Decryptedtech Decryptedtech Decryptedtech Decryptedtech
  • Home
  • Articles
    • News
    • Security Talk
    • Game Thoughts
    • Editorials
    • Shows and Events
    • Leaks and Rumors
    • My Ramblings
    • In Other News
    • Bits, Bytes, and Bourbon
  • Consulting
    • Security Consulting
    • Why Us
    • Services
  • Privacy Policy
  • Archived Items
    • Reviews
      • Enthusiast Gear
        • Motherboards
        • CPUs
        • GPUs
        • Audio
        • Storage and Networking
        • Entusiast Peripherals
      • Pro Gear
        • Motherboards
        • Memory
        • Storage and Networking
      • Consumer Gear
        • Motherboards
        • Audio
        • Storage and Networking
        • Consumer Peripherals
      • Home Theater
      • Mobile Computing
      • Tech Unplugged
      • Gadgets
      • Systems
        • Pro Systems
      • Software and Games
        • Consumer Software
        • Games
      • Peripherals
      • Power and Cooling
  • Bits, Bytes, and Bourbon Store

News

News

The Barracuda Zero Day Flaw Shows Us Why Mean Time to Remediation Matters

On May 19th 2023 Barracuda disclosed that there was a critical vulnerability in their Email Security Gateway appliances. This vulnerability is tracked under CVE-2023-2868 and is listed as a remote command injection vulnerability. The flaw is present in software versions 5.1.3.001 up to 9.2.0.006 for the ESG appliances only. As this was disclosed as a Zero-Day vulnerability there was an accelerated patch release schedules with the first patches made available on May 20th.

Details
By Sean Kalinich
Sean Kalinich
May 31
Hits: 1105
  • Hacking
  • Security
  • Malware
  • Vulnerabilities
  • Patching
  • Vulnerability Management
  • barracuda
  • risk and exposure
  • cve20232868

Read more: The Barracuda Zero Day Flaw Shows Us Why Mean...

No comments on “The Barracuda Zero Day Flaw Shows Us Why Mean Time to Remediation Matters”
News

Microsoft Talks about Now-Patched SIP bypass Bug in macOS

Apple’s System Integrity Protocol (SIP) has been something of a mix bag when it comes to security. It is a great feature from a raw and basic security viewpoint, but the same feature also has created challenges for the installation of third-party anti-malware and other security tools since its launch. All that aside, Microsoft, of all people, has shared details on a vulnerability that can be used by attackers to completely bypass the protections that SIP is supposed to offer.

Details
By Sean Kalinich
Sean Kalinich
May 31
Hits: 1212
  • Apple
  • Security
  • SIP
  • Vulnerabilities
  • Vulnerability Management
  • macos
  • system integrity protection

Read more: Microsoft Talks about Now-Patched SIP bypass Bug...

No comments on “Microsoft Talks about Now-Patched SIP bypass Bug in macOS”
News

the Google Way to Break Encryption in RCS by Forcing AI

Google has been very interested in pushing new standards for messaging, Rich Communication Services. RCS started in 2007 as a new way to make “texting” more functional and complete. This included things like read receipts, response indictors (typing icon) and more. It was a way to make standard android messaging services on par with apps like Signal, WhatsApp, and Telegram. In and of itself it is a great feature and one that enhances standard SMS and MMS functionality. Along the journey Google and others started to add encryption (end-to-end) as a way of protecting the message content (which was a core component of RCS).

Details
By Sean Kalinich
Sean Kalinich
May 30
Hits: 922

Read more: the Google Way to Break Encryption in RCS by...

No comments on “the Google Way to Break Encryption in RCS by Forcing AI”
News

Google’s New Zip Domains Can be Easily Abused for Phishing and Malware Payloads

This one will get filed in the “you knew it was going to happen” file. After the announcement of a few new top-level domains (TLDs) including .zip and .mov by Google the security world silently shook its head. The concept of using file extensions as TLDs is one that defies logic. As soon as I read about these new domains, I knew someone was going to create phishing or malware attacks with URLs that look like common file names. These attacks can leverage modern web design to make a target think they are using an application to run or open the file when they are really executing commands in the background to compromise their systems. Lo and behold! We now have file archiver in the browser as shown off by mr.d0x.

Details
By Sean Kalinich
Sean Kalinich
May 30
Hits: 1074
  • Google
  • Hacking
  • Security
  • Malware
  • Phishing
  • tld
  • top level domain
  • zip
  • ,mov

Read more: Google’s New Zip Domains Can be Easily Abused...

No comments on “Google’s New Zip Domains Can be Easily Abused for Phishing and Malware Payloads”
News

Indirect Prompt Injection Attacks, The least Acknowledged Flaw in AI Today

Wait, another danger of AI article? Yes, another one. Since far too many people and companies are ok with ignoring the dangers simply for the sake of the next big shiny thing, we thought we would at least be part of the awareness of it. I might also say “I told you so” when things do start to go sideways… ok I would not be that much of a jackass, but I do think that making sure to point out issues with new technology while others seem ok with glossing them over is a good idea.

Details
By Sean Kalinich
Sean Kalinich
May 25
Hits: 1024
  • Hacking
  • AI
  • Vulnerabilities
  • chatbots
  • chatgpt
  • indirect injectons
  • indirect promptinjections

Read more: Indirect Prompt Injection Attacks, The least...

No comments on “Indirect Prompt Injection Attacks, The least Acknowledged Flaw in AI Today”

More Articles …

  1. Leaked LockBit and Babuk Ransomware repurposed by Buhti in new Payloads
  2. More Malware Discovered in Google Play Store this Time in a Popular Screen Recording App
  3. Microsoft Announces AI Run Moderation System to Prevent “harmful” Content
  4. China Targets US Based Micron with a Sales Ban Citing National Security Concerns
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14

Page 10 of 570

Follow Us

Follow DecryptedTech on Social Media

facebook twitter linkedin
Decryptedtech