ModelScan: Protection Against Model Serialization Attacks ModelScan is a tool to inspect AI models for deserialization attacks. The tool will detect suspect commands and warn the user. https://isc.sans.edu/diary/ModelScan%20-%20Protection%20Against%20Model%20Serialization%20Attacks/31692 OpenSSH MitM and DoS Vulnerabilities OpenSSH Patched two vulnerabilities discovered by Qualys. One may be used for MitM attack in specfic configurations of OpenSSH. https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt Juniper Authentication Bypass Juniper fixed an authentication bypass vulnerability that affects several prodcuts. The patch was released outside the normal patch schedule. https://supportportal.juniper.net/s/article/2025-02-Out-of-Cycle-Security-Bulletin-Session-Smart-Router-Session-Smart-Conductor-WAN-Assurance-Router-API-Authentication-Bypass-Vulnerability-CVE-2025-21589?language=en_US DELL BIOS Patches DELL released BIOS updates fixing a privilege escalation issue. The update affects a large part of Dell's portfolio https://www.dell.com/support/kbdoc/en-en/000258429/dsa-2025-021
Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. SANS Stormcast Tuesday Feb 19th: ModelScan AI Model Security; OpenSSH Vuln; Juniper Patches; Dell BIOS Vulnerability