Amazon is holding a mandatory meeting about AI breaking its systems. The official framing is "part of normal business." The briefing note describes a trend of incidents with "high blast radius" caused by "Gen-AI assisted changes" for which "best practices and safeguards are not yet fully established." Translation to human language: we gave AI to engineers and things keep breaking? The response for now? Junior and mid-level engineers can no longer push AI-assisted code without a senior signing off. AWS spent 13 hours recovering after its own AI coding tool, asked to make some changes, decided instead to delete and recreate the environment (the software equivalent of fixing a leaky tap by knocking down the wall). Amazon called that an "extremely limited event" (the affected tool served customers in mainland China).

A little over a year ago I published research on how you could leverage non-production AWS API endpoints to enumerate permissions without logging to CloudTrail. A year later...I'm still finding them. Red Teamers, these can be super useful and really up your game!

PoC Exploit Released for CVE-2024-30085: Windows Elevation of Privilege Vulnerability securityonline.info/poc-expl…

Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root - @billtoulas bleepingcomputer.com/news/se… bleepingcomputer.com/news/se…

No mfa....no network segmentation...: theregister.com/2024/11/20/c…

Microsoft will soon let you clone your voice for Teams meetings techcrunch.com/2024/11/19/so… via @techcrunch

Ohio man behind Helix Bitcoin launderette jailed for three years, hands over $400M theregister.com/2024/11/16/h… via @theregister

Chinese Cyber-Espionage Hits T-Mobile Amid International Telecom Breaches devdiscourse.com/article/tec…

#Spain 🇪🇸 - Aviva Database Allegedly Leaked Reports have surfaced of a potential data breach impacting Aviva’s Spanish customer database. This alleged leak includes approximately 2.7 million records with sensitive information, such as IDs, full names, and IBANs, amounting to 288MB of data. The breach could pose significant risks to the privacy and financial security of Aviva’s customers in Spain. dailydarkweb.net/alleged-dat… #cybersecurity #databreach #Aviva #Spain

New tool bypasses Google Chrome’s new cookie encryption system - @billtoulas bleepingcomputer.com/news/se… bleepingcomputer.com/news/se…

🚨DDoS ‼️ 🇮🇱Israel - Shva On October 29, 2024, a denial-of-service (DoS) cyberattack targeted Shva, Israel's main provider of IT services for the banking sector, disrupting credit card transactions across various businesses. The attack began at 7 a.m. and led to issues in transaction approvals for companies connected to Shva's network. The disruption was resolved by 9:50 a.m., with regular service restored. Though the attacker was not officially identified, reports from Bizportal suggest that "Anonymous Sudan," a group allegedly linked to Iran, may be responsible, having previously attacked Israeli entities. More details: jns.org/cyberattack-causes-c…

Russia and China are stepping up their cyber attacks on the Netherlands and its allies, warned the National Coordinator for Counter-Terrorism and Security (NCTV). nltimes.nl/2024/10/28/russia… @NL_Times

CVE-2024-46483 (CVSS 9.8): Xlight FTP Server Flaw Leaves Users Exposed to Remote Attacks, PoC Published securityonline.info/cve-2024…

The Strava problem: how the fitness app was used to locate the world’s most powerful people - theguardian.com/lifeandstyle…

TSA silent on CrowdStrike’s claim Delta skipped required security update - arstechnica.com/tech-policy/…

ssh-mitm: intercepting proxy server for security audits meterpreter.org/ssh-mitm-int…

New law in Australia will require mandatory reporting of ransomware payments therecord.media/australia-bi… @TheRecord_Media

Finland’s Top Power Utility Targeted With Daily Cyber Attacks | OilPrice.com oilprice.com/Latest-Energy-N… #oilprice