#alibaba

Apple Security Advisory 2023-03-27-7 - watchOS 9.4 addresses bypass, code execution, integer overflow, out of bounds read, and use-after-free vulnerabilities.

Apple Security Advisory 2023-03-27-4 - macOS Monterey 12.6.4 addresses bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which Cilium is running. As a consequence, network policies for that cluster might be bypassed, depending on the specific network policies enabled. This issue only manifests when Cilium is routing IPv6 traffic and NodePorts are used to route traffic to pods. IPv6 and endpoint routes are both disabled by default. The problem has been fixed and is available on versions 1.11.15, 1.12.8, and 1.13.1. As a workaround, disable IPv6 routing.

Using a risk-based approach to deal with policy violations and continuous compliance monitoring will help avoid data exposures and fines.

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.2.1. An app may be able to observe unprotected user data..

By Waqas Threat actors have hacked two data centers in Asia and accessed login credentials of top technology giants, including Apple, Uber, Microsoft, Samsung, Alibaba, etc., and leaked them on a hacker forum. This is a post from HackRead.com Read the original post: Login Details of Tech Giants Leaked in Two Data Center Hacks

By Waqas The primary target of this malware campaign is Chinese-speaking users in East and Southeast Asia. This is a post from HackRead.com Read the original post: Google Ads drop FatalRAT malware from fake messenger, browser apps

Apple Security Advisory 2023-02-13-2 - macOS Ventura 13.2.1 addresses code execution and use-after-free vulnerabilities.

Categories: News Tags: ChatGPT Tags: DAN Tags: Bing Chat Tags: Chinese Tags: large language model Tags: jailbreak Large language models like ChatGPT are now being tested by the public and, no surprise here, researchers are finding ways to jailbreak the systems (Read more...) The post Jailbreaking ChatGPT and other large language models while we can appeared first on Malwarebytes Labs.

Red Hat Security Advisory 2023-0569-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.2. Issues addressed include a denial of service vulnerability.