Zero-Day Vulnerabilities – Page 2 – Experimental News Clipping Site

The Register: Google’s AI bug hunters sniff out two dozen-plus code gremlins that humans missed

Nov 20, 2024

—

by

Source URL: https://www.theregister.com/2024/11/20/google_ossfuzz/ Source: The Register Title: Google’s AI bug hunters sniff out two dozen-plus code gremlins that humans missed Feedly Summary: OSS-Fuzz is making a strong argument for LLMs in security research Google’s OSS-Fuzz project, which uses large language models (LLMs) to help find bugs in code repositories, has now helped identify 26 vulnerabilities,…

The Register: D-Link tells users to trash old VPN routers over bug too dangerous to identify

Nov 20, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/20/dlink_rip_replace_router/ Source: The Register Title: D-Link tells users to trash old VPN routers over bug too dangerous to identify Feedly Summary: Vendor offers 20% discount on new model, but not patches Owners of older models of D-Link VPN routers are being told to retire and replace their devices following the disclosure of a…

Schneier on Security: Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days

Nov 18, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.schneier.com/blog/archives/2024/11/most-of-2023s-top-exploited-vulnerabilities-were-zero-days.html Source: Schneier on Security Title: Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days Feedly Summary: Zero-day vulnerabilities are more commonly used, according to the Five Eyes: Key Findings In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority…

The Register: Five Eyes infosec agencies list 2024’s most exploited software flaws

Nov 14, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/14/five_eyes_2024_top_vulnerabilities/ Source: The Register Title: Five Eyes infosec agencies list 2024’s most exploited software flaws Feedly Summary: Slack patching remains a problem – which is worrying as crooks increasingly target zero-day vulns The cyber security agencies of the UK, US, Canada, Australia, and New Zealand have issued their annual list of the 15…

The Register: Admins can give thanks this November for dollops of Microsoft patches

Nov 13, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/13/november_patch_tuesday/ Source: The Register Title: Admins can give thanks this November for dollops of Microsoft patches Feedly Summary: Don’t be a turkey – get these fixed Patch Tuesday Patch Tuesday has swung around again, and Microsoft has released fixes for 89 CVE-listed security flaws in its products – including two under active attack…

Krebs on Security: Microsoft Patch Tuesday, November 2024 Edition

Nov 12, 2024

—

by

system automation

in Uncategorized

Source URL: https://krebsonsecurity.com/2024/11/microsoft-patch-tuesday-november-2024-edition/ Source: Krebs on Security Title: Microsoft Patch Tuesday, November 2024 Edition Feedly Summary: Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November’s patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two…

The Register: To kill memory safety bugs in C code, try the TrapC fork

Nov 12, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/12/trapc_memory_safe_fork/ Source: The Register Title: To kill memory safety bugs in C code, try the TrapC fork Feedly Summary: Memory-safe variant is planned for next year Exclusive C and C++ programmers may not need to learn Rust after all to participate in the push for memory safety.… AI Summary and Description: Yes Summary:…

The Register: Google claims Big Sleep ‘first’ AI to spot freshly committed security bug that fuzzing missed

Nov 5, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/05/google_ai_vulnerability_hunting/ Source: The Register Title: Google claims Big Sleep ‘first’ AI to spot freshly committed security bug that fuzzing missed Feedly Summary: You snooze, you lose, er, win Google claims one of its AI models is the first of its kind to spot a memory safety vulnerability in the wild – specifically an…

Slashdot: Is AI-Driven 0-Day Detection Here?

Nov 2, 2024

—

by

system automation

in Uncategorized

Source URL: https://it.slashdot.org/story/24/11/02/2150233/is-ai-driven-0-day-detection-here?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Is AI-Driven 0-Day Detection Here? Feedly Summary: AI Summary and Description: Yes Summary: This text discusses the advancements in AI-driven vulnerability detection, particularly focusing on the implementation of LLM-powered methodologies that have proven effective in identifying critical zero-day vulnerabilities. The approach combines deep program analysis with adversarial AI agents,…

Hacker News: Using Large Language Models to Catch Vulnerabilities

Nov 1, 2024

—

by

system automation

in Uncategorized

Source URL: https://googleprojectzero.blogspot.com/2024/10/from-naptime-to-big-sleep.html Source: Hacker News Title: Using Large Language Models to Catch Vulnerabilities Feedly Summary: Comments AI Summary and Description: Yes Summary: The Big Sleep project, a collaboration between Google Project Zero and Google DeepMind, has successfully discovered a previously unknown exploitable memory-safety vulnerability in SQLite through AI-assisted analysis, marking a significant advancement in…

Tag: Zero-Day Vulnerabilities