Aggregator

CISA says the Medusa ransomware operation has impacted over 300 organizations in critical infrastructure sectors in the United States until last month. [...]

Currently trending CVE - Hype Score: 1 - Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network.

Currently trending CVE - Hype Score: 10 - Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

QUADCOIL упрощает проектирование магнитов, ускоряя разработку стеллараторов.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds six Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Below are the descriptions of these flaws that Microsoft addressed with the release of Microsoft Patch Tuesday security updates for […]

Critical cyber threats targeting hospitality and recreation: ransomware, phishing, impersonation, and cryptocurrency risks.

Browser Isolation Protects Access Points as Remote Work Expands Attack Surface
With 92% of organizations supporting remote connectivity and phishing attacks surging to record levels, browser-based security has become essential for zero trust frameworks to protect against malware, ransomware and credential theft.

AI-Enabled Security Offers Continuous Monitoring for Distributed Enterprise Apps
As cybercriminals increasingly use AI for sophisticated attacks against cloud workloads, organizations must implement zero trust principles with continuous policy enforcement and proactive threat management to protect mission-critical applications.

Juniper Networks Urges Immediate Updating and Malware Scans to Block Attackers
Hackers have been infecting outdated Juniper MX routers with backdoor malware as part of an apparent cyberespionage campaign that traces to a Chinese-affiliated hacking team tracked as UNC 3886, warned Google's Mandiant incident response group.

Tested on Three OpenAI Models, 'Minja' Has High Injection and Attack Rates
A memory injection attack dubbed Minja turns AI chatbots into unwitting agents of misinformation, requiring no hacking and just a little clever prompting. The exploit allows attackers to poison an AI model's memory with deceptive information, potentially altering its responses for all users.

Author/Presenter: Ross Bevington

Our thanks to Bsides Exeter, and the Presenters/Authors for publishing their timely Bsides Exeter Conference content. All brought to you via the organizations YouTube channel.

via Friend of the Blog Trey Blalock at Verification Labs.com

Permalink

The post BSides Exeter 2024 – Purple Track – Turning The Tables: Using Cyber Deception To Hunt Phishers At Scale appeared first on Security Boulevard.