Category: Cyber Attacks

Artificial intelligence (AI) and machine learning have become integral parts of our daily lives. From virtual assistants to recommender systems, AI is powering many of the services and applications we use every day. However, as the use of AI grows, so do concerns about its security vulnerabilities. The OWASP team has published its first version of OWASP Top 10 for LLM, especially for AI applications powered by LLMs. One such concern is that of adversarial attacks. Adversarial attacks aim to fool AI systems by supplying deceptively modified inputs. This can cause the AI to misclassify or misinterpret the perturbed input. For instance, adding some nearly imperceptible noise to an image can make an AI system misclassify it completely. Defending against such attacks is critical for building robust and trustworthy AI systems. This is where adversarial training comes into…

Sagi Tzadik, Shir Tamari from Wiz disclosed two easy-to-exploit local privilege escalation vulnerabilities in the OverlayFS module of the Ubuntu Linux Kernel. These two vulnerabilities assigned with the identifiers CVE-2023-2640 and CVE-2023-32629 could be severe than it appears as no configuration changes are needed to exploit these vulnerabilities. These issues are unique, although they look similar to the two-year-old Overlayfs vulnerability (CVE-2021-3493).  Let’s dive deep into the issue and understand how these vulnerabilities are unique, although they share the same functionality in terms of exploitation. Before going to the technical details, it’s good to know about the OverlayFS that has existed since 2009 as part of the Linux Kernel. What is OverlayFS and How Does it Work? OverlayFS is a union mount filesystem implementation for Linux that allows combining multiple directories and mount points…

Product Security Incident Response Teams (PSIRTs) play a crucial role in addressing security vulnerabilities and incidents that affect a company’s products and services. These dedicated, globally-coordinated teams expertly manage the receipt, investigation, and public reporting of security vulnerabilities, ensuring that both internal and external stakeholders are informed about the current risk landscape and equipped to mitigate potential threats to their systems. Often working in tandem with development teams, PSIRTs are responsible for assisting in all security-related aspects of a company’s product lifecycle. This includes but is not limited to, identifying vulnerabilities in supported products, implementing mitigation strategies, and disclosing information to the public in a responsible and transparent manner. A key aspect of this process is the assignment of Common Vulnerabilities and Exposure (CVE) identifiers, which allows for easier tracking…

Product Security Incident Response Teams (PSIRTs) play a crucial role in addressing security vulnerabilities and incidents that affect a company’s products and services. These dedicated, globally-coordinated teams expertly manage the receipt, investigation, and public reporting of security vulnerabilities, ensuring that both internal and external stakeholders are informed about the current risk landscape and equipped to mitigate potential threats to their systems. Often working in tandem with development teams, PSIRTs are responsible for assisting in all security-related aspects of a company’s product lifecycle. This includes but is not limited to, identifying vulnerabilities in supported products, implementing mitigation strategies, and disclosing information to the public in a responsible and transparent manner. A key aspect of this process is the assignment of Common Vulnerabilities and Exposure (CVE) identifiers, which allows for easier tracking…

You might have heard these words many times, “Data is the new Oil” or “Data is the new Gold.” Everybody is behind the data. You might have seen several times that big companies like Facebook, Twitter, Google, and many others companies being sued on data stealing charges. The globe is so mad about the data that it led to the creation of more than 4k broking firms in the globe. According to research Data broker’s market has grown to the worth of $200 billion annually. These lucrative numbers have made the birth of information-stealing software, in other words, information-stealing malware. We will explore one such information-stealing malware, which is quite popular these days, Mystic Stealer Malware. Mystic Stealer is a relatively new information-stealing malware that can cause significant damage to its victims. First advertised in…