The Stack - The Snack (Page 7)

AI | Apr 18, 2024

Mona Lisa rapping: Microsoft’s new AI spins up convincing talking heads

"While acknowledging the possibility of misuse, it's imperative to recognize the substantial positive potential of our technique"

VPN | Apr 17, 2024

PAN-OS vuln mitigation howler: “Disabling telemetry” no help

POCs for CVSS 10 bug are out of the bag, tens of thousands are exposed, and telemetry mitigation didn't work.

| Cybersecurity | Apr 15, 2024

XZ Redux? Social engineering attacks on OSS intercepted

openssf open source social engineering attack

"These emails implored OpenJS to take action to update one of its popular JavaScript projects to ‘address any critical vulnerabilities'"

VPN | Apr 12, 2024

Palo Alto Networks: CVSS 10 bug in Pan-OS is being exploited in the wild

Patch? You'll need to wait until Sunday. Turn off telemetry (no, really; it's a mitigation!) and go to the pub. OK, maybe don't.

AWS | Apr 10, 2024

AWS took 6 months to fix Security Token Service bug - IAM policy simulator inadequate, says Stedi

"No system is infallible. Sometimes, it is AWS..."

Patch Tuesday | Apr 09, 2024

Monster Patch Tuesday sets new record: RCE bugs galore

God speed to those pushing fixes.

Sponsored | Apr 09, 2024

From the Marines to the “4 Cs”: BigID’s Brenton Gumucio on code camps, preventing data exposure and working with MongoDB

“We are pretty tightly aligned with the MongoDB product team. That allowed us to scale up and attack use cases where we're scanning petabytes of data, and solving really hard problems for customers.”

DataStax | Apr 04, 2024

DataStax snaps up Langchain-democratiser Langflow

"You have to chain user input, system prompts, and DB data to feed the LLM and then lots of processing to deliver that magic AI agent experience to the user"

| utilities | Apr 02, 2024

Water company dangles £10m for MSSP support

Assessment by the NCSC of previous industry breaches has seen an “enhanced” Cyber Assessment Framework (e-CAF) created that requires...