infossl – Page 4 – SSL and internet security news

Silk Typhoon Hackers Indicted

March 11, 2025 infossl

china, cyberattack, cyberespionage, espionage, hacking, law enforcement, Security technology, Uncategorized

Lots of interesting details in the story: The US Department of Justice on Wednesday announced the indictment of 12 Chinese individuals accused of more than a decade of hacker intrusions around the world, including eight staffers for the contractor i-Soon, two officials at China’s Ministry of Public Security who allegedly worked with them, and two … Read More “Silk Typhoon Hackers Indicted” »

Thousands of WordPress Websites Infected with Malware

March 10, 2025 infossl

backdoors, malware, Security technology, Uncategorized, web

The malware includes four separate backdoors: Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed. A unique case we haven’t seen before. Which introduces another type of attack made possibly by abusing websites that don’t monitor 3rd party dependencies in the browser of their users. The four … Read More “Thousands of WordPress Websites Infected with Malware” »

Friday Squid Blogging: Squid Loyalty Cards

March 7, 2025 infossl

ireland, Security technology, squid, Uncategorized

Squid is a loyalty card platform in Ireland. Blog moderation policy. Powered by WPeMatico

Rayhunter: Device to Detect Cellular Surveillance

March 7, 2025 infossl

cell phones, eff, privacy, Security technology, surveillance, Uncategorized

The EFF has created an open-source hardware tool to detect IMSI catchers: fake cell phone towers that are used for mass surveillance of an area. It runs on a $20 mobile hotspot. Powered by WPeMatico

The Combined Cipher Machine

March 6, 2025 infossl

cryptography, history of cryptography, military, Security technology, Uncategorized

Interesting article—with photos!—of the US/UK “Combined Cipher Machine” from WWII. Powered by WPeMatico

CISA Identifies Five New Vulnerabilities Currently Being Exploited

March 5, 2025 infossl

privilege escalation, Security technology, Uncategorized, vulnerabilities

Of the five, one is a Windows vulnerability, another is a Cisco vulnerability. We don’t have any details about who is exploiting them, or how. News article. Slashdot thread. Powered by WPeMatico

Trojaned AI Tool Leads to Disney Hack

March 4, 2025 infossl

AI, credentials, cybersecurity, hacking, Security technology, Uncategorized

This is a sad story of someone who downloaded a Trojaned AI tool that resulted in hackers taking over his computer and, ultimately, costing him his job. Powered by WPeMatico

Friday Squid Blogging: Eating Bioluminescent Squid

February 28, 2025 infossl

Security technology, squid, Uncategorized

Firefly squid is now a delicacy in New York. Blog moderation policy. Powered by WPeMatico

“Emergent Misalignment” in LLMs

February 27, 2025 infossl

academic papers, AI, LLM, Security technology, Uncategorized

Interesting research: “Emergent Misalignment: Narrow finetuning can produce broadly misaligned LLMs“: Abstract: We present a surprising result regarding LLMs and alignment. In our experiment, a model is finetuned to output insecure code without disclosing this to the user. The resulting model acts misaligned on a broad range of prompts that are unrelated to coding: it … Read More ““Emergent Misalignment” in LLMs” »

An iCloud Backdoor Would Make Our Phones Less Safe

February 26, 2025 infossl

apple, backdoors, encryption, Security technology, uk, Uncategorized

Last month, the UK government demanded that Apple weaken the security of iCloud for users worldwide. On Friday, Apple took steps to comply for users in the United Kingdom. But the British law is written in a way that requires Apple to give its government access to anyone, anywhere in the world. If the government … Read More “An iCloud Backdoor Would Make Our Phones Less Safe” »