research

SSH vulnerability exploitable in Terrapin attacks (CVE-2023-48795)

cryptographic attack, Don't miss, Hot stuff, News, OpenSSH, research, SSH, SUSE, vulnerability /

SSH vulnerability exploitable in Terrapin attacks (CVE-2023-48795) 19/12/2023 at 13:18 By Zeljka Zorz Security researchers have discovered a vulnerability (CVE-2023-48795) in the SSH cryptographic network protocol that could allow an attacker to downgrade the connection’s security by truncating the extension negotiation message. The Terrapin attack Terrapin is a prefix truncation attack targeting the SSH protocol. […]

React to this headline:

Loading spinner

SSH vulnerability exploitable in Terrapin attacks (CVE-2023-48795) Read More »

“Pool Party” process injection techniques evade EDRs

CrowdStrike, Cybereason, Don't miss, Endpoint Security, Hot stuff, Microsoft, News, Palo Alto Networks, PoC, research, SafeBreach, SentinelOne, threat detection, XDR /

“Pool Party” process injection techniques evade EDRs 12/12/2023 at 14:01 By Zeljka Zorz SafeBreach researchers have discovered eight new process injection techniques that can be used to covertly execute malicious code on Windows systems. Dubbed “Pool Party” because they (ab)use Windows thread pools, these process injection techniques work across all processes and, according to the

React to this headline:

Loading spinner

“Pool Party” process injection techniques evade EDRs Read More »

Many popular websites still cling to password creation policies from 1985

authentication, Don't miss, Hot stuff, News, passwords, policy, research, trends /

Many popular websites still cling to password creation policies from 1985 12/12/2023 at 09:01 By Helga Labus A significant number of popular websites still allow users to choose weak or even single-character passwords, researchers at Georgia Institute of Technology have found. Websites’ lax creation policies for passwords The researchers used an automated account creation method

React to this headline:

Loading spinner

Many popular websites still cling to password creation policies from 1985 Read More »

Changpeng Zhao’s next move could involve decentralized science

Binance, Changpeng Zhao, Health, research, science, World Health Organization /

Changpeng Zhao’s next move could involve decentralized science 07/12/2023 at 17:02 By Cointelegraph by Robert D. Knight Decentralized science, or DeSci, aims to apply decentralized business models to medical research. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:

React to this headline:

Loading spinner

Changpeng Zhao’s next move could involve decentralized science Read More »

Researchers automated jailbreaking of LLMs with other LLMs

Artificial Intelligence, attack, Don't miss, Hot stuff, machine learning, News, research, Robust Intelligence, Yale University /

Researchers automated jailbreaking of LLMs with other LLMs 07/12/2023 at 13:47 By Zeljka Zorz AI security researchers from Robust Intelligence and Yale University have designed a machine learning technique that can speedily jailbreak large language models (LLMs) in an automated fashion. “The method, known as the Tree of Attacks with Pruning (TAP), can be used

React to this headline:

Loading spinner

Researchers automated jailbreaking of LLMs with other LLMs Read More »

Open-source AV/EDR bypassing lab for training and learning

cybersecurity, GitHub, News, open source, research, skill development, software /

Open-source AV/EDR bypassing lab for training and learning 22/11/2023 at 07:31 By Mirko Zorz Best EDR Of The Market is a user-mode endpoint detection and response (EDR) project designed to serve as a testing ground for understanding and bypassing EDR’s user-mode detection methods. These techniques are mainly based on a dynamic analysis of the target

React to this headline:

Loading spinner

Open-source AV/EDR bypassing lab for training and learning Read More »

Turkish Lira becomes top crypto trading pair on Binance in Sept 2023

Binance, research, trading, Turkey /

Turkish Lira becomes top crypto trading pair on Binance in Sept 2023 10/11/2023 at 12:02 By Cointelegraph By Arijit Sarkar Turkish Lira accounted for 75% of all fiat volume in early September, which can be tied to the recent influx of crypto investors in the Turkish market. This article is an excerpt from Cointelegraph.com News

React to this headline:

Loading spinner

Turkish Lira becomes top crypto trading pair on Binance in Sept 2023 Read More »

Open-source vulnerability disclosure: Exploitable weak spots

Aqua Security, cybercriminals, Don't miss, Hot stuff, News, open source, research, vulnerability disclosure /

Open-source vulnerability disclosure: Exploitable weak spots 09/11/2023 at 15:17 By Zeljka Zorz Flaws in the vulnerability disclosure process of open-source projects could be exploited by attackers to harvest the information needed to launch attacks before patches are made available, Aqua Security researchers worry. The risk arises from “half-day” and “0.75-day” vulnerabilities “Half-day” vulnerabilities are known

React to this headline:

Loading spinner

Open-source vulnerability disclosure: Exploitable weak spots Read More »

UK to invest 300M pounds in 2 AI supercomputers; Harris presses for AI safety

research, Supercomputer, UK Government, United Kingdom /

UK to invest 300M pounds in 2 AI supercomputers; Harris presses for AI safety 02/11/2023 at 13:02 By Cointelegraph By Savannah Fortis The U.K. says the investments will help its local scientific talent have the tools they need to ensure that the most advanced AI models are up to safety standards. This article is an

React to this headline:

Loading spinner

UK to invest 300M pounds in 2 AI supercomputers; Harris presses for AI safety Read More »

Apple news: iLeakage attack, MAC address leakage bug

apple, attack, data theft, Don't miss, Hot stuff, iOS, iPad, macOS, Mysk, News, Privacy, research, vulnerability /

Apple news: iLeakage attack, MAC address leakage bug 27/10/2023 at 12:31 By Zeljka Zorz On Wednesday, Apple released security updates for all supported branches of iOS and iPadOS, macOS, tvOS, watchOS and Safari. This time around, the updates did not garner as much attention as when they deliver a zero-day fix, though it has to

React to this headline:

Loading spinner

Apple news: iLeakage attack, MAC address leakage bug Read More »

DeSci-focused DAO community funds cancer research

community, Consensus, dao, Medicine, research /

DeSci-focused DAO community funds cancer research 17/10/2023 at 14:02 By Cointelegraph By Arijit Sarkar VitaDAO community agreed to fund an early-stage cancer research through the launch of a biotech company named Matrix Biosciences. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:

React to this headline:

Loading spinner

DeSci-focused DAO community funds cancer research Read More »

Network Flight Simulator: Open-source adversary simulation tool

AlphaSOC, cybersecurity, Don't miss, GitHub, News, research, software /

Network Flight Simulator: Open-source adversary simulation tool 27/09/2023 at 06:31 By Mirko Zorz Network Flight Simulator is a lightweight utility that generates malicious network traffic and helps security teams evaluate security controls and network visibility. The tool performs tests to simulate DNS tunneling, DGA traffic, requests to known active C2 destinations, and other suspicious traffic

React to this headline:

Loading spinner

Network Flight Simulator: Open-source adversary simulation tool Read More »

Water & Music’s Cherie Hu says Web3 and AI will revolutionize creativity: The Agenda

AI, blockchain, ChatGPT, Cointelegraph, concert ticketing, content creation, Crypto, Intellectual Property, Metaverse, Music, music industry, NFTs, research, Web3 /

Water & Music’s Cherie Hu says Web3 and AI will revolutionize creativity: The Agenda 20/09/2023 at 16:02 By Cointelegraph By Ray Salmond Water & Music founder Cherie Hu explains how technology is evolving the music industry — but is it to the benefit of musicians? This article is an excerpt from Cointelegraph.com News View Original

React to this headline:

Loading spinner

Water & Music’s Cherie Hu says Web3 and AI will revolutionize creativity: The Agenda Read More »

Apple offers security researchers specialized iPhones to tinker with

apple, bug bounty, bug hunting, Don't miss, Hot stuff, iOS, News, research /

Apple offers security researchers specialized iPhones to tinker with 31/08/2023 at 13:05 By Helga Labus Apple is inviting security researchers to apply for the Apple Security Research Device Program (SRDP) again, to discover vulnerabilities and earn bug bounties. Apple started the Apple SRDP in 2019. In the intervening years, participating researchers have identified 130 security-critical

React to this headline:

Loading spinner

Apple offers security researchers specialized iPhones to tinker with Read More »

Almost all VPNs are vulnerable to traffic-leaking TunnelCrack attacks

attack, Cisco, Cloudflare, Data leak, Don't miss, Hot stuff, Malwarebytes, Mozilla, News, NordVPN, Privacy, research, VPN, vulnerability /

Almost all VPNs are vulnerable to traffic-leaking TunnelCrack attacks 14/08/2023 at 16:47 By Zeljka Zorz Several vulnerabilities that affect most VPN products out there can be exploited by attackers to read user traffic, steal user information, or even attack user devices, researchers have discovered. “Our attacks are not computationally expensive, meaning anyone with the appropriate

React to this headline:

Loading spinner

Almost all VPNs are vulnerable to traffic-leaking TunnelCrack attacks Read More »

North Korean hackers breached Russian missile development firm

backdoor, cyber espionage, Don't miss, Hot stuff, News, North Korea, research, Russian Federation, SentinelOne /

North Korean hackers breached Russian missile development firm 08/08/2023 at 16:46 By Helga Labus North Korean state-sponsored hackers have breached Russian missile maker NPO Mashinostroyeniya, according to SentinelLabs researchers. North Korean hackers discovered The researchers came across leaked email communication between NPO Mashinostroyeniya’s IT staff that contained information about a possible cyber intrusion first detected

React to this headline:

Loading spinner

North Korean hackers breached Russian missile development firm Read More »

Keystroke sounds can betray passwords

cyberattack, Don't miss, Hot stuff, keyboard, machine learning, News, research /

Keystroke sounds can betray passwords 07/08/2023 at 15:48 By Helga Labus Researchers from several UK universities have proven that the recorded sounds of laptop keystrokes can be used to obtain sensitive user data such as passwords with a high accuracy. Sounds of keystrokes can reveal passwords, other sensitive data Side-channel attacks (SCAs) are carried out

React to this headline:

Loading spinner

Keystroke sounds can betray passwords Read More »

Attackers can turn AWS SSM agents into remote access trojans

AWS, cloud computing, cloud security, Don't miss, enterprise, Hot stuff, Mitiga, News, Remote Access Trojan, research /

Attackers can turn AWS SSM agents into remote access trojans 02/08/2023 at 16:02 By Zeljka Zorz Mitiga researchers have documented a new post-exploitation technique attackers can use to gain persistent remote access to AWS Elastic Compute Cloud (EC2) instances (virtual servers), as well as to non-EC2 machines (e.g., on-premises enterprise servers and virtual machines, and

React to this headline:

Loading spinner

Attackers can turn AWS SSM agents into remote access trojans Read More »

US companies commit to safe, transparent AI development

Abnormal Security, Artificial Intelligence, Cado Security, Don't miss, generative AI, Government, Hot stuff, News, research, Risk Management, USA /

US companies commit to safe, transparent AI development 24/07/2023 at 16:30 By Helga Labus Seven US artificial intelligence (AI) giants – Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI – have publicly committed to “help move toward safe, secure, and transparent development of AI technology.” The commitments “Companies that are developing these emerging technologies have

React to this headline:

Loading spinner

US companies commit to safe, transparent AI development Read More »

ChatGPT shows promise in detecting phishing sites

Artificial Intelligence, ChatGPT, Don't miss, Hot stuff, Kaspersky, News, NTT Security, phishing, research /

ChatGPT shows promise in detecting phishing sites 22/06/2023 at 08:24 By Helga Labus ChatGPT can be used to generate phishing sites, but could it also be used to reliably detect them? Security researchers have tried to answer that question. Can ChatGPT detect phishing sites based on URLs? Kaspersky researchers tested 5,265 (2322 phishing and 2943

React to this headline:

Loading spinner

ChatGPT shows promise in detecting phishing sites Read More »

Scroll to Top