vulnerabilities

Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities – Go Health Pro

by
Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities – Go Health Pro

Dec 11, 2024Ravie LakshmananVulnerability / Network Security Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution. The list of vulnerabilities is as follows – CVE-2024-11639 (CVSS score: 10.0) – An authentication bypass vulnerability in the … Read more

ML clients, ‘safe’ model formats exploitable through open-source AI vulnerabilities – Go Health Pro

by
ML clients, ‘safe’ model formats exploitable through open-source AI vulnerabilities – Go Health Pro

Several open-source machine learning (ML) tools contain vulnerabilities that can lead to client-side malicious code execution or path traversal even when loading “safe” model formats, JFrog researchers revealed Wednesday. The four flaws are among 22 total vulnerabilities the JFrog Security Research team have discovered among 15 different ML projects over the past few months. In … Read more

Google’s AI-powered fuzzing tool discovers 26 new vulnerabilities – Go Health Pro

by
Google’s AI-powered fuzzing tool discovers 26 new vulnerabilities – Go Health Pro

Google’s OSS-Fuzz tool, now enhanced with AI capabilities, has discovered 26 new vulnerabilities in open-source projects, including a long-overlooked flaw in the vital OpenSSL library. OSS-Fuzz is a Google-developed fuzzing system that the company has been using to continuously test hundreds of open-source projects since 2016. In August 2023, Google first announced it was working … Read more

Cyber Attack Exposes Supply Chain Vulnerabilities – Go Health Pro

by
Cyber Attack Exposes Supply Chain Vulnerabilities – Go Health Pro

A recent cyber attack targeting telematics provider Microlise has highlighted critical vulnerabilities in supply chain security, disrupting tracking services for prominent clients such as DHL and Serco and exposing limited employee data. The breach, disclosed on October 31, led to a significant 16% drop in Microlise’s stock value and raised concerns about the broader implications … Read more

AIs Discovering Vulnerabilities – Schneier on Security – Go Health Pro

by
AIs Discovering Vulnerabilities – Schneier on Security – Go Health Pro

AIs Discovering Vulnerabilities I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning, AIs finding zero-days in the wild, and everything in between. The AIs aren’t very good at it yet, but they’re getting better. Here’s some … Read more

x