Security Leftovers and Windows TCO
-
Trail Of Bits ☛ Assessing the security posture of a widely used vision model: YOLOv7
We identified 11 security vulnerabilities in YOLOv7, a popular computer vision framework, that could enable attacks including remote code execution (RCE), denial of service, and model differentials (where an attacker can trigger a model to perform differently in different contexts).
-
Bruce Schneier ☛ New SSH Vulnerability [Ed: Twisting Severe Holes in Microsoft Windows as an "Open Source" Problem (Darkening Perceptions of SSH Security)]
This is interesting:
For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is being established.
The vulnerability occurs when there are errors during the signature generation that takes place when a client and server are establishing a connection. It affects only keys using the RSA cryptographic algorithm, which the researchers found in roughly a third of the SSH signatures they examined. That translates to roughly 1 billion signatures out of the 3.2 billion signatures examined. Of the roughly 1 billion RSA signatures, about one in a million exposed the private key of the host...
-
Disrupting IPFS phishing attacks
The InterPlanetary File System (IPFS) is a content-addressed peer-to-peer file sharing network from Protocol Labs being exploited by cybercriminals to host phishing sites and other malicious content. Often associated with the web 3.0 movement, it allows its users to upload, share, and download files across a distributed worldwide network.
Gateways make IPFS accessible to the broader public, allowing pages powered by IPFS to be visited in traditional web browsers and shared with potential victims. Netcraft first detected cyber attacks using IPFS in 2016, and now detects and blocks hundreds of attacks using IPFS gateways every day.
This blog post describes what IPFS is and how it works, how and why it is used by cybercriminals, and what Netcraft is doing to block and disrupt attacks that leverage the IPFS network.
-
QSB-097: "Reptar" defective chip maker Intel redundant prefix vulnerability
We have published Qubes Security Bulletin 097: “Reptar” defective chip maker Intel redundant prefix vulnerability. The text of this QSB and its accompanying cryptographic signatures are reproduced below. For an explanation of this announcement and instructions for authenticating this QSB, please see the end of this announcement.
-
Security Week ☛ SAP Patches Critical Vulnerability in Business One Product
SAP released a hotfix for a critical-severity improper access control vulnerability in Business One product installation.
-
Security Week ☛ CISA Outlines AI-Related Cybersecurity Efforts
CISA details its efforts to promote the use of Hey Hi (AI) in cybersecurity and guide critical infrastructure in adopting AI.
-
Windows TCO
-
Security Week ☛ Microsoft Patches Sensitive Information Disclosure Vulnerability in Microsoft trap Azure CLI
Microsoft provided guidance on an Microsoft trap Azure CLI bug leading to the exposure of sensitive information through Microsoft's proprietary prison GitHub Actions logs.
> -
Heather J Meeker ☛ GitHub Universe Panel–Getting to yes: What you need to greenlight Hey Hi (AI) tools at your company [Ed: Heather Meeker is once again boosting Microsoft and proprietary prison whose purpose is to attack Software Freedom]
This panel was a great experience. We talked about how to green-light Hey Hi (AI) in companies responsibly. Thanks to Microsoft's proprietary prison GitHub for putting it together!
-
Silicon Angle ☛ Report finds surge in new multipoint extortion ransomware groups
A new report released today by cybersecurity company WithSecure Oyj is warning of a surge in the emergence of new multipoint extortion ransomware groups in the first three quarters of 2023.
-