Author: Admin

October 29, 2024Ravi LakshmananAI Security / Vulnerability Just over three dozen security vulnerabilities have been discovered in various open source artificial intelligence (AI) and machine learning (ML) models, some of which could lead to remote code execution and information theft. Weaknesses identified in tools such as ChuanhuChatGPT, Lunary and LocalAI have been fixed reported as part of Protect AI’s Huntr bug bounty platform. The most serious of the flaws are two flaws affecting Lunary, a toolkit for producing large language models (LLM) – CVE-2024-7474 (CVSS Score: 9.1) – An insecure direct object reference (IDOR) vulnerability that could allow an authenticated…

Sherlock Holmes is famous for his incredible ability to sift through piles of information; it removes the irrelevant and exposes the hidden truth. His philosophy is simple but brilliant: “When you eliminate the impossible, whatever remains, no matter how improbable, must be true.” Instead of following every clue, Holmes focuses on the details that are needed to lead him to a solution. In the field of cybersecurity, vulnerability scanning reflects Holmes’s approach: Security teams are typically presented with a huge list of vulnerabilities, but not every vulnerability represents a real threat. Just as Holmes discards irrelevant clues, security teams must…

Tor users are de-anonymized by law enforcement The German police have successfully deanonymized at least four Tor users. It turns out that they monitor known Tor relays and known suspects, and use time analysis to figure out who is using which relay. Tor has is written about this. Hacker news thread. tags: deanonymization, law enforcement agencies, Tor Posted on October 29, 2024 at 7:02 am • 0 comments Bruce Schneier sidebar photo by Joe McInnis. Source link

October 29, 2024Ravi LakshmananDigital Security / Data Privacy The United States Government (USG) has issued new guidelines governing the use of the traffic light protocol (TLP) to process threat intelligence shared between the private sector, individual researchers, and federal departments and agencies. “U.S. General Management maintains a TLP label on cybersecurity information voluntarily shared by individuals, companies, or other organizations unless it is inconsistent with existing law or policy,” it said. said. “We adhere to this label because trust in data processing is a key component of cooperation with our partners.” In using these designations, the idea is to promote…

October 29, 2024Ravi LakshmananHardware Security / Vulnerability More than six years later Specter security issue impact on today’s CPU processors has been revealed, a new study has shown that the latest AMD and Intel processors are still susceptible to speculative execution attacks. attack opened by ETH Zürich researchers Johannes Wikner and Kave Razavi aims to break down the barrier of an indirect predictor of industries (IBPB) on x86 chips, an important countermeasure against speculative execution attacks. Speculative performance refers to a performance optimization feature however, modern processors execute certain instructions out of order, predicting program branching in advance, thus speeding…

October 28, 2024Ravi LakshmananMalware / Threat Intelligence Three malicious packages published to the npm registry in September 2024 were found to contain known malware called BeaverTail, a JavaScript downloader, and an information stealer linked to an ongoing campaign in North Korea tracked as Contagious Interview. Datadog Security Research Team monitoring activity under the name Stubborn pungsanwhich is also known by the aliases CL-STA-0240 and Famous Chollima. The names of the malicious packages that are no longer available for download from the package registry are listed below – passports-js, passport backdoor (118 downloads) bcrypts-js, a backdoor copy of bcryptjs (81 downloads)…

October 28, 2024Ravi LakshmananCyber ​​espionage / Android An alleged Russian hybrid espionage-influence operation was spotted delivering a mixture of Windows and Android malware to target the Ukrainian military called Telegram Civil Defense. Google Threat Analysis Group (TAG) and Mandiant track activity under the name UNC5812. A threat group that runs a Telegram channel called civildefense_com_uawas created on September 10, 2024. At the time of writing, the channel has 184 subscribers. It also supports the website civildefense.com(.)ua, which was registered on April 24, 2024. “Civil Defense claims to be a provider of free software designed to allow potential recruits to view…

October 28, 2024Ravi LakshmananCloud Security / Cyber ​​Attack A government organization and a religious organization in Taiwan have been targeted by a China-linked threat known as The elusive panda which infected them with a previously undocumented post-compromise toolkit codenamed CloudScout. “The CloudScout toolkit is capable of extracting data from various cloud services using stolen web session cookies,” ESET security researcher An Ho said. “Through the CloudScout plug-in, it works seamlessly with MgBot, Evasive Panda’s proprietary malware framework.” A Slovak cybersecurity company used .NET-based malware that was discovered between May 2022 and February 2023. It includes 10 different modules written in…

Criminals blow up ATMs in Germany this low techbut effective. Why Germany? It has more ATMs than other European countries, and if I read the article correctly, they have more money. tags: ATMs, banking, bombs, theft Posted on October 28, 2024 at 12:12 pm • 0 comments Bruce Schneier sidebar photo by Joe McInnis. Source link

October 28, 2024Hacker newsOperational technologies / Cyber ​​security Operational safety technology (OT) has impacted marine vessel and port operators as both ships and industrial cranes are rapidly digitized and automated, creating new types of safety challenges. Ships come ashore on average every six months. Container cranes are mostly automated. Diagnostics, maintenance, upgrades and tuning of these mission-critical systems are performed remotely, often by third-party technicians. This highlights the importance of proper secure remote access management for industrial control systems (ICS). Learn more in our Buyer’s Guide to Securely Managing the Remote Access Lifecycle. We are in SSH connection security (SSH)…