 Your new post is loading...
Your new post is loading...
Russian hackers and cybercrime forums are notorious for exploiting critical infrastructure. Last month, Hackread.com exclusively reported that a Russian-speaking threat actor was selling access to a US military satellite. Now, researchers have identified macOS malware being sold for $60,000.
Via Gust MEES
Researchers jailbreak AI chatbots, including ChatGPT
Like a magic wand that turns chatbots evil.
Via Gust MEES
Mastodon, the free and open-source decentralized social networking platform, has patched four vulnerabilities, one of them critical that allows hackers to create arbitrary files on the server using specially crafted media files.
Mastodon has about 8.8 million users spread across 13,000 separate servers (instances) hosted by volunteers to support distinct yet inter-connected (federated) communities.
All the four issues fixed were discovered by independent auditors at Cure53, a company that provides penetration testing for online services. The auditors inspected Mastodon's code at Mozilla's request. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/social-media-and-its-influence/?&tag=Mastodon
Via Gust MEES
A ChatGPT bug found earlier this week also revealed user's payment information, says OpenAI(Opens in a new tab).
The AI chatbot was shut down on March 20, due to a bug that exposed titles and the first message of new conversations from active users' chat history to other users.
Now, OpenAI has shared that even more private data from a small number of users was exposed.
"In the hours before we took ChatGPT offline on Monday, it was possible for some users to see another active user’s first and last name, email address, payment address, the last four digits (only) of a credit card number, and credit card expiration date," said OpenAI. "Full credit card numbers were not exposed at any time.
Via Gust MEES
Une grave faille de sécurité affecte le noyau Linux
Sécurité : La faille de sécurité affecte ksmbd, un serveur SMB intégré au noyau de Linux 5.15, et sa note de gravité avoisine le 10, selon la ZDI.
Joyeux Noël à tous les administrateurs de systèmes Linux ! Et en guise de cadeau : une grave faille de sécurité dans le noyau Linux.
C’est la Zero Day Initiative (ZDI), une société de recherche sur les failles zero-day, qui l’a découverte et annoncée juste avant le réveillon.
Cette vulnérabilité pourrait permettre à un attaquant à distance authentifié de divulguer des informations sensibles et d’exécuter du code sur les versions vulnérables du noyau Linux.
Via Gust MEES
THE TROUBLE WITH THE METAVERSE
Innovators are diving into a new and immersive virtual space, but with new technology comes new threats. We bring forward possible problematic issues that metaverse pioneers should be wary of.
What is the metaverse?
Download Metaverse or Metaworse? Cybersecurity Threats Against the Internet of Experiences
Right now, there is no definitive answer. There are plenty of differing opinions about what the metaverse is and how it fits into the bigger picture of the internet. But the metaverse is still in the early days of development, and many companies are creating new technologies to carve out their nook in this immersive virtual landscape.
For now, we can define the metaverse as a cloud distributed, multi-vendor, immersive-interactive operating environment that users can access through different categories of connected devices (both static and mobile). It uses Web 2.0 and Web 3.0 technologies to provide an interactive layer on top of the existing Internet. As proposed, it is an open platform for working and playing inside an extended reality environment, and it will also be a communications layer for smart city devices.
However, given the changing circumstances, we fully expect our definition to evolve as the metaverse concept evolves. Of course, this uncertainty makes securing the environment much more complicated.
Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Metaverse
Via Gust MEES
A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas.
The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy (BLE), a wireless technology used for authenticating Bluetooth devices that are physically located within a close range.
"An attacker can falsely indicate the proximity of Bluetooth LE (BLE) devices to one another through the use of a relay attack," U.K.-based cybersecurity company NCC Group said. "This may enable unauthorized access to devices in BLE-based proximity authentication systems. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=Bluetooth https://www.scoop.it/topic/securite-pc-et-internet/?&tag=BLURtooth
Via Gust MEES
Résultat des courses : vous n'aurez bientôt plus besoin d'un mot de passe pour vous connecter à vos appareils, à des sites web ou à des applications.
Au lieu de cela, votre téléphone stockera un justificatif FIDO appelé "passkey", qui sera utilisé pour déverrouiller votre appareil – et l'ensemble de vos comptes en ligne. Il s'agit d'un dispositif plus sûr qu'un mot de passe, car cette clé est protégée par de la cryptographie et n'est montrée à votre compte en ligne que lorsque vous déverrouillez votre appareil. A contrario, les mots de passe nous rendent vulnérables aux tentatives d’hameçonnage et à nos propres mauvaises habitudes, comme l'utilisation du même mot de passe sur plusieurs comptes. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/securite-pc-et-internet
Via Gust MEES
Les malwares mobiles se multiplient sur nos smartphones
Sécurité : Les experts en cybersécurité alertent sur une augmentation de 500 % des cyberattaques mobiles. Une flambée qui doit beaucoup à la multiplication des malwares destinés aux smartphones, qu'affectionnent les pirates. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Mobile-Security
Via Gust MEES
Roughly two-thirds of test digital vaccination applications commonly used today as safe passes and travel passports exhibit behavior that may put users' privacy at risk.
The risks are substantial as these apps are required for large populations worldwide, allowing hackers an extensive target base.
Digital passports
Digital passport apps store proof of a person's COVID-19 vaccination status, full name, ID number, date of birth, and other personally identifiable information (PII) encoded in a QR code or displayed directly in the app. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=Privacy Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Coronavirus
Via Gust MEES
North Korean-backed hacking group Lazarus has added the Windows Update client to its list of living-off-the-land binaries (LoLBins) and is now actively using it to execute malicious code on Windows systems.
The new malware deployment method was discovered by the Malwarebytes Threat Intelligence team while analyzing a January spearphishing campaign impersonating the American security and aerospace company Lockheed Martin.
After the victims open the malicious attachments and enable macro execution, an embedded macro drops a WindowsUpdateConf.lnk file in the startup folder and a DLL file (wuaueng.dll) in a hidden Windows/System32 folder. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Windows
Via Gust MEES
The WordPress WP HTML Mail plugin, installed in over 20,000 sites, is vulnerable to a high-severity flaw that can lead to code injection and the distribution of convincing phishing emails.
'WP HTML Mail' is a plugin used for designing custom emails, contact form notifications, and generally tailored messages that online platforms send to their audience.
The plugin is compatible with WooCommerce, Ninja Forms, BuddyPress, and others. While the number of sites using it isn't large, many have a large audience, allowing the flaw to affect a significant number of Internet users.
Via Gust MEES
Microsoft has continued its analysis of the LemonDuck malware, known for installing crypto-miners in enterprise environments. It makes a strong case for why it is worth removing it from your network.
This group, according to Microsoft, has a well-stocked arsenal of hacking tools, tricks and exploits aimed at one thing: for their malware to retain exclusive access to a compromised network for as long as possible.
While crypto-mining malware could be just a nuisance, LemonDuck attributes suggest the attacker group really do try to own compromised networks by disabling anti-malware, removing rival malware, and even automatically patching vulnerabilities -- a competitive effort to keep rival attackers from feeding off its turf. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/securite-pc-et-internet
Via Gust MEES
|
CHATGPT AND ITS artificially intelligent siblings have been tweaked over and over to prevent troublemakers from getting them to spit out undesirable messages such as hate speech, personal information, or step-by-step instructions for building an improvised bomb. But researchers at Carnegie Mellon University last week showed that adding a simple incantation to a prompt—a string text that might look like gobbledygook to you or me but which carries subtle significance to an AI model trained on huge quantities of web data—can defy all of these defenses in several popular chatbots at once.
Via Gust MEES
Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers to a botnet designed to steal bandwidth and provide a hidden residential proxy service.
This allows its operators to hide a wide spectrum of malicious activities, from digital advertising fraud to password spraying.
According to Lumen's Black Lotus Labs threat research team, while the AVrecon remote access trojan (RAT) compromised over 70,000 devices, only 40,000 were added to the botnet after gaining persistence. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux
Via Gust MEES
Abo-Malware: Googles und Apples Stores von teuren ChatGPT-Fakes geflutet
Sophos warnt vor ChatGPT-Nachahmer-Apps in Apples und Googles App-Stores, die arglose Nutzer mit verschleierten Gebühren abzocken.
Via Gust MEES
A pervasive cyber-espionage group known as Iron Tiger, believed to be out of China, has updated one of its malware frameworks to attack Linux-based systems.
Researchers at Trend Micro recently discovered that Iron Tiger (aka Emissary Panda or APT27) had added new features to its so called SysUpdate malware family, which allows it to infect Linux platforms in addition to Windows. SysUpdate abuses system services, grabs screenshots, browses and terminates processes, retrieves drive information, executes commands, and can find, delete, rename, upload, and download files as well as peruse a victim's file directory. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux
Via Gust MEES
Twitter users are turning to the long-established federated community system known as Mastodon as the Musk era brings chaos to the 'bird site' social network. But how can you best secure a Mastodon account?
As even more employees leave Twitter following Elon Musk's 48 hours to quit ultimatum, and previously banned accounts return, the social network could be facing it's most perilous weeks since going into private ownership. For many Twitter users, the escape route to another network is coming via Mastodon. The Twitter infosec community is already establishing a healthy Mastodon presence, but many non-infosec users are asking how secure the federated community network is.
Is Mastodon a secure social network? Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/social-media-and-its-influence/?&tag=Mastodon https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Mastodon
Via Gust MEES
Twitter has confirmed a recent data breach was caused by a now-patched zero-day vulnerability used to link email addresses and phone numbers to users' accounts, allowing a threat actor to compile a list of 5.4 million user account profiles.
Last month, BleepingComputer spoke to a threat actor who said that they were able to create a list of 5.4 million Twitter account profiles using a vulnerability on the social media site.
This vulnerability allowed anyone to submit an email address or phone number, verify if it was associated with a Twitter account, and retrieve the associated account ID. The threat actor then used this ID to scrape the public information for the account. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Twitter
Via Gust MEES
Flaws in networkd-dispatcher, a service used in the Linux world, can be exploited by a rogue logged-in user or application to escalate their privileges to root level, allowing the box to be commandeered, Microsoft researchers said Wednnesday.
It's nice of Redmond to point out these flaws and have them fixed in any affected distributions; the US tech giant is a big user of Linux and relies on the open-source OS throughout its empire. It's just a little perplexing the biz went to all the effort of a big write-up and giving the flaws a catchy name, Nimbuspwn, when countless privilege-elevation holes are fixed in its Windows operating system each month, and we can't recall Microsoft lately making this much of a song and dance over them. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux
Via Gust MEES
Google is buying cybersecurity company Mandiant in an all-cash transaction valued at approximately $5.4 billion.
Mandiant’s operations, which draw on the work of more than 600 security consultants and more than 300 intelligence analysts, will be folded into Google Cloud to create an “end-to-end security operations suite.” A range of services will be offered, from consulting on cybersecurity to detecting upcoming threats and testing company’s digital defenses. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=Acquisitions
Via Gust MEES
The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms.
However, as Slovak internet security firm ESET discovered, Hive's new encryptors are still in development and still lack functionality.
The Linux variant also proved to be quite buggy during ESET's analysis, with the encryption completely failing when the malware was executed with an explicit path.
Via Gust MEES
|
Russian hackers and cybercrime forums are notorious for exploiting critical infrastructure. Last month, Hackread.com exclusively reported that a Russian-speaking threat actor was selling access to a US military satellite. Now, researchers have identified macOS malware being sold for $60,000.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=ChatGPT
https://www.scoop.it/topic/apple-mac-ios4-ipad-iphone-and-in-security
https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Ethics