Aggregator
Cyberbro: Open-source tool extracts IoCs and checks their reputation
Cyberbro is an open-source application that extracts IoCs from garbage input and checks their reputation using multiple services. Cyberbro features Input handling: Paste raw logs, IoCs, or fanged IoCs, and let the regex parser do the rest. Multi-service reputation checks: Verify observables (IP, hash, domain, URL) across multiple services like VirusTotal, AbuseIPDB, IPInfo, Spur.us, IP Quality score, MDE, Google Safe Browsing, Shodan, Abusix, Phishtank, ThreatFox, Github, Google. Detailed reports: Generate reports with advanced search and … More →
The post Cyberbro: Open-source tool extracts IoCs and checks their reputation appeared first on Help Net Security.
Solving NIST Password Complexities: Guidance From a GRC Perspective
Last Week in Security (LWiS) - 2025-01-06
关于汽车数据处理4项安全要求检测情况的通报(第二批)
关于汽车数据处理4项安全要求检测情况的通报(第二批)
AI Domination: Remote Controlling ChatGPT ZombAI Instances
At Black Hat Europe I did a fun presentation titled SpAIware and More: Advanced Prompt Injection Exploits. Without diving into the details of the entire talk, the key point I was making is that prompt injection can impact all aspects of the CIA security triad.
However, there is one part that I want to highlight explicitly:
A Command and Control system (C2) that uses prompt injection to remote control ChatGPT instances.
Remote Controlling ChatGPT Instances!An adversary can compromise ChatGPT instances and have them join a central Command and Control system which provides updated instructions for all the remote controlled ChatGPT instances to follow over-time.
Open source worldwide: Critical maintenance gaps exposed
Lineaje recently released a report identifying the US and Russia as the leading generators of open-source projects, with both countries also having the highest numbers of anonymous open-source contributions. In this Help Net Security video, Nick Mistry, SVP and CISO of Lineaje, discusses where the deepest layers of open-source software component dependencies originate from and their critical vulnerabilities. The report revealed that regardless of geographic origin, the average mid-size application has several disturbing trends leading … More →
The post Open source worldwide: Critical maintenance gaps exposed appeared first on Help Net Security.
PacketCrypt Classic Cryptocurrency Miner on PHP Servers, (Tue, Jan 7th)
Zythum Re-Review (Sinclair ZX Spectrum)
Исторический шаг Ирана: отменен запрет на WhatsApp и Google Play
ICLR 2025 Workshop 征稿:推动基础模型的开源、开放、可复现
ICLR 2025 Workshop 征稿:推动基础模型的开源、开放、可复现
Moxa 设备严重漏洞将工业网络暴露在攻击中
安全公司Tenable插件更新有bug,全球Nessus 代理皆宕机
安全公司Tenable插件更新有bug,全球Nessus 代理皆宕机
Moxa 设备严重漏洞将工业网络暴露在攻击中
2024 年,卖的最好的车,为什么是它?
2024 年,卖的最好的车,为什么是它?
How AI and deepfakes are redefining social engineering threats
This article presents key insights from 2024 reports on the rise of phishing attacks, focusing on how advancements in AI and deepfake technology are making social engineering tactics more sophisticated. Cybercriminals exploit file sharing services to advance phishing attacks Examining data collected between June 2023 and June 2024, Abnormal saw file-sharing phishing volume more than triple, increasing 350% over the year. The majority of these attacks were sophisticated in nature, with 60% exploiting legitimate domains, … More →
The post How AI and deepfakes are redefining social engineering threats appeared first on Help Net Security.