netsec

homesweethomeMrL OP , in Microsoft left internal passwords exposed in latest security blunder

Microsoft was notified about the vulnerability on February 6th, and locked it down by March 5th.

I just . . . It . . . they . . .

gravitas_deficiency , in XZ-actly What You Need (CVE 2024-3094): Detecting Exploitation with Oligo

I get the distaste for marketing decks, but this does provide a demo to show how their tech actually successfully detects active usage of the xz exploit, which is kinda interesting.

optissima , in IBIS hotel check-in terminal keypad-code leakage

IBS terminal leakage is the worst.

devilish666 , in Mind the Patch Gap: Exploiting an io_uring Vulnerability in Ubuntu - Exodus Intelligence

I never know that Linux can be hacked, although you need extra work for that since the security is high

Heavybell , in GitHub - TracecatHQ/tracecat: 😼 The AI-native, open source alternative to Tines / Splunk SOAR.
@Heavybell@lemmy.world avatar

So what does "AI-native" mean, exactly?

Shivering6658 , in GitHub - ZephrFish/ChunkyIngress: Chunking Text Ingress

Upvote because powershell

acetanilide , in Bluetooth vulnerability allows unauthorized user to record and play audio on Bluetooth speaker without user awareness

Could this happen with bluetooth enabled hearing aids? I think mine are still discoverable when connected.

9point6 , in Side-Channel Attack on Apple M1 Chip Prefetcher (GoFetch)

Potentially exploitable on all M-series chips

Big oof. Are we going to see spectre/meltdown-like performance nerfing to mitigate this I wonder

snekerpimp , in Bluetooth vulnerability allows unauthorized user to record and play audio on Bluetooth speaker without user awareness

I have had this happen to me, driving down the road and had my radio just start playing someone else’s music. Get further down the road and it stops as sudden as it started. Wonder if this was the culprit?

Anamana ,

If you had the radio on, then there is also the possibility they just used an FM-Transmitter to send audio signals from their smartphone to their car radio and you were on the same frequency.

snekerpimp ,

Should have clarified, listening to my Bluetooth car stereo connected to my phone. Shouldn’t have used antiquated language.

Anamana ,

Ah oki, maybe it was a friend of yours passing by then ;)

wreckedcarzz , in Bluetooth vulnerability allows unauthorized user to record and play audio on Bluetooth speaker without user awareness
@wreckedcarzz@lemmy.world avatar

play audio [...] without user awareness

Does this vulnerability also make the user deaf, orrrrr...?

elshandra ,

Just skate over the "record and" there.

Steamymoomilk ,
@Steamymoomilk@sh.itjust.works avatar

starts blasting dmc's its tricky

keefshape , in Open Source - Terminal based AI Powered Ethical Hacking Assistant.

Sou died like a neat idea. I clicked the link, greeted with

First i would like to thank the All-Mighty God who is the source of all knowledge, without Him, this would not be possible.

Closed the link.

finickydesert , in Oauth implementation flaws allow access to private repos via ChatGPT plugins
@finickydesert@lemmy.ml avatar

I guess my Fizzbuzz repo is now compromised

warmaster , in Introducing WebTunnel | Tor Project

So, is this like Cloudflare Tunnels ?

SzethFriendOfNimi , in Decoding ScamClub’s Malicious VAST Attack

Misread that as ScamSchool at first and I was like what did Brian Bushwood do?

Jean_Lurk_Picard , in Behind the doors of a Chinese hacking company, a sordid culture fuelled by influence, alcohol and sex
@Jean_Lurk_Picard@lemmy.world avatar

Great article.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • test
  • netsec@lemmy.world
  • worldmews
  • mews
  • All magazines
    •