253 matches found
EUVD-2013-6025
Malware in sbrugna...
EUVD-2012-6132
Malware in sbrugna...
A Cybersecurity AI Agent Selection and Decision Support Framework
This paper presents a novel, structured decision support framework that systematically aligns diverse artificial intelligence AI agent architectures, reactive, cognitive, hybrid, and learning, with the comprehensive National Institute of Standards and Technology NIST Cybersecurity Framework CSF...
Digital Sovereignty Control Framework for Military AI-Based Cyber Security
In today's evolving threat landscape, ensuring digital sovereignty has become mandatory for military organizations, especially given their increased development and investment in AI-driven cyber security solutions. To this end, a multi-angled framework is proposed in this article in order to defi...
CIA+TA Risk Assessment for AI Reasoning Vulnerabilities
As AI systems increasingly influence critical decisions, they face threats that exploit reasoning mechanisms rather than technical infrastructure. We present a framework for cognitive cybersecurity, a systematic protection of AI reasoning processes from adversarial manipulation. Our contributions...
WatchWitch: Interoperability, Privacy, and Autonomy for the Apple Watch
Smartwatches such as the Apple Watch collect vast amounts of intimate health and fitness data as we wear them. Users have little choice regarding how this data is processed: The Apple Watch can only be used with Apple's iPhones, using their software and their cloud services. We are the first to...
CVE-2024-53009 Improper Validation of Array Index in Automotive Autonomy
Memory corruption while operating the mailbox in Automotive...
On the Virtues of Information Security in the UK Climate Movement
We report on an ethnographic study with members of the climate movement in the United Kingdom UK. We conducted participant observation and interviews at protests and in various activist settings. Reporting on the findings as they relate to information security, we show that members of the UK...
Securing Generative AI Agentic Workflows: Risks, Mitigation, and a Proposed Firewall Architecture
Generative Artificial Intelligence GenAI presents significant advancements but also introduces novel security challenges, particularly within agentic workflows where AI agents operate autonomously. These risks escalate in multi-agent systems due to increased interaction complexity. This paper...
A Unified Framework for Human AI Collaboration in Security Operations Centers with Trusted Autonomy
This article presents a structured framework for Human-AI collaboration in Security Operations Centers SOCs, integrating AI autonomy, trust calibration, and Human-in-the-loop decision making. Existing frameworks in SOCs often focus narrowly on automation, lacking systematic structures to manage...
Preventing Adversarial AI Attacks against Autonomous Situational Awareness: a Maritime Case Study
Adversarial artificial intelligence AI attacks pose a significant threat to autonomous transportation, such as maritime vessels, that rely on AI components. Malicious actors can exploit these systems to deceive and manipulate AI-driven operations. This paper addresses three critical research...
CVE-2012-6349
Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W...
CVE-2024-43063 Buffer Over-read in Automotive Autonomy
information disclosure while invoking the mailbox read API...
CVE-2024-43063
Technical details about CVE-2024-43063 are not publicly available in the provided documents. Monitor for updates from vendors and security bulletins.
CVE-2024-43063 Buffer Over-read in Automotive Autonomy
information disclosure while invoking the mailbox read API...
CVE-2024-23366 Buffer Over-read in Automotive Autonomy
Information Disclosure while invoking the mailbox write API when message received from user is larger than mailbox size...
CVE-2024-23366 Buffer Over-read in Automotive Autonomy
Information Disclosure while invoking the mailbox write API when message received from user is larger than mailbox size...
CVE-2024-23366
CVE-2024-23366 affects Qualcomm chipset mailbox handling. The issue is an information disclosure in the mailbox write API when a message from a user exceeds the mailbox size, potentially exposing data due to improper handling of oversized input. Ironically, the vulnerability is scoped to local ac...
Think You're Secure? 49% of Enterprises Underestimate SaaS Risks
It may come as a surprise to learn that 34% of security practitioners are in the dark about how many SaaS applications are deployed in their organizations. And it's no wonder—the recent AppOmni 2024 State of SaaS Security Report reveals that only 15% of organizations centralize SaaS security with...
SOA VS MICROSERVICES – What’s the difference?
Unraveling the Code Landscape: Exploring SOA and Microservices Seamlessly The shifting sands of software development have elevated two pivotal architecture designs to influential pedestals: The Service-Oriented Architecture SOA and Microservices. Understanding their distinct characteristics,...