Tag: vulnerability research
-
Cloud Blog: Cloud CISO Perspectives: From gen AI to threat intelligence: 2024 in review
Source URL: https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-from-gen-AI-to-threat-intelligence-2024-in-review/ Source: Cloud Blog Title: Cloud CISO Perspectives: From gen AI to threat intelligence: 2024 in review Feedly Summary: Welcome to the second Cloud CISO Perspectives for December 2024. To close out the year, I’m sharing the top Google Cloud security updates in 2024 that attracted the most interest from the security community.…
-
NCSC Feed: Equities process
Source URL: https://www.ncsc.gov.uk/blog-post/equities-process Source: NCSC Feed Title: Equities process Feedly Summary: Publication of the UK’s process for how we handle vulnerabilities. AI Summary and Description: Yes Summary: The UK intelligence community has published its framework for handling discovered vulnerabilities in technology, emphasizing a balanced approach between vendor disclosure and maintaining national security. This Equities Process…
-
The Register: HTTP your way into Citrix’s Virtual Apps and Desktops with fresh exploit code
Source URL: https://www.theregister.com/2024/11/12/http_citrix_vuln/ Source: The Register Title: HTTP your way into Citrix’s Virtual Apps and Desktops with fresh exploit code Feedly Summary: ‘Once again, we’ve lost a little more faith in the internet,’ researcher says Researchers are publicizing a proof of concept (PoC) exploit for what they’re calling an unauthenticated remote code execution (RCE) vulnerability…
-
Slashdot: Google’s Big Sleep LLM Agent Discovers Exploitable Bug In SQLite
Source URL: https://tech.slashdot.org/story/24/11/05/1532207/googles-big-sleep-llm-agent-discovers-exploitable-bug-in-sqlite?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Google’s Big Sleep LLM Agent Discovers Exploitable Bug In SQLite Feedly Summary: AI Summary and Description: Yes **Summary:** Google has leveraged a large language model (LLM) agent, “Big Sleep,” to identify a previously undiscovered memory vulnerability in SQLite, marking a significant advancement in automated vulnerability discovery. This initiative showcases…
-
Simon Willison’s Weblog: From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code
Source URL: https://simonwillison.net/2024/Nov/1/from-naptime-to-big-sleep/#atom-everything Source: Simon Willison’s Weblog Title: From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code Feedly Summary: From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code Google’s Project Zero security team used a system based around Gemini 1.5 Pro to find…
-
Hacker News: Using Large Language Models to Catch Vulnerabilities
Source URL: https://googleprojectzero.blogspot.com/2024/10/from-naptime-to-big-sleep.html Source: Hacker News Title: Using Large Language Models to Catch Vulnerabilities Feedly Summary: Comments AI Summary and Description: Yes Summary: The Big Sleep project, a collaboration between Google Project Zero and Google DeepMind, has successfully discovered a previously unknown exploitable memory-safety vulnerability in SQLite through AI-assisted analysis, marking a significant advancement in…