At Black Hat USA, security researcher Michael Bargury released a “LOLCopilot” ethical hacking module to demonstrate how attackers can exploit Microsoft Copilot — and offered advice for defensive tooling.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-08 19:06:422024-08-08 19:06:42How to Weaponize Microsoft Copilot for Cyberattackers
Attackers can use a seemingly innocuous IP address to exploit localhost APIs to conduct a range of malicious activity, including unauthorized access to user data and the delivery of malware.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-08 18:06:412024-08-08 18:06:41Black Hat USA 2024: Chip Flaw ‘GhostWrite’ Steals Data from CPU Memory
LG launches Exaone 3.0, South Korea’s first open-source AI model, challenging global tech giants and reshaping the AI landscape with improved efficiency and multilingual capabilities.Read More
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-08 17:06:462024-08-08 17:06:46LG unleashes South Korea’s first open-source AI, challenging global tech giants
The North Korea-linked threat actor known as Kimsuky has been linked to a new set of attacks targeting university staff, researchers, and professors for intelligence gathering purposes.
Cybersecurity firm Resilience said it identified the activity in late July 2024 after it observed an operation security (OPSEC) error made by the hackers.
Kimsuky, also known by the names APT43, ARCHIPELAGO,
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-08 17:06:462024-08-08 17:06:46University Professors Targeted by North Korean Cyber Espionage Group
Anthropic launches expanded AI bug bounty program, offering up to $15,000 for critical vulnerabilities in its AI systems, setting new standards for AI safety and transparency.Read More
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-08 16:06:352024-08-08 16:06:35Anthropic offers $15,000 bounties to hackers in push for AI safety
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-08 16:06:352024-08-08 16:06:35Black Hat USA 2024: AWS ‘Bucket Monopoly’ Flaw Led to Account Takeover
Cybersecurity researchers have discovered a new “0.0.0.0 Day” impacting all major web browsers that malicious websites could take advantage of to breach local networks.
The critical vulnerability “exposes a fundamental flaw in how browsers handle network requests, potentially granting malicious actors access to sensitive services running on local devices,” Oligo Security researcher Avi Lumelsky
The Smishing Triad network sends up to 100,000 scam texts per day globally. One of those messages went to Grant Smith, who infiltrated their systems and exposed them to US authorities.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-08 15:07:472024-08-08 15:07:47USPS Text Scammers Duped His Wife, So He Hacked Their Operation
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
How to Weaponize Microsoft Copilot for Cyberattackers
/in General NewsAt Black Hat USA, security researcher Michael Bargury released a “LOLCopilot” ethical hacking module to demonstrate how attackers can exploit Microsoft Copilot — and offered advice for defensive tooling.
darkreading – Read More
‘0.0.0.0 Day’ Flaw Puts Chrome, Firefox, Mozilla Browsers at RCE Risk
/in General NewsAttackers can use a seemingly innocuous IP address to exploit localhost APIs to conduct a range of malicious activity, including unauthorized access to user data and the delivery of malware.
darkreading – Read More
Black Hat USA 2024: Chip Flaw ‘GhostWrite’ Steals Data from CPU Memory
/in General NewsBlack Hat USA 2024: Critical RISC-V CPU vulnerability discovered. Dubbed GhostWrite; attackers can exploit this flaw to steal…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug
/in General NewsCrowdStrike dismissed claims that the Falcon EDR sensor bug could be exploited for privilege escalation or remote code execution.
The post CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug appeared first on SecurityWeek.
SecurityWeek – Read More
LG unleashes South Korea’s first open-source AI, challenging global tech giants
/in General NewsLG launches Exaone 3.0, South Korea’s first open-source AI model, challenging global tech giants and reshaping the AI landscape with improved efficiency and multilingual capabilities.Read More
Security News | VentureBeat – Read More
University Professors Targeted by North Korean Cyber Espionage Group
/in General NewsThe North Korea-linked threat actor known as Kimsuky has been linked to a new set of attacks targeting university staff, researchers, and professors for intelligence gathering purposes.
Cybersecurity firm Resilience said it identified the activity in late July 2024 after it observed an operation security (OPSEC) error made by the hackers.
Kimsuky, also known by the names APT43, ARCHIPELAGO,
The Hacker News – Read More
Anthropic offers $15,000 bounties to hackers in push for AI safety
/in General NewsAnthropic launches expanded AI bug bounty program, offering up to $15,000 for critical vulnerabilities in its AI systems, setting new standards for AI safety and transparency.Read More
Security News | VentureBeat – Read More
Black Hat USA 2024: AWS ‘Bucket Monopoly’ Flaw Led to Account Takeover
/in General NewsBlack Hat USA 2024 is up and running at full pace as critical AWS vulnerabilities are exposed! Learn…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices
/in General NewsCybersecurity researchers have discovered a new “0.0.0.0 Day” impacting all major web browsers that malicious websites could take advantage of to breach local networks.
The critical vulnerability “exposes a fundamental flaw in how browsers handle network requests, potentially granting malicious actors access to sensitive services running on local devices,” Oligo Security researcher Avi Lumelsky
The Hacker News – Read More
USPS Text Scammers Duped His Wife, So He Hacked Their Operation
/in General NewsThe Smishing Triad network sends up to 100,000 scam texts per day globally. One of those messages went to Grant Smith, who infiltrated their systems and exposed them to US authorities.
Security Latest – Read More