security weakness - Cloud Security Alliance News Clipping Site

Slashdot: Ubuntu Linux Impacted By Decade-Old ‘needrestart’ Flaw That Gives Root

Nov 21, 2024

—

by

Source URL: https://it.slashdot.org/story/24/11/21/0057206/ubuntu-linux-impacted-by-decade-old-needrestart-flaw-that-gives-root?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Ubuntu Linux Impacted By Decade-Old ‘needrestart’ Flaw That Gives Root Feedly Summary: AI Summary and Description: Yes Summary: The text details five local privilege escalation vulnerabilities found in the Linux utility “needrestart,” crucial for professionals in security and compliance to recognize, as they highlight significant risks associated with resource…

The Register: D-Link tells users to trash old VPN routers over bug too dangerous to identify

Nov 20, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/20/dlink_rip_replace_router/ Source: The Register Title: D-Link tells users to trash old VPN routers over bug too dangerous to identify Feedly Summary: Vendor offers 20% discount on new model, but not patches Owners of older models of D-Link VPN routers are being told to retire and replace their devices following the disclosure of a…

The Register: Microsoft Power Pages misconfigurations exposing sensitive data

Nov 15, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/15/microsoft_power_pages_misconfigurations/ Source: The Register Title: Microsoft Power Pages misconfigurations exposing sensitive data Feedly Summary: NHS supplier that leaked employee info fell victim to fiddly access controls that can leave databases dangling online Private businesses and public-sector organizations are unwittingly exposing millions of people’s sensitive information to the public internet because they misconfigure Microsoft’s…

Hacker News: Attestations: A new generation of signatures on PyPI

Nov 15, 2024

—

by

system automation

in Uncategorized

Source URL: https://blog.trailofbits.com/2024/11/14/attestations-a-new-generation-of-signatures-on-pypi/ Source: Hacker News Title: Attestations: A new generation of signatures on PyPI Feedly Summary: Comments AI Summary and Description: Yes Summary: The announcement discusses a new security feature on the Python Package Index (PyPI): index-hosted digital attestations based on PEP 740. This feature enhances package provenance and security by integrating with Trusted…

Hacker News: Security flaws found in all Nvidia GeForce GPUs. Update drivers ASAP

Nov 3, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.pcworld.com/article/2504035/security-flaws-found-in-all-nvidia-geforce-gpus-update-drivers-asap.html Source: Hacker News Title: Security flaws found in all Nvidia GeForce GPUs. Update drivers ASAP Feedly Summary: Comments AI Summary and Description: Yes Summary: Nvidia has issued a critical alert regarding multiple security vulnerabilities in its GeForce GPUs, affecting both Windows and Linux users. The vulnerabilities can potentially allow attackers to gain…

The Register: How to jailbreak ChatGPT and trick the AI into writing exploit code using hex encoding

Oct 29, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/29/chatgpt_hex_encoded_jailbreak/ Source: The Register Title: How to jailbreak ChatGPT and trick the AI into writing exploit code using hex encoding Feedly Summary: ‘It was like watching a robot going rogue’ says researcher OpenAI’s language model GPT-4o can be tricked into writing exploit code by encoding the malicious instructions in hexadecimal, which allows an…

Cisco Talos Blog: Talos IR trends Q3 2024: Identity-based operations loom large

Oct 24, 2024

—

by

system automation

in Uncategorized

Source URL: https://blog.talosintelligence.com/incident-response-trends-q3-2024/ Source: Cisco Talos Blog Title: Talos IR trends Q3 2024: Identity-based operations loom large Feedly Summary: Credential theft was the main goal in 25% of incidents last quarter, and new ransomware variants made their appearance – read more about the top trends, TTPs, and security weaknesses that facilitated adversary actions. AI Summary…

Rekt: Radiant Capital – Rekt II

Oct 17, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.rekt.news/radiant-capital-rekt2 Source: Rekt Title: Radiant Capital – Rekt II Feedly Summary: Radiant Capital gets a $53M haircut. Thought multi-sigs were safe? Think again. Radiant’s “robust" 3/11 setup crumbled like a house of cards. Exploited twice in 2024, the future of Radiant looks about as bright as a black hole. AI Summary and Description:…

The Register: WeChat devs introduced security flaws when they modded TLS, say researchers

Oct 17, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/17/wechat_devs_modded_tls_introducing/ Source: The Register Title: WeChat devs introduced security flaws when they modded TLS, say researchers Feedly Summary: No attacks possible, but enough issues to cause concern Messaging giant WeChat uses a network protocol that the app’s developers modified – and by doing so introduced security weaknesses, researchers claim.… AI Summary and Description: Yes…

Hacker News: Hacker plants false memories in ChatGPT to steal user data in perpetuity

Sep 24, 2024

—

by

system automation

in Uncategorized

Source URL: https://arstechnica.com/security/2024/09/false-memories-planted-in-chatgpt-give-hacker-persistent-exfiltration-channel/ Source: Hacker News Title: Hacker plants false memories in ChatGPT to steal user data in perpetuity Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a vulnerability discovered in ChatGPT that allowed for malicious manipulation of its long-term memory feature through prompt injection. While OpenAI has released a partial…

Tag: security weakness