Resecurity traps cybercrim in honeypot • The Register - “In our scenario, our goal was to allow the threat actor to conduct activity and feed them with synthetic data to observe their attack path and infrastructure,” the Resecurity team wrote. It Worked.
Stalkerware maker pleads guilty to sale of snooping software • The Register - Fleming is due to be sentenced later this year, when he’ll be facing up to 15 years in prison, a fine of $250,000, forfeiture of all property that was involved in the offense, and additional penalties.
IBM’s AI agent Bob easily duped to run malware: Researchers • The Register - “For IBM Bob, we were able to bypass several defense mechanisms - ultimately, the ‘human in the loop’ approval function only ends up validating an allow-listed safe command, when in reality more sensitive commands were being run (that were not on the allow-list),” explained Shankar Krishnan, managing director at PromptArmor, in an email to The Register.
OpenAI patches déjà vu prompt injection vuln in ChatGPT • The Register - ShadowLeak is an indirect prompt injection attack that relies on AI models’ inability to distinguish between system instructions and untrusted content.
Critical n8n bug allows unauthenticated server takeover • The Register - By abusing a so-called “Content-Type Confusion” issue, an attacker can manipulate HTTP headers to overwrite internal variables used by the application. That, in turn, allows them to read arbitrary files from the underlying system and escalate the attack to full remote code execution.
North Korea turns QR codes into phishing weapons • The Register - The emails themselves don’t look especially sinister – a phony event invite here, a request for comment on a policy paper there – but scan the QR code and you’re dumped into an attacker-controlled portal.
Should the UK cyber resilience bill cover the public sector? • The Register - “If the government is going to hold itself to standards equivalent to those set out in the bill, then it has nothing to fear from being included in the bill since, by definition, it will be compliant.”
Meta admits to Instagram password reset mess, denies leaks • The Register - We fixed an issue that let an external party request password reset emails for some people. There was no breach of our systems and your Instagram accounts are secure. You can ignore those emails — sorry for any confusion.”
Latest BreachForums reboot spills data on 325K users • The Register -
Mandiant plugs Salesforce leaks with open source tool • The Register - aura-inspector is a Swiss Army knife of Salesforce Experience Cloud testing. It facilitates in discovering misconfigured Salesforce Experience Cloud applications as well as automates much of the testing process. Some of it’s functionality includes:
Signal creator Moxie Marlinspike wants to do for AI what he did for messaging - Ars Technica - Data and conversations originating from users and the resulting responses from the LLMs are encrypted in a trusted execution environment (TEE) that prevents even server administrators from peeking at or tampering with them.