67 matches found
The Hidden Risks of LLM-Generated Web Application Code: a Security-Centric Evaluation of Code Generation Capabilities in Large Language Models
The rapid advancement of Large Language Models LLMs has enhanced software development processes, minimizing the time and effort required for coding and enhancing developer productivity. However, despite their potential benefits, code generated by LLMs has been shown to generate insecure code in...
Evaluating Organization Security: User Stories of European Union NIS2 Directive
The NIS2 directive requires EU Member States to ensure a consistently high level of cybersecurity by setting risk-management measures for essential and important entities. Evaluations are necessary to assess whether the required security level is met. This involves understanding the needs and goa...
Secure Transfer Learning: Training Clean Models against Backdoor in (Both) Pre-Trained Encoders and Downstream Datasets
Transfer learning from pre-trained encoders has become essential in modern machine learning, enabling efficient model adaptation across diverse tasks. However, this combination of pre-training and downstream adaptation creates an expanded attack surface, exposing models to sophisticated backdoor...
CVE-2021-47649
In the Linux kernel, the following vulnerability has been resolved: udmabuf: validate ubuf-pagecount Syzbot has reported GPF in sgallocappendtablefrompages. The problem was in ubuf-pages == ZEROPTR. ubuf-pagecount is calculated from arguments passed from user-space. If user creates udmabuf with...
CVE-2024-44240
creationtimestamp| type| source ---|---|--- 2024-10-28 23:42:09+00:00| seen| https://t.me/cvedetector/9203 2024-10-31 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1442/ 2025-01-09 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-016/ 2025-01-09...
CVE-2024-4889 Code Injection in berriai/litellm
A code injection vulnerability exists in the berriai/litellm application, version 1.34.6, due to the use of unvalidated input in the eval function within the secret management system. This vulnerability requires a valid Google KMS configuration file to be exploitable. Specifically, by setting the...
RUSTSEC-2023-0018 Race Condition Enabling Link Following and Time-of-check Time-of-use (TOCTOU)
The removedirall crate is a Rust library that offers additional features over the Rust standard library fs::removedirall function. It was possible to trick a privileged process doing a recursive delete in an attacker controlled directory into deleting privileged files, on all operating systems. F...
Secure your business like you secure your home: 5 steps to protect against cybercrime
Running a business requires a lot of determination and sometimes a leap of faith. Every day brings a new challenge, and many times it can feel like the stress and uncertainty are too much. That’s when you remind yourself why you took the leap—the satisfaction of realizing your own vision—and you...
Evaluating the Security of an Enterprise IoT Deployment at Domino's Pizza
Recently, I had a great opportunity to work with Domino's Pizza to evaluate an internally conceived Internet of Things IoT-based business solution they had designed and deployed throughout their US store locations. The goal of this research project was to understand the security implications arou...
Measure the effectiveness of your Microsoft security with AttackIQ
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. To improve an organization’s cybersecurity readiness, you need to test that your detection and prevention technologies work as intended and that your security program is performing a...
Webinar and eBook: The Dark Side of EDR. Are You Prepared?
Endpoint Detection and Response EDR platforms have received incredible attention as the platform for security teams. Whether you're evaluating an EDR for the first time or looking to replace your EDR, as an information security professional, you need to be aware of the gaps prior already to...
Why MITRE ATT&CK matters—Choosing alert quality over quantity
Round 3 Carbanak/FIN7 results evaluation Last month, the researchers at MITRE Engenuity released the results of their most recent ATT&CK Evaluation, offering businesses an opportunity to make informed choices about their own security needs. This year, by modeling the ATT&CK testing after attack...
Open Source Does Not Equal Secure
Way back in 1999, I wrote about open-source software: First, simply publishing the code does not automatically mean that people will examine it for security flaws. Security researchers are fickle and busy people. They do not have the time to examine every piece of source code that is published. S...
Invoke-APT29: Adversarial Threat Emulation
MITRE recently conducted its second ATT&CK exercise in their ongoing annual series of Endpoint Security Efficacy testing and evaluation. This test focuses on assessing the behavioral capabilities of multiple endpoint security vendors against a simulated adversary, based closely around...
CORStest - A Simple CORS Misconfiguration Scanner
A simple CORSmisconfiguration scanner Based on theresearch of James Kettle CORStest is a quick & dirty Python 2 tool to find Cross-Origin Resource Sharing CORS misconfigurations. It takes a text file as input which may contain a list of domain names or URLs. Currently, the following potential...
Leaky Amazon S3 Buckets Expose Data of Netflix, TD Bank
Three publicly-accessible cloud storage buckets from data management company Attunity leaked more than a terabyte of data from its top Fortune 100 customers – including internal business documents, system passwords, sensitive employee information. Israel-based Attunity, which was acquired by Qlik...
Announcing the Microsoft Graph Security Hackathon winners
Bringing together information from multiple disconnected security systems to solve today’s security challenges is complex. We recently asked Microsoft Graph Security Hackathon participants to come up with innovative solutions using the Microsoft Graph Security API, and they did not disappoint. We...
Drobo NAS Multiple Vulnerabilities in DroboAccess
Drobo NAS are prone to multiple vulnerabilities in DroboAccess. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free softwar...
On the Security of Password Managers
There's new research on the security of password managers, specifically 1Password, Dashlane, KeePass, and Lastpass. This work specifically looks at password leakage on the host computer. That is, does the password manager accidentally leave plaintext copies of the password lying around memory? Al...
Magescan - Scan A Magento Site For Information
The idea behind this is to evaluate the quality and security of a Magento site you don't have access to. The scenario when you're interviewing a potential developer or vetting a new client and want to have an idea of what you're getting into. Installation .phar Download the magescan.phar file fro...