Researchers – Page 5 – OWASP Jakarta

Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines

Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines Security researchers have disclosed almost a dozen security flaws impacting the GE HealthCare Vivid Ultrasound product family that could be exploited by malicious actors to tamper with patient data and even install ransomware under certain circumstances. “The impacts enabled by Read more…

By adminowasp, 1 year ago

News

Researchers Uncover 'LLMjacking' Scheme Targeting Cloud-Hosted AI Models

Researchers Uncover 'LLMjacking' Scheme Targeting Cloud-Hosted AI Models Cybersecurity researchers have discovered a novel attack that employs stolen cloud credentials to target cloud-hosted large language model (LLM) services with the goal of selling access to other threat actors. The attack technique has been codenamed LLMjacking by the Sysdig Threat Research Team. “Once initial access Read more…

By adminowasp, 1 year ago

News

Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike

Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike Cybersecurity researchers have discovered an ongoing attack campaign that’s leveraging phishing emails to deliver malware called SSLoad. The campaign, codenamed FROZEN#SHADOW by Securonix, also involves the deployment of Cobalt Strike and the ConnectWise ScreenConnect remote desktop software. “SSLoad is designed to stealthily infiltrate systems, gather sensitive Read more…

By adminowasp, 1 year ago

News

Researchers Uncover Windows Flaws Granting Hackers Rootkit-Like Powers

Researchers Uncover Windows Flaws Granting Hackers Rootkit-Like Powers New research has found that the DOS-to-NT path conversion process could be exploited by threat actors to achieve rootkit-like capabilities to conceal and impersonate files, directories, and processes. “When a user executes a function that has a path argument in Windows, the Read more…

By adminowasp, 1 year ago

News

Congratulations to the Top MSRC 2024 Q1 Security Researchers! | MSRC Blog

Congratulations to the Top MSRC 2024 Q1 Security Researchers! | MSRC Blog Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2024 Q1 Security Researcher Read more…

By adminowasp, 1 yearApril 18, 2024 ago

News

Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover

Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover Details have been made public about a now-patched high-severity flaw in Kubernetes that could allow a malicious attacker to achieve remote code execution with elevated privileges under specific circumstances. “The vulnerability allows remote code execution with SYSTEM privileges on all Windows Read more…

By adminowasp, 1 year ago

News

Researchers Highlight Google's Gemini AI Susceptibility to LLM Threats

Researchers Highlight Google's Gemini AI Susceptibility to LLM Threats Google’s Gemini large language model (LLM) is susceptible to security threats that could cause it to divulge system prompts, generate harmful content, and carry out indirect injection attacks. The findings come from HiddenLayer, which said the issues impact consumers using Gemini Advanced with Read more…

By adminowasp, 1 year ago

News

Researchers Detail Apple's Recent Zero-Click Shortcuts Vulnerability

Researchers Detail Apple's Recent Zero-Click Shortcuts Vulnerability Details have emerged about a now-patched high-severity security flaw in Apple’s Shortcuts app that could permit a shortcut to access sensitive information on the device without users’ consent. The vulnerability, tracked as CVE-2024-23204 (CVSS score: 7.5), was addressed by Apple on January 22, 2024, with Read more…

By adminowasp, 1 year ago

News

Researchers Decode the Latest Evasion Methods

Researchers Decode the Latest Evasion Methods Feb 08, 2024NewsroomEndpoint Security / Cyber Threat The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as the malware continues to be increasingly used by other threat actors to deliver additional payloads and tooling. “The malware developer Read more…

By adminowasp, 1 year ago

News

Congratulations to the Top MSRC 2023 Q4 Security Researchers! | MSRC Blog

Congratulations to the Top MSRC 2023 Q4 Security Researchers! | MSRC Blog Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2023 Q4 Security Researcher Read more…

By adminowasp, 1 yearJanuary 30, 2024 ago