- VayFul®
- Posts
- AI Friday: ZombAI's, Ivanti Vulnerability: Discovery to Exploitation, Crypto Wallet Scam
AI Friday: ZombAI's, Ivanti Vulnerability: Discovery to Exploitation, Crypto Wallet Scam
Cybersecurity — For Security Professionals
Hey! James here.
Today’s edition focuses on AI, SOC and Threat Intelligence.
📝 MrBeast Crypto Wallet Scam Investigation, ZombAIs: From Prompt Injection to C2 with Claude Computer Use !
🔥 Analyzing WordPress hack access logs with NotebookLM, Can AI Save Cybersecurity From Itself?, Movies-for-hackers!
🧠 Revving up: the journey to pwn2own automotive 2024, Unveiling the Ivanti vulnerability: from discovery to exploitation!
And more…
First time reading? Sign up here.
📰 Top Security News
ChatGPT Jailbreak: Researchers Bypass AI Safeguards Using Hexadecimal Encoding and Emojis (Securityweek)
Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments (CISA)
Can AI Save Cybersecurity From Itself? (OpenAI)
📝 Best Of Blogs
Is Detection Engineering just glorified googling? (Br4dy5)
MrBeast Crypto Wallet Scam Investigation (Loock.io)
ZombAIs: From Prompt Injection to C2 with Claude Computer Use (Embrace The Red)
🧠 Learning Resources
Revving up: the journey to pwn2own automotive 2024 (Alex Plaskett & McCaulay Hudson)
Unveiling the Ivanti vulnerability: from discovery to exploitation (Sina Kheirkhah)
Trustworthy AI… for Systems Security (Lorenzo Cavallaro)
🛠️ Tools
Priscope: A security tool designed to help review merged code changes to open source maintained repositories via LLM assisted review to safeguard against supply chain attacks. (GitHub)
Movies-for-hackers: 🎬 A curated list of movies every hacker
& cyberpunk must watch. (GitHub)
Misconfigmate: This tool builds upon their excellent research and service templates while adding additional features and improvements. (GitHub)
⚡️ Misc
Run a prompt to generate and execute jq programs using llm-jq (Simon Willison)
Apple will pay security researchers up to $1 million to hack its private AI cloud (Apple)
Analyzing WordPress hack access logs with NotebookLM (Invicti)
🎯 Favorite Quote
“Do not let making a living prevent you from making a life.”
- John Wooden
💡 ABOUT VAYFUL®
Vayful® is a cybersecurity newsletter that curates the best cybersecurity news, research, tools, blogs, talks, tutorials, and learning resources — specially handpicked for security professionals. The content is curated with love by security professionals.
Enjoyed this newsletter? Friends don’t keep good things to themselves - forward this to your friends and have them sign up here!
Did someone forward this email to you? Become a subscriber!
Have feedback or questions? Just hit reply and let us know.