231 matches found
MAL-2023-515 Malicious code in idgit-conventional-commitsentity-obj-proxy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e21720cf9a4946dccc8cfaf2aeecb605fa378ec130a4c251054a6867ebd163ff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Best practices for AI security risk management
Today, we are releasing an AI security risk assessment framework as a step to empower organizations to reliably audit, track, and improve the security of the AI systems. In addition, we are providing new updates to Counterfit, our open-source tool to simplify assessing the security posture of AI...
Was This Poker Player's Luck Too Good to Be True?
On this week’s Get WIRED podcast, features editor Mark Robinson talks to writer Brendan Koerner about an unconventional poker player and the woman who called him out...
action-tracker (>=0.1.1 <=1.2.1), aye-spy (>=1.2.0 <=2.2.3) +12 more potentially affected by CVE-2020-4059 via mversion (>=1.12.0 <=1.13.0)
mversion NPM version =1.12.0, =0.1.1, =1.2.0, =1.0.0, =1.0.0, =0.0.0, =0.1.7, =2.4.18, =1.0.0, =1.1.1, =0.0.0, =0.1.0, =1.0.0 Source cves: CVE-2020-4059 Source advisory: OSV:GHSA-QJG4-W4C6-F6C6...
Future Cyberwar
A report for the Center for Strategic and International Studies looks at surprise and war. One of the report's cyberwar scenarios is particularly compelling. It doesn't just map cyber onto today's tactics, but completely reimagines future tactics that include a cyber component quote starts on pag...
conventional-changelog-semf-config (=1.0.4) potentially affected by CVE-2018-3785 via git-dummy-commit (=1.3.0)
git-dummy-commit NPM version =1.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on git-dummy-commit and may be impacted: - conventional-changelog-semf-config =1.0.4 Source cves: CVE-2018-3785 Source advisory: OSV:GHSA-H3C2-X77C-7PVR...
DNS zone transfer exploit and repair notes-vulnerability warning-the black bar safety net
A, title: DNS zone transfer exploit and fix Second, the DNS transfer of the domain use 2.1 using BT5 tool to get DNS information cd /pentest/enumeration/dns/dnsenum ./ dnsenum.pl --enum domain.com you can omit the--enum,here alert note: the host name and the field name to distinguish) Field Name...
Study Examines Security and Privacy in Computer-Related Medical Device Recalls
Nearly one-third of all recalled medical devices contain computers, and half of those are recalled because of computer-related problems, according to a recent study. ‘Security and Privacy Qualities of Medical Devices: An Analysis of FDA Postmarket Surveillance’ was funded by the Department of...
Report says : US considered cyber war on Libya
Report says : US considered cyber war on Libya Officials in the US Obama administration considered compromising Libya's government computer networks to block early-warning data gathering and missile launches on NATO war planes during the American-led strikes, but decided against it, according to...
Video Presentation on Stuxnet by Hungry Beast
Video Presentation on Stuxnet by Hungry Beast In June last year, a computer virus called Stuxnet was discovered lurking in the data banks of power plants, traffic control systems and factories around the world. Pandora's box has been opened; on the new battlefield the aggressors are anonymous, th...
Clarity needed on cyberwar plans, study says
From The New York Times John Markoff and John Shanker A study conducted by the National Academy of Sciences found that the United States military needs to create an open, public dalogue to clarify its plans around using offensive weapons in cyberspace. The study also recommends that the military...