Tag
#microsoft
Researchers warn that polymorphic malware created with ChatGPT and other LLMs will force a reinvention of security automation.
Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
Using a risk-based approach to deal with policy violations and continuous compliance monitoring will help avoid data exposures and fines.
High-profile government entities in Southeast Asia are the target of a cyber espionage campaign undertaken by a Chinese threat actor known as Sharp Panda since late last year. The intrusions are characterized by the use of a new version of the Soul modular framework, marking a departure from the group's attack chains observed in 2021. Israeli cybersecurity company Check Point said the "
Cisco’s acquisition of cloud-native firewall provider Valtix and HPE’s deal to buy SSE provider Axis Security fill gaps in their existing portfolios.
By Waqas An old version of the Shein app was found to be accessing and copying clipboard content on Android devices before being detected and reported by Microsoft to Google. This is a post from HackRead.com Read the original post: Microsoft Found Shein App Copying Clipboard Content on Android Phones
Ubuntu Security Notice 5927-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 5924-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.
More than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity may result in massive leaks of proprietary information.