When “safe” documents aren’t. [Research Saturday]
CyberWire Daily28 Mars

When “safe” documents aren’t. [Research Saturday]

Omer Ninburg, CTO of Novee Security, joins us on this episode of Research Saturday to discuss their work on "From PDF to Pwn: Scalable 0day Discovery in PDF Engines and Services Using Multi-Agent LLMs." Historically, Portable Document Formats – the immutable, localized PDF – was once considered a “safe” component inside enterprise environments. That is no longer the case. To demonstrate how PDF services and engines can be exploited, the team at Novee used their proprietary, multi-agent LLM system to uncover vulnerability patterns, and systematically scale them into a broad discovery campaign across two PDF vendor ecosystems. The research uncovered 16 verified vulnerabilities across client-side PDF viewers, embedded plugins, and server-side PDF services. The research and executive brief can be found here: ⁠From PDF to Pwn: Scalable 0day Discovery in PDF Engines and Services Using Multi-Agent LLMs Hacker-Trained AI Discovers 16 New 0-Day Vulnerabilities in PDF Engines Learn more about your ad choices. Visit megaphone.fm/adchoices

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(3649)

The AI race gets a referee.

The AI race gets a referee.

AI oversight arrives at the White House. A Cyber Force gains momentum. Critical infrastructure comes under cyberattack. Acer faces zero-day trouble. A stock exchange executive gets spied on for months...

3 Juni 31min

The bugs are piling up faster than the fixes.

The bugs are piling up faster than the fixes.

A federal watchdog questions NIST over its vulnerability database backlog. Google patches an Android zero-day. Citizen Lab exposes a powerful location-tracking platform. Malware hides commands in Stea...

2 Juni 30min

AI joins the chain of command.

AI joins the chain of command.

Battlefield AI sparks debate. Election cyber threats rise. A critical Windows flaw is under active attack. CISA weighs new reporting rules. Russian targets face a stealthy hacking campaign. A 19-year-...

1 Juni 29min

CyberWire Daily at 10: The evolution of ransomware. [Special Edition]

CyberWire Daily at 10: The evolution of ransomware. [Special Edition]

In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner consider the tactics, trends, and turning points that shaped the threat landscape ...

31 Maj 22min

GPS: A backbone for critical infrastructure. [T-Minus: Space-Cyber Briefing]

GPS: A backbone for critical infrastructure. [T-Minus: Space-Cyber Briefing]

Since its original creation in the 1970s, GPS has evolved from a technology primarily used by the military to a foundation for modern society.  After the removal of selective availability for civilia...

31 Maj 26min

The skills pay the bills. [Research Saturday]

The skills pay the bills. [Research Saturday]

Today we are joined by Marco Giuliani, Vice President & Head of Research at ThreatDown, discussing their work on "GachiLoader adopts AI skill lure." Threat actors are now using fake AI agent “skills” ...

30 Maj 24min

Mind the gap between IT and OT.

Mind the gap between IT and OT.

Iranian hackers hit LA transit. Chinese cyber operators target Middle East infrastructure. Dutch police take down a 17-million-device botnet. Researchers uncover a phishing risk in ChatGPT. Anthropic ...

29 Maj 28min

The military wants to move at cyber speed.

The military wants to move at cyber speed.

Cyber Command’s new chief pushes modernization as lawmakers warn commercial location data is exposing U.S. troops. A third-party UK visa site leaks passports and selfies. Microsoft slams unpatched zer...

28 Maj 31min

Populärt inom Politik & nyheter

svenska-fall
motiv
aftonbladet-krim
p3-krim
spar
aftonbladet-daily
flashback-forever
rss-sanning-konsekvens
rss-expressen-dok
rss-krimreportrarna
rss-flodet
politiken
rss-frandfors-horna
rss-vad-fan-hande
olyckan-inifran
rss-aftonbladet-krim
svd-ledarredaktionen
kungligt
dagens-eko
rss-krimstad