π§ Open source, open risks: The growing dangers of unregulated generative AI π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
While mainstream generative AI models have builtin safety barriers, opensource alternatives have no such restrictions. Heres what that means for cyber crime. Theres little doubt that opensource is the future of software. According to the 2024 State of Open Source Report, over twothirds of businesses increased their use of opensource software in the last year. The post Open source, open risks The growing dangers of unregulated generative AI appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
Open source, open risks: The growing dangers of unregulated generative AI
Generative AI has proved to be a game-changing tool for many organizations. But without regulation, generative AI could be the new cyber crime frontier.
π EmailGPT Exposed to Prompt Injection Attacks π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The flaw enables attackers to gain control over the AI service by submitting harmful prompts.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
EmailGPT Exposed to Prompt Injection Attacks
The flaw enables attackers to gain control over the AI service by submitting harmful prompts
π TOR Virtual Network Tunneling Tool 0.4.8.12 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with builtin privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers ISPs. This is the source code release.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Packetstormsecurity
TOR Virtual Network Tunneling Tool 0.4.8.12 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π jSQL Injection 0.98 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Packetstormsecurity
jSQL Injection 0.98 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΅οΈββοΈ Developing a Plan to Respond to Critical CVEs in Open Source Software π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Establishing a clear process for developers to respond to critical CVEs is essential for having a rapid and coordinated response.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Developing a Plan to Respond to Critical CVEs in Open Source Software
Establishing a clear process for developers to respond to critical CVEs is essential for having a rapid and coordinated response.
π¦Ώ Get 2 Lifetime Password Manager Subscriptions for Only $50 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Save your business time and money with Sticky Password Premium and get this twoaccount bundle for 49.99 reg. 399 at TechRepublic Academy.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Get 2 Lifetime Password Manager Subscriptions for Only $50
Save your business time and money with Sticky Password Premium and get this two-account bundle for $49.99 at TechRepublic Academy.
π΅οΈββοΈ 'Sticky Werewolf' APT Stalks Aviation Sector π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The proUkranian group has upgraded its infection chain, with credentials, strategic info on commercial pilots, or billiondollar designs as the possible prizes.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
'Sticky Werewolf' APT Stalks Aviation Sector
The pro-Ukranian group has upgraded its infection chain, with credentials, strategic info on commercial pilots, or billion-dollar designs as the possible prizes.
ποΈ Ultimate Cyber Hygiene Guide: Learn How to Simplify Your Security Efforts ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
2023 was a year of unprecedented cyberattacks. Ransomware crippled businesses, DDoS attacks disrupted critical services, and data breaches exposed millions of sensitive records. The cost of these attacks? Astronomical. The damage to reputations? Irreparable. But here's the shocking truth many of these attacks could have been prevented with basic cyber hygiene. Are you ready to transform your.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ LightSpy Spyware's macOS Variant Found with Advanced Surveillance Capabilities ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed that the LightSpy spyware allegedly targeting Apple iOS users is in fact a previously undocumented macOS variant of the implant. The findings come from both Huntress Labs and ThreatFabric, which separately analyzed the artifacts associated with the crossplatform malware framework that likely possesses capabilities to infect Android, iOS, Windows, macOS,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
π΅οΈββοΈ Hotel Check-in Kiosks Expose Guest Data, Room Keys π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
CVE202437364 affects hospitality kiosks from Ariane Systems, which are used for selfcheckin at more than 3,000 hotels worldwide.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Hotel Check-in Kiosks Expose Guest Data, Room Keys
CVE-2024-37364 affects hospitality kiosks from Ariane Systems, which are used for self-check-in at more than 3,000 hotels worldwide.
𧨠How to Delete Your Browser History π§¨
π Read more.
π Via "McAfee"
----------
ποΈ Seen on @cibsecurity
Deleting your browsing history has its benefits. For one, it can improve the performance of your device. Secondly, it can... The post How to Delete Your Browser History appeared first on McAfee Blog.π Read more.
π Via "McAfee"
----------
ποΈ Seen on @cibsecurity
McAfee Blog
How to Delete Your Browser History | McAfee Blog
Learn how to delete your browsing history across popular browsers and accounts to enhance privacy, improve device performance, and reduce targeted tracking.
π΅οΈββοΈ SolarWinds Flaw Flagged by NATO Pen Tester π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The latest platform update from SolarWinds includes patches for three vulnerabilities, including two highseverity bugs.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
SolarWinds Flaw Flagged by NATO Pen Tester
The latest platform update from SolarWinds includes patches for three vulnerabilities, including two high-severity bugs.
π΅οΈββοΈ Cybersecurity Job Hunting May Come Down to Certifications π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
If current cybersecurity workers only fill 85 of the need in the US, why are so many people still looking for positions? The data from the privatepublic NIST partnership CyberSeek offers some insight.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Cybersecurity Job Hunting May Come Down to Certifications
If current cybersecurity workers only fill 85% of the need in the US, why are so many people still job hunting? NIST's CyberSeek offers some data.
π΅οΈββοΈ CISO Corner: Red Sox CloudSec; Deepfake Biz Risk; Ticketmaster Takeaways π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included Proactive playbooks, a USKenya partnership, and the trouble with shadow engineering.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
CISO Corner: Red Sox CloudSec; Deepfake Biz Risk; Ticketmaster Takes
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Proactive playbooks, a US-Kenya partnership, and the trouble with shadow engineering.
π΅οΈββοΈ GitHub Repos Targeted in Cyber-Extortion Attacks π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Since at least February, a threat actor has been attempting to extort victims by stealing or wiping data in their GitHub repositories.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
GitHub Repos Targeted in Cyber-Extortion Attacks
Since at least February, a threat actor has been attempting to extort victims by stealing or wiping data in their GitHub repositories.
π¦Ώ OpenAI, Anthropic Research Reveals More About How LLMs Affect Security and Bias π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Anthropic opened a window into the black box where features steer a large language models output. OpenAI dug into the same concept two weeks later with a deep dive into sparse autoencoders.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
OpenAI, Anthropic AI Research Reveals More About How LLMs Affect Security and Bias
Anthropic opened a window into the βblack boxβ where βfeaturesβ steer a large language modelβs output. OpenAI dug into the same concept two weeks later with a deep dive into sparse autoencoders.
π 560 million Ticketmaster customer data for sale? β Week in security with Tony Anscombe π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Ticketmaster seems to have experienced a data breach, with the ShinyHunters hacker group claiming to have exfiltrated 560 million customer data. Watch as Tony discusses the story and provides useful tips on how to protect people's data.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
560 million Ticketmaster customer data for sale? β Week in security with Tony Anscombe
Ticketmaster has been breached by the ShinyHunters hacker group, who claim to have stolen 560 million customer credentials, demanding a $500,000 ransom to not sell the data on the dark web.
β€1
ποΈ Microsoft Revamps Controversial AI-Powered Recall Feature Amid Privacy Concerns ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Microsoft on Friday said it will disable its muchcriticized artificial intelligence AIpowered Recall feature by default and make it an optin. Recall, currently in preview and coming exclusively to Copilot PCs on June 18, 2024, functions as an "explorable visual timeline" by capturing screenshots of what appears on users' screens every five seconds, which are subsequently analyzed and.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New PHP Vulnerability Exposes Windows Servers to Remote Code Execution ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances. The vulnerability, tracked as CVE20244577, has been described as a CGI argument injection vulnerability affecting all versions of PHP installed on the Windows operating system. According to DEVCORE security researcher, the shortcoming makes.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€2π₯°1
π΅οΈββοΈ Governments, Businesses Tighten Cybersecurity Around Hajj Season π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
While cyberattacks drop slightly during the week of the Islamic pilgrimage, organizations in Saudi Arabia and other countries with large Muslim populations see attacks on the rise.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Governments, Businesses Tighten Cybersecurity Around Hajj Season
While cyberattacks drop slightly during the week of the Islamic pilgrimage, organizations in Saudi Arabia and other countries with large Muslim populations see attacks rise.
ποΈ Sticky Werewolf Expands Cyber Attack Targets in Russia and Belarus ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed details of a threat actor known as Sticky Werewolf that has been linked to cyber attacks targeting entities in Russia and Belarus. The phishing attacks were aimed at a pharmaceutical company, a Russian research institute dealing with microbiology and vaccine development, and the aviation sector, expanding beyond their initial focus of government.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity