π΅οΈββοΈ Google: Big Sleep AI Agent Puts SQLite Software Bug to Bed π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
A research tool by the company found a vulnerability in the SQLite open source database, demonstrating the "defensive potential" for using LLMs to find vulnerabilities in applications before they're publicly released.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Google: Big Sleep AI Agent Puts SQLite Software Bug to Bed
A research tool by the company found a real-world vulnerability in the SQLite open source database, demonstrating the "defensive potential" for using LLMs to find vulnerabilities in applications before they are publicly released.
π΅οΈββοΈ Name That Edge Toon: Aerialist's Choice π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Feeling creative? Submit your caption and our panel of experts will reward the winner with a 25 Amazon gift card.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Name That Edge Toon: Aerialist's Choice
Feeling creative? Submit your caption for the November Name That Edge Toon Contest and our panel of experts will reward the winner with a $25 Amazon gift card.
π΅οΈββοΈ Can Automatic Updates for Critical Infrastructure Be Trusted? π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The true measure of our cybersecurity prowess lies in our capacity to endure.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Can Auto Updates for Critical Infrastructure Be Trusted?
The true measure of our cybersecurity prowess lies in our capacity to endure.
π¦Ώ How AI Is Changing the Cloud Security and Risk Equation π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Discover how AI amplifies cloud security risks and how to mitigate them, with insights from Tenables Liat Hayun on managing data sensitivity, misconfigurations, and overprivileged access.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
How AI Is Changing the Cloud Security and Risk Equation
Discover how AI amplifies cloud security risks and how to mitigate them, with insights from Tenableβs Liat Hayun.
π TOR Virtual Network Tunneling Tool 0.4.8.13 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with builtin privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers ISPs. This is the source code release.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
ποΈ Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence AI framework that could be exploited by a malicious actor to perform various actions, including denialofservice, model poisoning, and model theft. "Collectively, the vulnerabilities could allow an attacker to carry out a widerange of malicious actions with a single HTTP request, including.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Columbus Ransomware Attack Exposes Data of 500,000 Residents π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The City of Columbus, Ohio, informed the Maine Attorney Generals Office that approximately 55 of its residents were affected by the breach.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Columbus Ransomware Attack Exposes Data of 500,000 Residents
The City of Columbus, Ohio, informed the Maine Attorney Generalβs Office that approximately 55% of its residents were affected by the breach
π1
π Cybercriminals Exploit DocuSign APIs to Send Fake Invoices π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cybercriminals are exploiting DocuSign APIs to send fake invoices, bypassing security filters and mimicking wellknown brands.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Cybercriminals Exploit DocuSign APIs to Send Fake Invoices
Cybercriminals are exploiting DocuSign APIs to send fake invoices, bypassing security filters and mimicking well-known brands
π Nigerian Handed 26-Year Sentence for Real Estate Phishing Scam π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A US district court sentenced a Nigerian man for an elaborate maninthemiddle phishing campaign, which resulted in 12m in losses from realestate transactions.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Nigerian Handed 26-Year Sentence for Real Estate Phishing Scam
A US district court sentenced a Nigerian man for an elaborate βman-in-the-middleβ phishing campaign, which resulted in $12m in losses from real-estate transactions
π Google Researchers Claim First Vulnerability Found Using AI π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The flaw, an exploitable stack buffer underflow in SQLite, was found by Googles Big Sleep team using a large language model LLM.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Google Researchers Claim First Vulnerability Found Using AI
The flaw, an exploitable stack buffer underflow in SQLite, was found by Googleβs Big Sleep team using a large language model (LLM)
π US Says Russia Behind Fake Haitian Voters Video π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
US government agencies said the video, widely shared on social media, is part of Russias broader strategy of undermining the integrity of the Presidential Election.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
US Says Russia Behind Fake Haitian Voters Video
US government agencies said the video, widely shared on social media, is part of Russiaβs broader strategy of undermining the integrity of the Presidential Election
π¦
ICS Vulnerability Intelligence Report: Key Insights and Recommendations π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview Cyble Research Intelligence Labs CRIL has investigated key ICS vulnerabilities this week, providing critical insights issued by the Cybersecurity and Infrastructure Security Agency CISA, focusing on multiple flaws in several ICS products. During this reporting period, CISA issued four security advisories targeting vulnerabilities across various Industrial Control Systems, including those from ICONICS, Mitsubishi Electric, VIMESA, iniNet Solutions, and Deep Sea Electronics. These advisories pinpoint ICS vulnerabilities that security teams should prioritize for immediate patching to mitigate potential risks. The recent vulnerability assessment has revealed a highseverity path traversal vulnerability in SpiderControl SCADA. The Deep Sea Electronics DSE855 has also been ...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
ICS Vulnerability Report: Insights & Recommendations
Cyble Research investigates critical ICS vulnerabilities identified by CISA, emphasizing urgent patching for affected products.
π΅οΈββοΈ Okta Fixes Auth Bypass Bug After 3-Month Lull π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The bug affected accounts with 52character user names, and had several preconditions that needed to be met in order to be exploited.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Okta Fixes Auth Bypass Bug After 3-Month Lull
The bug affected accounts with 52-character user names, and had several pre-conditions that needed to be met in order to be exploited.
π΅οΈββοΈ OWASP Beefs Up GenAI Security Guidance Amid Growing Deepfakes π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
As businesses worry over deepfake scams and other AI attacks, organizations are adding guidance for cybersecurity teams on how to detect, and respond to, nextgeneration threats. That includes Exabeam, which was recently targeted by a deepfaked job candidate.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
OWASP Beefs Up GenAI Security Advice Amid Growing Deepfakes
As businesses worry over deepfake scams and other AI attacks, organizations are adding guidance for cybersecurity teams on how to detect, and respond to, next-generation threats. That includes Exabeam, which was recently targeted by a deepfaked job candidate.
π1
π¦Ώ Software Makers Encouraged to Stop Using C/C++ by 2026 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
The Cybersecurity and Infrastructure Security Agency and Federal Bureau of Investigation assert that C, C, and other memoryunsafe languages contribute to potential security breaches.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Software Makers Encouraged to Stop Using C/C++ by 2026
CISA and the FBI released a Product Security Bad Practices Report asserting C, C++, and other languages cause potential security breaches.
π΅οΈββοΈ APT36 Refines Tools in Attacks on Indian Targets π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The Pakistanbased advanced persistent threat actor has been carrying on a cyberespionage campaign targeting organizations on the subcontinent for more than a decade, and it's now using a new and improved "ElizaRAT" malware.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
APT36 Refines Tools in Attacks on Indian Targets
The Pakistan-based advanced persistent threat actor has been carrying on a cyber-espionage campaign targeting organizations on the subcontinent for more than a decade, and is now using a new and improved "ElizaRAT" malware.
π΅οΈββοΈ Iranian APT Group Targets IP Cameras, Extends Attacks Beyond Israel π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The Iranlinked group Emennet Pasargad aims to undermine public confidence in Israeli and Western nations by using hackandleak campaigns and disrupting government services, including elections.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Iranian APT Targets IP Cameras, Extends Attacks Beyond Israel
The Iran-linked group Emennet Pasargad aims to undermine public confidence in Israel and Western nations by using hack-and-leak campaigns and disrupting government services, including elections.
β€1
ποΈ Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to trick them into running crossplatform malware. The attack is notable for utilizing Ethereum smart contracts for commandandcontrol C2 server address distribution, according to independent findings from Checkmarx, Phylum, and Socket published over the past few.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
ποΈ Canadian Suspect Arrested Over Snowflake Data Breach and Extortion Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Canadian law enforcement authorities have arrested an individual who is suspected to have conducted a series of hacks stemming from the breach of cloud data warehousing platform Snowflake earlier this year. The individual in question, Alexander "Connor" Moucka aka Judische and Waifu, was apprehended on October 30, 2024, on the basis of a provisional arrest warrant, following a request by the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild. The vulnerability, tracked as CVE202443093, has been described as a privilege escalation flaw in the Android Framework component that could result in unauthorized access to "Androiddata," "Androidobb," and "Androidsandbox" directories and its subdirectories,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π½ Hackers Strike at Heart of Italian Government π½
π Read more.
π Via "BE3SEC"
----------
ποΈ Seen on @cibsecurity
In a scenario reminiscent of a modernday Italian Job, hackers have allegedly breached Italys national security, exposing confidential data of some of the countrys most prominent political figures. At the heart of the controversy is Nunzio Samuele Calamucci, a 44yearold IT consultant operating from a modest office near Milans iconic.π Read more.
π Via "BE3SEC"
----------
ποΈ Seen on @cibsecurity
Be4Sec
Hackers Strike at Heart of Italian Government
In a scenario reminiscent of a modern-day Italian Job, hackers have allegedly breached Italyβs national security, exposing confidential data of some of the countryβs most prominent political β¦
π2