Aggregator

DeepMind's CaMeL Aims to Fight Prompt Injection Attacks

BankInfoSecurity.com
1 year 1 month ago
Security First Framework Approach Focuses on Isolating Untrusted Inputs
Chatbots' popularity has been tempered from the start by the prospect of prompt injection attacks. Google DeepMind's CaMeL aims to address the issue by reframing the problem, and applying proven security engineering patterns to isolate and track untrusted data.

AI Giants Adopt Anthropic's Standard to Connect Apps, Agents

BankInfoSecurity.com
1 year 1 month ago
Model Context Protocol's Adopters Include OpenAI, Google
Artificial intelligence developers including OpenAI, Google and Microsoft are adopting rival Anthropic's open standard to speed up the capabilities of their chatbots by allowing them to access daily-use software. Dubbed "Model Context Protocol," the open standard aims to make chatbots more useful.

Reborn: Cybercrime Marketplace Cracked Appears to Be Back

BankInfoSecurity.com
1 year 1 month ago
In Other Cybercrime Market Drama, BreachForums Marketplace Reboot Branded a Fake
Just three months after being disrupted by an intelligence law enforcement operation, the notorious online cybercrime marketplace called Cracked appears to have patched itself up and restarted operations. The recently disrupted BreachForums also claims to be back - although experts remain skeptical.

Whistleblower Warns DOGE Secretly Building 'Master Database'

BankInfoSecurity.com
1 year 1 month ago
Top Democrat Sounds Alarm Over Whistleblower Report of DOGE's Master Database
A top Democrat on the House Oversight Committee sounded the alarm after a whistleblower provided information to Congress warning that staffers for the Department of Government Efficiency violated federal data laws while building a "master database" of sensitive information across federal agencies.

CVE-2022-30642 | Adobe Illustrator up to 25.4.5/26.0.2 out-of-bounds write (apsb22-26 / Nessus ID 209472)

Vuldb Updates
1 year 1 month ago
A vulnerability, which was classified as critical, has been found in Adobe Illustrator up to 25.4.5/26.0.2. Affected by this issue is some unknown functionality. The manipulation leads to out-of-bounds write. This vulnerability is handled as CVE-2022-30642. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-30640 | Adobe Illustrator up to 25.4.5/26.0.2 out-of-bounds write (apsb22-26 / Nessus ID 209472)

Vuldb Updates
1 year 1 month ago
A vulnerability, which was classified as critical, was found in Adobe Illustrator up to 25.4.5/26.0.2. This affects an unknown part. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2022-30640. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-30639 | Adobe Illustrator up to 25.4.5/26.0.2 out-of-bounds write (apsb22-26 / Nessus ID 209472)

Vuldb Updates
1 year 1 month ago
A vulnerability has been found in Adobe Illustrator up to 25.4.5/26.0.2 and classified as critical. This vulnerability affects unknown code. The manipulation leads to out-of-bounds write. This vulnerability was named CVE-2022-30639. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-30643 | Adobe Illustrator up to 25.4.5/26.0.2 out-of-bounds write (apsb22-26 / Nessus ID 209472)

Vuldb Updates
1 year 1 month ago
A vulnerability was found in Adobe Illustrator up to 25.4.5/26.0.2 and classified as critical. This issue affects some unknown processing. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2022-30643. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Whistleblower: DOGE Siphoned NLRB Case Data

Krebs on Security
1 year 1 month ago
A security architect with the National Labor Relations Board (NLRB) alleges that employees from Elon Musk's Department of Government Efficiency (DOGE) transferred gigabytes of sensitive data from agency case files in early March, using short-lived accounts configured to leave few traces of network activity. The NLRB whistleblower said the unusual large data outflows coincided with multiple blocked login attempts from an Internet address in Russia that tried to use valid credentials for a newly-created DOGE user account.
BrianKrebs

朝鲜黑客利用 BlueKeep 漏洞入侵日韩关键系统

HackerNews
1 year 1 month ago
HackerNews 编译,转载请注明出处: 网络安全研究人员发现,朝鲜国家支持的黑客组织Kimsuky发起了新型恶意攻击,利用微软远程桌面服务(RDS)的BlueKeep漏洞(CVE-2019-0708)对日韩重点行业实施系统渗透。该行动被安实验室安全应急中心(ASEC)命名为Larva-24005。 韩国网络安全公司ASEC披露:“部分系统的初始入侵途径确认为RDP协议漏洞(BlueKeep,CVE-2019-0708)利用。尽管在受控系统发现RDP漏洞扫描工具,但尚未发现实际使用证据。” 技术漏洞分析: CVE-2019-0708(CVSS评分9.8)是远程桌面服务中的高危可蠕虫漏洞,允许未认证攻击者远程执行代码,进而安装任意程序、访问数据甚至创建具备完全权限的新账户。微软已于2019年5月发布补丁修复该漏洞,但攻击者仍需通过RDP协议向目标系统发送特制请求方可利用。 攻击链扩展分析: 除BlueKeep外,攻击者还采用钓鱼邮件作为第二入侵向量,利用Equation Editor漏洞(CVE-2017-11882,CVSS评分7.8)触发恶意负载。渗透成功后,攻击者部署名为MySpy的信息窃取器及RDPWrap工具,并修改系统配置开启RDP访问权限。 攻击终局阶段: 最终投放KimaLogger和RandomQuery等键盘记录器实施按键捕获。ASEC确认,自2023年10月以来,攻击活动主要针对韩国软件、能源及金融行业,日本同为重灾区。该组织其他已知目标国家包括美国、中国、德国等13国。 防御建议: 1、立即验证CVE-2019-0708补丁状态 2、强化RDP访问控制策略 3、部署邮件安全网关过滤恶意附件 4、监控异常RDP连接行为 5、定期审计系统日志寻找入侵痕迹 据MITRE ATT&CK框架分析,本次攻击活动涉及T1190(漏洞利用)、T1204(用户执行)、T1059(命令执行)等战术阶段,符合APT组织典型作战模式。目前相关IoC指标已纳入主流威胁情报平台。     消息来源:thehackernews; 本文由 HackerNews.cc 翻译整理,封面来源于网络;  转载请注明“转自 HackerNews.cc”并附上原文
hackernews

Managed ad