In episode 16 of The AI Fix, Mark and Graham meet GPT-4o1 and ask if it knows how many cousins Alice’s sister has, a top cop wants AI injected into his colleagues “like heroin”, Mark finds an AI that might actually be able to help with that, and our hosts start a conspiracy theory about an AI that stops you believing in conspiracy theories.
Graham peers into his crystal ball and discover’s Reddit’s bargain basement John Connor, and Mark is tired of waiting for the “tens of millions” of driverless cars we were promised.
All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.
It seems they all exploded simultaneously, which means they were triggered.
Were they each tampered with physically, or did someone figure out how to trigger a thermal runaway remotely? Supply chain attack? Malicious code update, or natural vulnerability?
I have no idea, but I expect we will all learn over the next few days.
EDITED TO ADD: I’m reading nine killed and 2,800 injured. That’s a lot of collateral damage. (I haven’t seen a good number as to the number of pagers yet.)
Iggy Frankovic discovered that Quagga incorrectly handled certain BGP
messages. A remote attacker could possibly use this issue to cause Quagga
to crash, resulting in a denial of service.
Iggy Frankovic discovered that FRR incorrectly handled certain BGP
messages. A remote attacker could possibly use this issue to cause FRR to
crash, resulting in a denial of service.
USN-7000-1 fixed vulnerabilities in Expat. This update
provides the corresponding updates for Ubuntu 22.04 LTS.
Original advisory details:
Shang-Hung Wan discovered that Expat did not properly handle certain
function calls when a negative input length was provided. An attacker
could use this issue to cause a denial of service or possibly execute
arbitrary code. (CVE-2024-45490)
Shang-Hung Wan discovered that Expat did not properly handle the
potential for an integer overflow on 32-bit platforms. An attacker
could use this issue to cause a denial of service or possibly execute
arbitrary code. (CVE-2024-45491, CVE-2024-45492)
USN-7001-1 fixed vulnerabilities in xmltol library. This update
provides the corresponding updates for Ubuntu 24.04 LTS.
Original advisory details:
Shang-Hung Wan discovered that Expat, contained within the xmltok library,
did not properly handle certain function calls when a negative input
length was provided. An attacker could use this issue to cause a denial of
service or possibly execute arbitrary code. (CVE-2024-45490)
Shang-Hung Wan discovered that Expat, contained within the xmltok library,
did not properly handle the potential for an integer overflow on 32-bit
platforms. An attacker could use this issue to cause a denial of service
or possibly execute arbitrary code. (CVE-2024-45491)
The CyberBoost: Catalyse is supported by the Cyber Security Agency of Singapore, the National University of Singapore and UK-based innovation hub Plexal
