Tag: threats
-
Alerts: CISA Adds One Known Exploited Vulnerability to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/01/23/cisa-adds-one-known-exploited-vulnerability-catalog Source: Alerts Title: CISA Adds One Known Exploited Vulnerability to Catalog Feedly Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2020-11023 JQuery Cross-Site Scripting (XSS) Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks…
-
Alerts: CISA Releases Six Industrial Control Systems Advisories
Source URL: https://www.cisa.gov/news-events/alerts/2025/01/23/cisa-releases-six-industrial-control-systems-advisories Source: Alerts Title: CISA Releases Six Industrial Control Systems Advisories Feedly Summary: CISA released six Industrial Control Systems (ICS) advisories on January 23, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-023-01 mySCADA myPRO Manager ICSA-25-023-02 Hitachi Energy RTU500 Series Product ICSA-25-023-03 Schneider Electric EVlink…
-
Hacker News: Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025
Source URL: https://www.bleepingcomputer.com/news/security/hackers-exploit-16-zero-days-on-first-day-of-pwn2own-automotive-2025/ Source: Hacker News Title: Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025 Feedly Summary: Comments AI Summary and Description: Yes Summary: The text provides a detailed report on the outcomes of the Pwn2Own Automotive 2025 hacking competition, highlighting the successful exploitation of zero-day vulnerabilities relating to electric vehicle chargers…
-
The Register: Who is DDoSing you? Rivals, probably, or cheesed-off users
Source URL: https://www.theregister.com/2025/01/23/who_is_ddosing_you_competitors/ Source: The Register Title: Who is DDoSing you? Rivals, probably, or cheesed-off users Feedly Summary: Plus: ‘Largest-ever’ duff traffic tsunami clocks in at 5.6 Tbps In addition to Chinese spies invading organizations’ networks and ransomware crews locking up sensitive files, botnets blasting distributed denial of service (DDoS) attacks can still cause a…
-
Slashdot: DHS Terminates All Its Advisory Committees, Ending Its Investigation Into Chinese Telecom Hack
Source URL: https://it.slashdot.org/story/25/01/22/2332221/dhs-terminates-all-its-advisory-committees-ending-its-investigation-into-chinese-telecom-hack Source: Slashdot Title: DHS Terminates All Its Advisory Committees, Ending Its Investigation Into Chinese Telecom Hack Feedly Summary: AI Summary and Description: Yes Summary: The Department of Homeland Security (DHS) has disbanded all advisory committee members, including those investigating the Salt Typhoon hack, in a bid to focus resources on national security.…
-
The Register: Oracle emits 603 patches, names one it wants you to worry about soon
Source URL: https://www.theregister.com/2025/01/23/oracle_patch_linux/ Source: The Register Title: Oracle emits 603 patches, names one it wants you to worry about soon Feedly Summary: Old flaws that keep causing trouble haunt Big Red Oracle has delivered its regular quarterly collection of patches: 603 in total, 318 for its own products, and another 285 for Linux code it…
-
Simon Willison’s Weblog: Trading Inference-Time Compute for Adversarial Robustness
Source URL: https://simonwillison.net/2025/Jan/22/trading-inference-time-compute/ Source: Simon Willison’s Weblog Title: Trading Inference-Time Compute for Adversarial Robustness Feedly Summary: Trading Inference-Time Compute for Adversarial Robustness Brand new research paper from OpenAI, exploring how inference-scaling “reasoning" models such as o1 might impact the search for improved security with respect to things like prompt injection. We conduct experiments on the…