Microsoft’s AI Can Be Turned Into an Automated Phishing Machine

Attacks on Microsoft’s Copilot AI allow for answers to be manipulated, data extracted, and security protections bypassed, new research shows.

Security Latest – ​Read More

Microsoft on CISOs: Thriving Community Means Stronger Security

Microsoft execs detailed the company’s reaction to the CrowdStrike incident and emphasized the value of a collective identity.

darkreading – ​Read More

How to Weaponize Microsoft Copilot for Cyberattackers

At Black Hat USA, security researcher Michael Bargury released a “LOLCopilot” ethical hacking module to demonstrate how attackers can exploit Microsoft Copilot — and offered advice for defensive tooling.

darkreading – ​Read More

‘0.0.0.0 Day’ Flaw Puts Chrome, Firefox, Mozilla Browsers at RCE Risk

Attackers can use a seemingly innocuous IP address to exploit localhost APIs to conduct a range of malicious activity, including unauthorized access to user data and the delivery of malware.

darkreading – ​Read More

Black Hat USA 2024: Chip Flaw ‘GhostWrite’ Steals Data from CPU Memory

Black Hat USA 2024: Critical RISC-V CPU vulnerability discovered. Dubbed GhostWrite; attackers can exploit this flaw to steal…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug

CrowdStrike dismissed claims that the Falcon EDR sensor bug could be exploited for privilege escalation or remote code execution.

The post CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug appeared first on SecurityWeek.

SecurityWeek – ​Read More

LG unleashes South Korea’s first open-source AI, challenging global tech giants

LG launches Exaone 3.0, South Korea’s first open-source AI model, challenging global tech giants and reshaping the AI landscape with improved efficiency and multilingual capabilities.Read More

Security News | VentureBeat – ​Read More

University Professors Targeted by North Korean Cyber Espionage Group

The North Korea-linked threat actor known as Kimsuky has been linked to a new set of attacks targeting university staff, researchers, and professors for intelligence gathering purposes.
Cybersecurity firm Resilience said it identified the activity in late July 2024 after it observed an operation security (OPSEC) error made by the hackers.
Kimsuky, also known by the names APT43, ARCHIPELAGO,

The Hacker News – ​Read More

Anthropic offers $15,000 bounties to hackers in push for AI safety

Anthropic launches expanded AI bug bounty program, offering up to $15,000 for critical vulnerabilities in its AI systems, setting new standards for AI safety and transparency.Read More

Security News | VentureBeat – ​Read More

Black Hat USA 2024: AWS ‘Bucket Monopoly’ Flaw Led to Account Takeover

Black Hat USA 2024 is up and running at full pace as critical AWS vulnerabilities are exposed! Learn…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More