloud Blog: Announcing new capabilities for enabling defenders and securing AI innovation

Aug 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/identity-security/security-summit-2025-enabling-defenders-and-securing-ai-innovation/ Source: Cloud Blog Title: Announcing new capabilities for enabling defenders and securing AI innovation Feedly Summary: AI presents an unprecedented opportunity for organizations to redefine their security posture and reduce the greatest amount of risk for the investment. From proactively finding zero-day vulnerabilities to processing vast amounts of threat intelligence data in…

Cloud Blog: Beyond guardrails: A taxonomy of platform engineering control mechanisms

Aug 15, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/application-modernization/platform-engineering-control-mechanisms/ Source: Cloud Blog Title: Beyond guardrails: A taxonomy of platform engineering control mechanisms Feedly Summary: The promise of platform engineering is to accelerate software delivery by empowering developers with self-service capabilities. However, this must be balanced with security, compliance, and operational stability, and for this, you need robust controls. But all too…

Tag: threat model