Cybersecurity enthusiast | Fan of digital privacy | Dad | Partaker of the 2022 Twitter migration
Thoughts and opinions are not my own, but rather the result of careful programming and manipulation by my overlords. Resistance is futile.
| https://www.linkedin.com/in/anderskahlke/ |
We are so lucky that the regreSSHion vulnerability (CVE-2024-6387) is a race condition vuln and not an instant exploitation. Imagine having the Crowdstrike incident and low complexity SSH vulnerability in the same month.
Currently doing a risk assessment of our companies use of GenAI and a thought popped up around the integrity of output data that has been "altered" due to bias filters.
Consider a scenario where we're analyzing communications or documents with racist or sexual undertones as part of a legal investigation or something similar.
Could the AI's bias filters, designed to avoid generating or interacting with offensive content, inadvertently omit or alter crucial parts of these datasets?
Im curious to hear if this is a legitimate concern and if there are any way of checking if the output given by the models have been "altered" due to bias filters.
I want to do a write up on interesting unconventional c2 channels. Right now i have: Google Calender, Twitter, Pinterest. Image Providers (Imgflig).
Does anyone have examples of others? Doesn't have to be exploited in the wild.
Check Point Research has reported a significant change in the malware landscape. NJRat, a Remote Access Trojan (RAT) known for targeting Middle Eastern government agencies, has become the second most common malware. At the same time, a new mal-spam campaign has been discovered, spreading #AgentTesla through email attachments that pretend to be legitimate order and shipment documents. πΎπ§ #Malware #Cybersecurity
AgentTesla, now the sixth most frequently used malware, is particularly dangerous. It can capture keystrokes, clipboard data, and send unauthorized data to a Command & Control server. The education sector is the most targeted by these cyber threats. Additionally, the report highlights the "Zyxel ZyWALL Command Injection (CVE-2023-28771)" as the most exploited vulnerability, affecting 42% of organizations worldwide. π»π #AgentTesla #CyberThreats #Vulnerability
It's crucial for businesses to stay vigilant, especially as we approach the busy shopping season. Be cautious of cybercriminals' sophisticated tactics, such as impersonating brands and sending malicious email attachments. ποΈπ« #Cybersecurity #Phishing
Source: Blog By Check Point Team
Listening to Dark Synthwave while doing GRC work to make me feel like i am actually the hacker-type-person that i wish i was.
Song: https://open.spotify.com/track/7oxnK2wg8qFv8EXyyxKDJ4?si=b59bcf1b5f284a69
Vendors really out here saying "Security is our number one priority" and then charging big bucks for a core security requirement like SSO.
"SSO-integration" marketed as a tiered feature and not as a basic requirement should honestly be a red flag (when it comes to spending).
This might be one of the most creative channels for c2 traffic i have seen. Using Google Calender Event descriptions.
Github link: https://github.com/MrSaighnal/GCR-Google-Calendar-RAT
Google Calendar RAT is a PoC of Command&Control over Google Calendar Events - GitHub - MrSaighnal/GCR-Google-Calendar-RAT: Google Calendar RAT is a PoC of Command&Control over Google Calend...
I think we need a "slow software" movement.
We can look to slow food, Cittaslow (slow city), and other slow efforts.
We need to look "Generative AI" squarely in the eye, and runβnot walkβthe opposite direction.
We need to teach and advocate for software development practices which are *intentionally* easy to learn and require minimal maintenance.
We need best practices which encourage methodical longevity over quick band-aid fixes.
We need to put artistry over capital.
Will you join me?
π‘ 
β
Molly White
Jared White (ResistanceNet β)