Apple patches 79 gaping security holes in the iTunes for Windows software.
Scooped by
Gust MEES
onto ICT Security-Sécurité PC et Internet October 11, 2011 6:40 PM
|
Get Started for FREE
Sign up with Facebook Sign up with X
I don't have a Facebook or a X account
Scooped by
Gust MEES
onto ICT Security-Sécurité PC et Internet October 11, 2011 6:40 PM
|
Apple patches 79 gaping security holes in the iTunes for Windows software.
Your new post is loading...
Your new post is loading...
Scoop.it!
Why (And How) Teachers Should Start Learning and Teaching Cyber-Security . What should get be taught and learned more in the 21st Century while using ICT?
In the 21st Century, Education has a BIG responsibility to adapt to the very quick change in the world and to teach the students the knowledge they need and which are required to fulfill the market’s needs!
The market’s needs are ALSO to employ people with the basics of Cyber-Security knowledge as a modern company needs to protect its online reputation and a data loss could be lethal to them, their ruin eventually! SO, the new employees is the students coming out of school, College, High school, Universities; ALL of them need to have the basic knowledge of Cyber-Security to be competitive in a working market where there is more and more unemployment worldwide…
===> A company would take advantage of a new employee who as already the necessary knowledge of Cyber-Security as the company doesn’t need to train him, which saves it a lot of money! <===
Gust MEES's insight:
In the 21st Century, Education has a BIG responsibility to adapt to the very quick change in the world and to teach the students the knowledge they need and which are required to fulfill the market’s needs!
The market’s needs are ALSO to employ people with the basics of Cyber-Security knowledge as a modern company needs to protect its online reputation and a data loss could be lethal to them, their ruin eventually! SO, the new employees is the students coming out of school, College, High school, Universities; ALL of them need to have the basic knowledge of Cyber-Security to be competitive in a working market where there is more and more unemployment worldwide…
===> A company would take advantage of a new employee who as already the necessary knowledge of Cyber-Security as the company doesn’t need to train him, which saves it a lot of money! <===
===============================================
There has been a lot of talk both in the U.S. and internationally about a shortage in skilled IT professionals - with a predicted 864,000 IT vacancies in Europe alone by 2015.
What are these skills that organizations are looking for? This infographic by via resource highlights the top skills that make a successful information security professional and skills the future workforce will need to tackle emerging threats.
Learn more:
- http://www.scoop.it/t/securite-pc-et-internet?tag=Infographic
- http://www.scoop.it/t/21st-century-learning-and-teaching?tag=Infographi
- http://www.scoop.it/t/ict-security-tools
Check also:
- https://gustmees.wordpress.com/
- https://gustmeesen.wordpress.com/
- https://gustmeesfr.wordpress.com/
Zhao KQiang's curator insight,
March 27, 2014 7:23 AM
give some opinions of that why teachers and education should learn network secutity
Dean J. Fusto's curator insight,
July 31, 2015 10:12 AM
In the 21st Century, Education has a BIG responsibility to adapt to the very quick change in the world and to teach the students the knowledge they need and which are required to fulfill the market’s needs!
The market’s needs are ALSO to employ people with the basics of Cyber-Security knowledge as a modern company needs to protect its online reputation and a data loss could be lethal to them, their ruin eventually! SO, the new employees is the students coming out of school, College, High school, Universities; ALL of them need to have the basic knowledge of Cyber-Security to be competitive in a working market where there is more and more unemployment worldwide…
===> A company would take advantage of a new employee who as already the necessary knowledge of Cyber-Security as the company doesn’t need to train him, which saves it a lot of money! <===
===============================================
There has been a lot of talk both in the U.S. and internationally about a shortage in skilled IT professionals - with a predicted 864,000 IT vacancies in Europe alone by 2015.
What are these skills that organizations are looking for? This infographic by via resource highlights the top skills that make a successful information security professional and skills the future workforce will need to tackle emerging threats.
Learn more:
- http://www.scoop.it/t/securite-pc-et-internet?tag=Infographic
- http://www.scoop.it/t/21st-century-learning-and-teaching?tag=Infographi
- http://www.scoop.it/t/ict-security-tools
Check also:
- https://gustmees.wordpress.com/
- https://gustmeesen.wordpress.com/
- https://gustmeesfr.wordpress.com/
Jean-Pierre Blanger's curator insight,
August 1, 2015 4:19 PM
In the 21st Century, Education has a BIG responsibility to adapt to the very quick change in the world and to teach the students the knowledge they need and which are required to fulfill the market’s needs!
The market’s needs are ALSO to employ people with the basics of Cyber-Security knowledge as a modern company needs to protect its online reputation and a data loss could be lethal to them, their ruin eventually! SO, the new employees is the students coming out of school, College, High school, Universities; ALL of them need to have the basic knowledge of Cyber-Security to be competitive in a working market where there is more and more unemployment worldwide…
===> A company would take advantage of a new employee who as already the necessary knowledge of Cyber-Security as the company doesn’t need to train him, which saves it a lot of money! <===
===============================================
There has been a lot of talk both in the U.S. and internationally about a shortage in skilled IT professionals - with a predicted 864,000 IT vacancies in Europe alone by 2015.
What are these skills that organizations are looking for? This infographic by via resource highlights the top skills that make a successful information security professional and skills the future workforce will need to tackle emerging threats.
Learn more:
- http://www.scoop.it/t/securite-pc-et-internet?tag=Infographic
- http://www.scoop.it/t/21st-century-learning-and-teaching?tag=Infographi
- http://www.scoop.it/t/ict-security-tools
Check also:
- https://gustmees.wordpress.com/
- https://gustmeesen.wordpress.com/
- https://gustmeesfr.wordpress.com/
Scoop.it!
X uses your data to train its Grok AI assistant, but if you’d like to opt out of that, you can do that right from your settings menu. It is accessible on the web right here, or you can find it yourself if you click the three dots menu, then “Settings and privacy,” then “Privacy and safety,” and then “Grok.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=ChatGPT
https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Ethics
Gust MEES's insight:
X uses your data to train its Grok AI assistant, but if you’d like to opt out of that, you can do that right from your settings menu. It is accessible on the web right here, or you can find it yourself if you click the three dots menu, then “Settings and privacy,” then “Privacy and safety,” and then “Grok.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=ChatGPT
https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Ethics
Scoop.it!
Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA
https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=MFA
Gust MEES's insight:
Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA
https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=MFA
Scoop.it!
Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=GitHub
Gust MEES's insight:
Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=GitHub
Scoop.it!
An AI threat guide, outlining cyberattacks that target or leverage machine learning models, was published by the National Institute of Standards and Technology (NIST) on Jan. 4.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=ChatGPT
https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Ethics
Gust MEES's insight:
An AI threat guide, outlining cyberattacks that target or leverage machine learning models, was published by the National Institute of Standards and Technology (NIST) on Jan. 4.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=ChatGPT
https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Ethics
Scoop.it!
From
www
Exploit erlaubt böswilligen Zugriff trotz Passwort-Reset
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/securite-pc-et-internet
Gust MEES's insight:
Exploit erlaubt böswilligen Zugriff trotz Passwort-Reset
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/securite-pc-et-internet
Scoop.it!
A recently discovered cross-platform malware, appropriately named JaskaGO, has surfaced, targeting both macOS and Windows systems.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/securite-pc-et-internet
Gust MEES's insight:
A recently discovered cross-platform malware, appropriately named JaskaGO, has surfaced, targeting both macOS and Windows systems.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/securite-pc-et-internet
Scoop.it!
From
t3n
Google macht Passkeys zur Standard-Anmeldung für alle
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/securite-pc-et-internet
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=PassKey
Gust MEES's insight:
Google macht Passkeys zur Standard-Anmeldung für alle
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/securite-pc-et-internet
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=PassKey
Scoop.it!
The fake TradingView website is hosted on trabingviews[.]com, with special font characters being used to make it look like the legitimate domain and help it avoid detection.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/securite-pc-et-internet
Gust MEES's insight:
The fake TradingView website is hosted on trabingviews[.]com, with special font characters being used to make it look like the legitimate domain and help it avoid detection.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/securite-pc-et-internet
Scoop.it!
The threat actors behind the Monti ransomware have resurfaced after a two-month break with a new Linux version of the encryptor in its attacks targeting government and legal sectors.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux
Gust MEES's insight:
The threat actors behind the Monti ransomware have resurfaced after a two-month break with a new Linux version of the encryptor in its attacks targeting government and legal sectors.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux
Scoop.it!
CHATGPT AND ITS artificially intelligent siblings have been tweaked over and over to prevent troublemakers from getting them to spit out undesirable messages such as hate speech, personal information, or step-by-step instructions for building an improvised bomb. But researchers at Carnegie Mellon University last week showed that adding a simple incantation to a prompt—a string text that might look like gobbledygook to you or me but which carries subtle significance to an AI model trained on huge quantities of web data—can defy all of these defenses in several popular chatbots at once.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=ChatGPT
https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Ethics
Gust MEES's insight:
CHATGPT AND ITS artificially intelligent siblings have been tweaked over and over to prevent troublemakers from getting them to spit out undesirable messages such as hate speech, personal information, or step-by-step instructions for building an improvised bomb. But researchers at Carnegie Mellon University last week showed that adding a simple incantation to a prompt—a string text that might look like gobbledygook to you or me but which carries subtle significance to an AI model trained on huge quantities of web data—can defy all of these defenses in several popular chatbots at once.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=ChatGPT
https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Ethics
Scoop.it!
Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers to a botnet designed to steal bandwidth and provide a hidden residential proxy service.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux
Gust MEES's insight:
Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers to a botnet designed to steal bandwidth and provide a hidden residential proxy service.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux
Scoop.it!
Mastodon, the free and open-source decentralized social networking platform, has patched four vulnerabilities, one of them critical that allows hackers to create arbitrary files on the server using specially crafted media files.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/social-media-and-its-influence/?&tag=Mastodon
Gust MEES's insight:
Mastodon, the free and open-source decentralized social networking platform, has patched four vulnerabilities, one of them critical that allows hackers to create arbitrary files on the server using specially crafted media files.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/social-media-and-its-influence/?&tag=Mastodon
|
Scoop.it!
Attack overview
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA
https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=MFA
Gust MEES's insight:
Attack overview
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA
https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=MFA
Scoop.it!
The New York Times reported on July 4, 2024, that OpenAI suffered an undisclosed breach in early 2023.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=ChatGPT
https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Ethics
Gust MEES's insight:
The New York Times reported on July 4, 2024, that OpenAI suffered an undisclosed breach in early 2023.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=ChatGPT
https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Ethics
Scoop.it!
From
www
Bootloader-Lücke gefährdet viele Linux-Distributionen
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux
Gust MEES's insight:
Bootloader-Lücke gefährdet viele Linux-Distributionen
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux
Scoop.it!
Hackers have found a way to gain unauthorized access to Google accounts, bypassing any multi-factor authentication (MFA) the user may have set up. To do this they steal authentication cookies and then extend their lifespan. It doesn’t even help if the owner of the account changes their password.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA
https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=MFA
Gust MEES's insight:
Hackers have found a way to gain unauthorized access to Google accounts, bypassing any multi-factor authentication (MFA) the user may have set up. To do this they steal authentication cookies and then extend their lifespan. It doesn’t even help if the owner of the account changes their password.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA
https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=MFA
Scoop.it!
From
t3n
Google-Nutzer aufgepasst: Trojaner nutzt Cookies, um Konten zu übernehmen
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/securite-pc-et-internet
Gust MEES's insight:
Google-Nutzer aufgepasst: Trojaner nutzt Cookies, um Konten zu übernehmen
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/securite-pc-et-internet
Scoop.it!
ChatGPT est victime d’une nouvelle faille de sécurité. En exploitant cette brèche, il est possible d’extraire des données sensibles concernant des individus en s’adressant au chatbot d’OpenAI.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=ChatGPT
https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Ethics
Gust MEES's insight:
ChatGPT est victime d’une nouvelle faille de sécurité. En exploitant cette brèche, il est possible d’extraire des données sensibles concernant des individus en s’adressant au chatbot d’OpenAI.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=ChatGPT
https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Ethics
Scoop.it!
Google is making passkeys the default option, aiming to replace passwords altogether.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/securite-pc-et-internet
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=PassKey
Gust MEES's insight:
Google is making passkeys the default option, aiming to replace passwords altogether.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/securite-pc-et-internet
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=PassKey
Scoop.it!
A reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing malware.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux
Gust MEES's insight:
A reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing malware.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux
Scoop.it!
A trio of researchers split between Italy and the UK have recently published a paper about cryptographic insecurities they found in a widely-known smart light bulb.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?tag=Smart+Home
Gust MEES's insight:
A trio of researchers split between Italy and the UK have recently published a paper about cryptographic insecurities they found in a widely-known smart light bulb.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?tag=Smart+Home
Scoop.it!
Russian hackers and cybercrime forums are notorious for exploiting critical infrastructure. Last month, Hackread.com exclusively reported that a Russian-speaking threat actor was selling access to a US military satellite. Now, researchers have identified macOS malware being sold for $60,000.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=ChatGPT
https://www.scoop.it/topic/apple-mac-ios4-ipad-iphone-and-in-security
https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Ethics
Gust MEES's insight:
Russian hackers and cybercrime forums are notorious for exploiting critical infrastructure. Last month, Hackread.com exclusively reported that a Russian-speaking threat actor was selling access to a US military satellite. Now, researchers have identified macOS malware being sold for $60,000.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=ChatGPT
https://www.scoop.it/topic/apple-mac-ios4-ipad-iphone-and-in-security
https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Ethics
Scoop.it!
Researchers jailbreak AI chatbots, including ChatGPT
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=ChatGPT
https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Ethics
Gust MEES's insight:
Researchers jailbreak AI chatbots, including ChatGPT
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=ChatGPT
https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Ethics
Scoop.it!
Kryptomining-Malware versteckt sich ausschließlich im Ram
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux
Gust MEES's insight:
Kryptomining-Malware versteckt sich ausschließlich im Ram
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux
Scoop.it!
From
www
Die Entwickler der quelloffenen Software hinter dem sozialen Netzwerk Mastodon haben kürzlich ein Sicherheitsupdate für die aufstrebende Twitter-Alternative veröffentlicht. Damit behoben sie insgesamt fünf Schwachstellen, von denen eine es Hackern ermöglichte, ganze Mastodon-Instanzen zu kapern. Auf Github heißt es zu der als CVE-2023-36460 registrierten Sicherheitslücke, sie erlaube es "Angreifern, jede Datei zu erstellen und zu überschreiben, auf die Mastodon Zugriff hat". Dadurch seien etwa Denial-of-Service-Angriffe oder eine beliebige Codeausführung aus der Ferne (RCE) umsetzbar.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/social-media-and-its-influence/?&tag=Mastodon
Gust MEES's insight:
Die Entwickler der quelloffenen Software hinter dem sozialen Netzwerk Mastodon haben kürzlich ein Sicherheitsupdate für die aufstrebende Twitter-Alternative veröffentlicht. Damit behoben sie insgesamt fünf Schwachstellen, von denen eine es Hackern ermöglichte, ganze Mastodon-Instanzen zu kapern. Auf Github heißt es zu der als CVE-2023-36460 registrierten Sicherheitslücke, sie erlaube es "Angreifern, jede Datei zu erstellen und zu überschreiben, auf die Mastodon Zugriff hat". Dadurch seien etwa Denial-of-Service-Angriffe oder eine beliebige Codeausführung aus der Ferne (RCE) umsetzbar.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/social-media-and-its-influence/?&tag=Mastodon
|