The ‘Largest Illicit Online Marketplace’ Ever Is Growing at an Alarming Rate, Report Says

Credit to Author: Matt Burgess, Lily Hay Newman| Date: Tue, 14 Jan 2025 09:00:00 +0000

Huione Guarantee, a gray market researchers believe is central to the online scam ecosystem, now includes a messaging app, stablecoin, and crypto exchange—while facilitating $24 billion in transactions.

Read more

Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions

Credit to Author: Microsoft Threat Intelligence| Date: Mon, 13 Jan 2025 17:00:00 +0000

Microsoft discovered a macOS vulnerability allowing attackers to bypass System Integrity Protection (SIP) by loading third party kernel extensions, which could lead to serious consequences, such as allowing attackers to install rootkits, create persistent malware, bypass Transparency, Consent, and Control (TCC), and expand the attack surface to perform other unauthorized operations.

The post Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions appeared first on Microsoft Security Blog.

Read more

3 takeaways from red teaming 100 generative AI products

Credit to Author: Blake Bullwinkel and Ram Shankar Siva Kumar| Date: Mon, 13 Jan 2025 16:00:00 +0000

Since 2018, Microsoft’s AI Red Team has probed generative AI products for critical safety and security vulnerabilities. Read our latest blog for three lessons we’ve learned along the way.

The post 3 takeaways from red teaming 100 generative AI products appeared first on Microsoft Security Blog.

Read more

Secret Phone Surveillance Tech Was Likely Deployed at 2024 DNC

Credit to Author: Dhruv Mehrotra| Date: Fri, 10 Jan 2025 15:21:46 +0000

Data WIRED collected during the 2024 Democratic National Convention strongly suggests the use of a cell-site simulator, a controversial spy device that intercepts sensitive data from every phone in its range.

Read more