Search
Items tagged with: hack
#LLM Agents can Autonomously #Exploit One-day Vulnerabilities
Source: https://arxiv.org/abs/2404.08144
To show this, we collected a dataset of 15 one-day vulnerabilities that include ones categorized as critical severity in the #CVE description. When given the CVE description, GPT-4 is capable of exploiting 87% of these vulnerabilities compared to 0% for every other model we test (GPT-3.5, open-source LLMs) and open-source vulnerability scanners (ZAP and #Metasploit).
#ai #technology #Software #chatgpt #bug #hack #news #cybersecurity
LLM Agents can Autonomously Exploit One-day Vulnerabilities
LLMs have becoming increasingly powerful, both in their benign and malicious uses. With the increase in capabilities, researchers have been increasingly interested in their ability to exploit cybersecurity vulnerabilities.arXiv.org
A hacking #skimmer inside an #ATM machine
https://youtube.com/shorts/29Uc_7bGcRE
#hack #security #money #technology
A hacking skimmer inside an ATM machine #shorts
That's how you hackers crack your cards. Using this skimmer device. Watch the short to know more.#skimmer #hacking #sumsub #shorts Sumsub — empowering compli...YouTube
Well, at least the uni didn't try to minimize it:
"On or around November 28, 2023, Butler University’s third-party vendor, Athletic Trainer System ("ATS"), notified Butler University that an unknown actor gained access to ATS's computer systems in August 2020."
As part of steps taken in response, Butler writes: "Butler University is also reviewing the business necessity of sharing any sensitive data with third party vendors."
(SSN had been involved)
Butler University's notification letter sent to 1,871 people can be found linked from https://apps.web.maine.gov/online/aeviewer/ME/40/aebbc4f8-fbd7-4a2d-991b-f1ec97032e39.shtml
#EduSec #Vendor #infosec #hack #databreach
#XZ #Backdoor: Times, damned times, and scams
However, I believe that he is actually from somewhere in the UTC+02 (winter)/UTC+03 (DST) timezone, which includes Eastern Europe (EET), but also Israel (IST), and some others. Forging time zones would be easy — no need to do any math or delay any commits. He likely just changed his system time to Chinese time every time he committed.
source: https://rheaeve.substack.com/p/xz-backdoor-times-damned-times-and
#security #software #time #news #hack #linux #timezone
XZ Backdoor: Times, damned times, and scams
Some timezone observations on the recently discovered backdoor hidden in an xz tarball.Rhea (Rhea's Substack)