The video discusses the significant privacy concerns surrounding Microsoft’s new Recall feature. Here are the main points:
Privacy Concerns:Microsoft’s Recall feature takes screenshots of user activity on the PC every few seconds.These screenshots are stored and analyzed by Microsoft’s AI.The feature has been criticized for being invasive and posing a threat to user privacy.…Tag: EXPLOIT
Summary: This content discusses the proactive approach taken by Protect AI to identify and address security risks in AI systems, specifically focusing on vulnerabilities in the tools used to build machine learning models in the OSS AI/ML supply chain.
Threat Actor: N/A
Victim: N/A
Key Point :
Protect AI’s huntr is the world’s first AI/ML bug bounty program, where a community of 15,000+ members hunts for vulnerabilities in the OSS AI/ML supply chain.…Summary: This article discusses a potential breach at AI company Hugging Face, where attackers may have gained unauthorized access to secrets stored in their Spaces platform.
Threat Actor: Unknown | Hugging Face Victim: Hugging Face | Hugging Face
Key Points:
Hugging Face disclosed a potential breach where attackers may have accessed secrets stored in their Spaces platform.…Summary: Researchers have discovered a new method of manipulating machine learning models by injecting malicious code into the serialization process, specifically targeting the “pickling” process used to store Python objects in bytecode.
Threat Actor: Unknown | Unknown Victim: Machine learning models | Machine learning models
Key Point :
Researchers have found that Pickle files, which are commonly used to package and distribute machine learning models, can be exploited by attackers to inject malicious bytecode into ML programs.…The Hi-Tech Crime Trends report by Group-IB highlights a growing cybercriminal focus on Apple devices due to their increasing popularity. This shift has led to a rise in malware targeting iOS and macOS, with the App Store becoming a frequent target for distributing malware. The introduction of third-party app stores under the EU’s Digital Markets Act is expected to further exploit this trend.…
Hackers often attack online banking platforms, e-commerce portals, and payment systems for illicit purposes.
Resecurity researchers have recently revealed that the Smishing Triad group has launched a fresh smishing campaign targeting Pakistani mobile users.
The gang members send harmful messages pretending to be Pakistan Post via iMessage and SMS in an attempt to steal personal and financial information.…
On May 7, 2024, Devcore Principal Security Researcher Orange Tsai discovered and reported a critical Remote Code Execution (RCE) vulnerability, CVE-2024-4577, to the PHP official team. This vulnerability stems from errors in character encoding conversions, particularly affecting the “Best Fit” feature on Windows operating systems. …
Summary: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three known exploited vulnerabilities to its catalog, including an Android Pixel Privilege Escalation Vulnerability, a Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability, and a Progress Telerik Report Server Authentication Bypass by Spoofing Vulnerability.…
Summary: A proof-of-concept exploit has been released for a critical Veeam Recovery Orchestrator authentication bypass vulnerability, increasing the risk of exploitation in attacks.
Threat Actor: Sina Kheirkha | Sina Kheirkha Victim: Veeam Recovery Orchestrator | Veeam Recovery Orchestrator
Key Point :
A proof-of-concept exploit has been developed by security researcher Sina Kheirkha for the CVE-2024-29855 vulnerability in Veeam Recovery Orchestrator.…This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime.
This blog is based on our presentation at Botconf 2024. It can be viewed here.
IntroductionSince 2022, we have been investigating numerous targeted attacks in the Asia-Pacific region that used the same ELF backdoor.…
Devcore announced a critical remote code execution (RCE) vulnerability in PHP, designated CVE-2024-4577. This flaw affects all PHP versions from 5.x onward running on Windows servers, making it a significant concern due to PHP’s widespread use. This vulnerability stems from mishandling character encoding conversions, particularly affecting systems using certain code pages for languages like Chinese or Japanese.…
Note: Volexity has reported the activity described in this blog and details of the impacted systems to CERT at the National Informatics Centre (NIC) in India.
In 2024, Volexity identified a cyber-espionage campaign undertaken by a suspected Pakistan-based threat actor that Volexity currently tracks under the alias UTA0137.…
Summary: US government contractors providing software for critical infrastructure must fill out a form asserting that their software followed secure-by-design principles and that each component was under their scrutiny in the form of software bills of material (SBOMs).
Threat Actor: N/A
Victim: US government contractors providing software for critical infrastructure.…
Security teams spend a lot of time chasing software vulnerabilities. The fact is, however, that their time would be better spent combating malware because the payoff is better: faster detection, response, and resolution of threats.…
Written by: Kristen Dennesen, Luke McNamara, Dmitrij Lenz, Adam Weidemann, Aline Bueno
Individuals and organizations in Brazil face a unique cyber threat landscape because it is a complex interplay of global and local threats, posing significant risks to individuals, organizations, and critical sectors of Brazilian society.…
Summary: The content discusses the potential exploitation of a recently patched Windows vulnerability by the threat actor behind the Black Basta ransomware.
Threat Actor: Black Basta ransomware | Black Basta ransomware Victim: Not specified
Key Point :
The Black Basta ransomware group may have used a recently patched Windows vulnerability as a zero-day exploit.…Summary: UwU Lend, a decentralized finance (DeFi) protocol, has been targeted by a hacker who stole nearly $20 million worth of ETH. The company has made an offer to the hacker and is awaiting a response.
Threat Actor: Hacker | Hacker Victim: UwU Lend | UwU Lend
Key Point:
The hacker targeted UwU Lend, a DeFi protocol, and stole approximately $20 million worth of ETH.…Summary: JetBrains has warned its customers to patch a critical vulnerability in its IntelliJ integrated development environment (IDE) apps, which exposes GitHub access tokens.
Threat Actor: N/A
Victim: JetBrains
Key Point :
JetBrains has issued security updates to address a critical vulnerability in its IntelliJ IDE apps.…Summary: Microsoft’s June 2024 Patch Tuesday includes security updates for 51 flaws, including 18 remote code execution flaws and one publicly disclosed zero-day vulnerability.
Threat Actor: None identified.
Victim: None identified.
Key Points:
This Patch Tuesday addresses a total of 51 flaws, including 18 remote code execution vulnerabilities.…Summary: This article discusses the discovery of 24 vulnerabilities in a biometric access system manufactured by a Chinese company, highlighting the potential security risks associated with biometrics.
Threat Actor: N/A Victim: N/A
Key Point :
A biometric access system manufactured by a Chinese company was found to have 24 vulnerabilities, raising concerns about the security of biometric authentication.…