Heise Security-Alert

BSI Bund-Cert

• Version 1.0: Fortinet FortiOS – Angreifende installierten persistenten Lesezugriff auf Firewalls 11. April 2025
• Version 1.1: Ivanti Connect Secure – Kritische Schwachstelle in End-of-Support und ungepatchten Systemen ausgenutzt 9. April 2025
• Information zur Umstellung beim Versand von Warnungen 1. April 2025
• Version 1.0: Kubernetes – Kritische Schwachstelle im Ingress NGINX Controller ermöglicht Clusterübernahme 25. März 2025

Bruce Schneier

• Regulating AI Behavior with a Hypervisor 23. April 2025
  Interesting research: “Guillotine: Hypervisors for Isolating Malicious AIs.” Abstract:As AI models become more embedded in critical sectors like finance, healthcare, and the military, their inscrutable behavior poses ever-greater risks to society. To mitigate this risk, we propose Guillotine, a hypervisor architecture for sandboxing powerful AI models—models that, by accident or malice, can generate existential threats […]
• Android Improves Its Security 22. April 2025
  Android phones will soon reboot themselves after sitting idle for three days. iPhones have had this feature for a while; it’s nice to see Google add it to their phones.
• Friday Squid Blogging: Live Colossal Squid Filmed 18. April 2025
  A live colossal squid was filmed for the first time in the ocean. It’s only a juvenile: a foot long. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
• Age Verification Using Facial Scans 17. April 2025
  Discord is testing the feature: “We’re currently running tests in select regions to age-gate access to certain spaces or user settings,” a spokesperson for Discord said in a statement. “The information shared to power the age verification method is only used for the one-time age verification process and is not stored by Discord or our […]