Month: January 2023
Pwn2Own Automotive: Bringing Researchers and Auto Manufacturers Together
Today at the Automotive World conference in Tokyo, Japan, I presented a talk in the Cyber Security from the Perspectives of Hackers and Automakers track. During this presentation, I announced the ZDI will host a new Pwn2Own contest focused on automotive systems – Pwn2Own Automotive. This contest will be held at next year’s Automotive World …
Pwn2Own Automotive: Bringing Researchers and Auto Manufacturers TogetherRead More
What Are Large Language Models Used For?
AI applications are summarizing articles, writing stories and engaging in long conversations — and large language models are doing the heavy lifting. A large language model, or LLM, is a deep learning algorithm that can recognize, summarize, translate, predict and generate text and other content based on knowledge gained from massive datasets. Large language models …
DLSS 3 Delivers Ultimate Boost in Latest Game Updates on GeForce NOW
GeForce NOW RTX 4080 SuperPODs are rolling out now, bringing RTX 4080-class performance and features to Ultimate members — including support for NVIDIA Ada Lovelace GPU architecture technologies like NVIDIA DLSS 3. This GFN Thursday brings updates to some of GeForce NOW’s hottest games that take advantage of these amazing technologies, all from the cloud. …
DLSS 3 Delivers Ultimate Boost in Latest Game Updates on GeForce NOWRead More
Braced From Space: Startup Keeps Watchful Eye on Gas Pipeline Leaks Across the Globe
As its name suggests, Orbital Sidekick is creating technology that acts as a buddy in outer space, keeping an eye on the globe using satellites to help keep it safe and sustainable. The San Francisco-based startup, a member of the NVIDIA Inception program, enables commercial and government users to optimize sustainable operations and security with …
Braced From Space: Startup Keeps Watchful Eye on Gas Pipeline Leaks Across the GlobeRead More
NVIDIA CEO Ignites AI Conversation in Stockholm
More than 600 entrepreneurs, developers, researchers and executives from across the Nordics flocked Tuesday to Stockholm’s sleek Sergel Hub conference center in a further sign of the strength of the region’s AI ecosystem. The highlight: a far-reaching conversation between NVIDIA founder and CEO Jensen Huang and Swedish industrialist Marcus Wallenberg exploring the intersections of AI, …
Supersizing AI: Sweden Turbocharges Its Innovation Engine
Sweden is outfitting its AI supercomputer for a journey to the cutting edge of machine learning, robotics and healthcare. It couldn’t ask for a better guide than Anders Ynnerman (above). His signature blue suit, black spectacles and gentle voice act as calm camouflage for a pioneering spirit. Early on, he showed a deep interest in …
Supersizing AI: Sweden Turbocharges Its Innovation EngineRead More
Activation Context Cache Poisoning: Exploiting CSRSS for Privilege Escalation
Starting in July of 2022, the Windows CSRSS process entered the consciousness of the infosec community as the source of several local privilege escalation vulnerabilities in Microsoft Windows. The first public information appeared on July 12 with the release of the patch for CVE-2022-22047, which was being actively exploited. Shortly thereafter, Microsoft published an article …
Activation Context Cache Poisoning: Exploiting CSRSS for Privilege EscalationRead More
Fresh AI on Security: Digital Fingerprinting Deters Identity Attacks
Add AI to the list of defenses against identity attacks, one of the most common and hardest breach to prevent. More than 40% of all data compromises involved stolen credentials, according to the 2022 Verizon Data Breach Investigations Report. And a whopping 80% of all web application breaches involved credential abuse. “Credentials are the favorite …
Fresh AI on Security: Digital Fingerprinting Deters Identity AttacksRead More
Booked for Brilliance: Sweden’s National Library Turns Page to AI to Parse Centuries of Data
For the past 500 years, the National Library of Sweden has collected virtually every word published in Swedish, from priceless medieval manuscripts to present-day pizza menus. Thanks to a centuries-old law that requires a copy of everything published in Swedish to be submitted to the library — also known as Kungliga biblioteket, or KB — …
ZDI-23-092: RARLAB WinRAR ZIP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
NEWS
-
How AI Is Personalizing Customer Service Experiences Across Industries
September 7, 2024Customer service departments across industries are facing increased call volumes, high customer service agent turnover, talent shortages and shifting customer expectations. Customers expect both self-help options and real-time, person-to-person support. These expectations for seamless, personalized experiences extend across digital communication... -
ZDI-24-1195: Malwarebytes Antimalware Link Following Local Privilege Escalation Vulnerability
September 6, 2024This vulnerability allows local attackers to escalate privileges on affected installations of Malwarebytes Antimalware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a... -
ZDI-24-1193: Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
September 6, 2024This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI...