Efficient Unlearning with Privacy Guarantees

Privacy protection laws, such as the GDPR, grant individuals the right to request the forgetting of their personal data not only from databases but also from machine learning ML models trained on them. Machine unlearning has emerged as a practical means to facilitate model forgetting of data...

Universal Jailbreak Suffixes Are Strong Attention Hijackers

We study suffix-based jailbreaks$\unicodex2013$a powerful family of attacks against large language models LLMs that optimize adversarial suffixes to circumvent safety alignment. Focusing on the widely used foundational GCG attack Zou et al., 2023, we observe that suffixes vary in efficacy: some...

Wireshark Analyzer 4.4.7

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. Thi...

I2P 2.9.0

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version...

Zeek 7.0.8

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek ha...

Zeek 7.0.7

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek ha...

Wazuh 4.12.0

Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...

An LLM-Based Self-Evolving Security Framework for 6G Space-Air-Ground Integrated Networks

Recently emerged 6G space-air-ground integrated networks SAGINs, which integrate satellites, aerial networks, and terrestrial communications, offer ubiquitous coverage for various mobile applications. However, the highly dynamic, open, and heterogeneous nature of SAGINs poses severe security...

Wireshark Analyzer 4.4.6

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. Thi...

Security Bulletin: Hardware failure diagnostic information can include customer data fragments in SAN Volume Controller and Storwize Family (CVE-2013-6737)

Summary Security Bulletin: Hardware failure diagnostic information can include customer data fragments in SAN Volume Controller and Storwize Family CVE-2013-6737 Vulnerability Details Security Bulletin --- Summary --- Hardware failure diagnostics for a 1691 error include customer data fragments...

Security Bulletin: Multiple vulnerabilities in GNU C library (glibc) affects IBM SONAS

Summary IBM SONAS is shipped with GNU glibc, for which a fix is available for a security vulnerability. Vulnerability Details A GNU C library denial of service vulnerability affects IBM SONAS. CVEID: CVE-2017-15804 DESCRIPTION: GNU C Library aka glibc or libc6 is vulnerable to a buffer overflow,...

Security Bulletin: RPM vulnerability issue on IBM SONAS (CVE-2013-6435)

Summary A fix is available for IBM SONAS, for the security issue that an attacker could execute arbitrary code on the system by exploiting a vulnerability in RPM Vulnerability Details CVEID: CVE-2013-6435 DESCRIPTION: RPM Package Manager RPM is a package management system. It is used in IBM SONAS...

Security Bulletin: Samba vulnerability issue on IBM SONAS (CVE-2015-0240)

Summary A fix is available for IBM SONAS, for the security issue that an attacker could execute arbitrary code on the system by exploiting a vulnerability in Samba Vulnerability Details IBM SONAS includes a version of Samba that is vulnerable to an unexpected code execution vulnerability in the...

Security Bulletin: Samba vulnerability issue on IBM Storwize V7000 Unified (CVE-2015-0240)

Summary A fix is available for IBM Storwize V7000 Unified, for the security issue that an attacker could execute arbitrary code on the system by exploiting a vulnerability in Samba Vulnerability Details CVEID: CVE-2015-0240 DESCRIPTION: Samba is used in IBM Storwize V7000 Unified to enable file...

Security Bulletin: IBM SONAS Administrator password can be read by the root user from the shell command history (CVE-2014-3045)

Summary A fix is available for IBM SONAS, for the security issue that after changing password of administrative user, the password can be read by the root user from the shell command history. Vulnerability Details CVEID: CVE-2014-3045 DESCRIPTION: One of the purposes of chuser command is to modif...

Expert: IoT Botnets the Work of a ‘Vast Minority’

In December 2017, the U.S. Department of Justice announced indictments and guilty pleas by three men in the United States responsible for creating and using Mirai, a malware strain that enslaves poorly-secured "Internet of Things" or IoT devices like security cameras and digital video recorders f...

Sierra Wireless Warns Cellular Data Gear Targeted by Mirai Malware

Sierra Wireless is warning customers to change default factory credentials on its AireLink gatway communications gear or risk being infected by Mirai malware. Mirai malware scans the Internet for IoT gear such as DVRs and IP-enabled cameras and other devices that are protected by default or...

This $10 Device Can Clone RFID-equipped Access Cards Easily

Are you the one who simply punch your wallet against a reader to get into your office? Then surely your office is using Radio-Frequency Identification RFID cards to manage building access and security. However, these most common access control systems are incredibly easy to hack — and now more th...

Q&A: Evercookie Creator Samy Kamkar

Samy Kamkar has been making quite a bit of noise lately, beginning with his release of the Evercookie earlier this month and continuing with his talk at the SecTor conference this week on novel methods for stealing users’ cookies without any browser bugs. In this interview, he discusses both of...

Sun jre1.6.0_X - isInstalled.dnsResolve Function Overflow

Sun jre1.6.0X isInstalled.dnsResolve function overflow PoC Bug founded and code released by Yag Kohha. Greetz to: Shinnai, Str0ke var b = 'XXXX'; while b.length milw0rm.com 2007-09-19...