ICT Security-Sécurité PC et Internet
87.1K views | +0 today
Follow
ICT Security-Sécurité PC et Internet
Education Technology
ICT Security + Privacy + Piracy + Data Protection - Censorship - Des cours et infos gratuites sur la"Sécurité PC et Internet" pour usage non-commercial... (FR, EN+DE)...
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks

New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks | ICT Security-Sécurité PC et Internet | Scoop.it
From thehackernews.com - March 17, 2023 1:38 PM

A new Golang-based botnet dubbed HinataBot has been observed to leverage known flaws to compromise routers and servers and use them to stage distributed denial-of-service (DDoS) attacks.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

Gust MEES's insight:

A new Golang-based botnet dubbed HinataBot has been observed to leverage known flaws to compromise routers and servers and use them to stage distributed denial-of-service (DDoS) attacks.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Tor and I2P networks hit by wave of ongoing DDoS attacks

Tor and I2P networks hit by wave of ongoing DDoS attacks | ICT Security-Sécurité PC et Internet | Scoop.it
From www.bleepingcomputer.com - February 8, 2023 4:42 PM

If you've been experiencing Tor network connectivity and performance issues lately, you're not the only one since many others have had problems with onion and i2p sites loading slower or not loading at all.

Tor Project's Executive Director Isabela Dias Fernandes revealed on Tuesday that a wave of distributed denial-of-service (DDoS) attacks has been targeting the network since at least July 2022.

"At some points, the attacks impacted the network severely enough that users could not load pages or access onion services," Fernandes said on Tuesday.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

Gust MEES's insight:

If you've been experiencing Tor network connectivity and performance issues lately, you're not the only one since many others have had problems with onion and i2p sites loading slower or not loading at all.

Tor Project's Executive Director Isabela Dias Fernandes revealed on Tuesday that a wave of distributed denial-of-service (DDoS) attacks has been targeting the network since at least July 2022.

"At some points, the attacks impacted the network severely enough that users could not load pages or access onion services," Fernandes said on Tuesday.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

ChatGPT is enabling script kiddies to write functional malware

ChatGPT is enabling script kiddies to write functional malware | ICT Security-Sécurité PC et Internet | Scoop.it
From arstechnica.com - January 12, 2023 10:20 AM

ChatGPT is enabling script kiddies to write functional malware
For a beta, ChatGPT isn't all that bad at writing fairly decent malware.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=ChatGPT

 

 

Gust MEES's insight:

ChatGPT is enabling script kiddies to write functional malware
For a beta, ChatGPT isn't all that bad at writing fairly decent malware.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=ChatGPT

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Attackers Are Already Exploiting #ChatGPT to Write Malicious Code | #CyberSecurity #Malware

Attackers Are Already Exploiting #ChatGPT to Write Malicious Code | #CyberSecurity #Malware | ICT Security-Sécurité PC et Internet | Scoop.it
From www.darkreading.com - January 10, 2023 11:30 AM

Attackers Are Already Exploiting ChatGPT to Write Malicious Code
The AI-based chatbot is allowing bad actors with absolutely no coding experience to develop malware.

Since OpenAI released ChatGPT in late November, many security experts have predicted it would only be a matter of time before cybercriminals began using the AI chatbot for writing malware and enabling other nefarious activities. Just weeks later, it looks like that time is already here.

In fact, researchers at Check Point Research (CPR) have reported spotting at least three instances where black hat hackers demonstrated, in underground forums, how they had leveraged ChatGPT's AI-smarts for malicious purposes.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=ChatGPT

 

 

Gust MEES's insight:

Attackers Are Already Exploiting ChatGPT to Write Malicious Code
The AI-based chatbot is allowing bad actors with absolutely no coding experience to develop malware.

Since OpenAI released ChatGPT in late November, many security experts have predicted it would only be a matter of time before cybercriminals began using the AI chatbot for writing malware and enabling other nefarious activities. Just weeks later, it looks like that time is already here.

In fact, researchers at Check Point Research (CPR) have reported spotting at least three instances where black hat hackers demonstrated, in underground forums, how they had leveraged ChatGPT's AI-smarts for malicious purposes.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=ChatGPT

 

 

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

WhatsApp-Nummern von sechs Millionen Deutschen werden im Netz verkauft

WhatsApp-Nummern von sechs Millionen Deutschen werden im Netz verkauft | ICT Security-Sécurité PC et Internet | Scoop.it
From www.focus.de - November 24, 2022 7:46 AM

WhatsApp-Nummern von sechs Millionen Deutschen werden im Netz verkauft.

teleschauWhatsApp-Nummern von sechs Millionen Deutschen werden im Netz verkauft
Donnerstag, 24.11.2022, 13:27
In einem beliebten Hacker-Forum werden aktuell WhatsApp-Daten von knapp einer halben Milliarde Nutzern verkauft. Darunter sind auch sechs Millionen Deutsche.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://gustmees.wordpress.com/2014/03/05/often-asked-questions-are-there-cyber-security-dangers-with-apps-and-whats-about-privacy/

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=WhatsApp...

 

 

Gust MEES's insight:

WhatsApp-Nummern von sechs Millionen Deutschen werden im Netz verkauft.

teleschauWhatsApp-Nummern von sechs Millionen Deutschen werden im Netz verkauft
Donnerstag, 24.11.2022, 13:27
In einem beliebten Hacker-Forum werden aktuell WhatsApp-Daten von knapp einer halben Milliarde Nutzern verkauft. Darunter sind auch sechs Millionen Deutsche.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://gustmees.wordpress.com/2014/03/05/often-asked-questions-are-there-cyber-security-dangers-with-apps-and-whats-about-privacy/

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=WhatsApp...

 

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars

New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars | ICT Security-Sécurité PC et Internet | Scoop.it
From thehackernews.com - August 6, 2022 7:11 AM

A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas.

The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy (BLE), a wireless technology used for authenticating Bluetooth devices that are physically located within a close range.

"An attacker can falsely indicate the proximity of Bluetooth LE (BLE) devices to one another through the use of a relay attack," U.K.-based cybersecurity company NCC Group said. "This may enable unauthorized access to devices in BLE-based proximity authentication systems.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Bluetooth

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=BLURtooth

 

Gust MEES's insight:

A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas.

The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy (BLE), a wireless technology used for authenticating Bluetooth devices that are physically located within a close range.

"An attacker can falsely indicate the proximity of Bluetooth LE (BLE) devices to one another through the use of a relay attack," U.K.-based cybersecurity company NCC Group said. "This may enable unauthorized access to devices in BLE-based proximity authentication systems.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Bluetooth

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=BLURtooth

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

New Gmail Attack Bypasses Passwords And 2FA To Read All Email | #CyberSecurity #NobodyIsPerfect 

New Gmail Attack Bypasses Passwords And 2FA To Read All Email | #CyberSecurity #NobodyIsPerfect  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.forbes.com - August 5, 2022 5:26 AM

Among the best practice items for Gmail security protection, strengthening your login credentials and enabling two-step verification are high on the list, as I mentioned in an article over the weekend. But what if I were to tell you that security researchers have now uncovered evidence of one likely state-sponsored attack group that has found a way to bypass even these protections?

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=MFA

 

Gust MEES's insight:

Among the best practice items for Gmail security protection, strengthening your login credentials and enabling two-step verification are high on the list, as I mentioned in an article over the weekend. But what if I were to tell you that security researchers have now uncovered evidence of one likely state-sponsored attack group that has found a way to bypass even these protections?

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=MFA

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Bluetooth is bad and you should stop using it | #CyberSecurity #Privacy

Bluetooth is bad and you should stop using it | #CyberSecurity #Privacy | ICT Security-Sécurité PC et Internet | Scoop.it
From mashable.com - June 16, 2022 4:26 PM

Everyone uses Bluetooth. Perhaps they shouldn't.

The technology that we've come to rely on to connect our phones, smart speakers, cars, vibrators, and toasters is problematic for reasons more serious than pairing issues. Bluetooth has been shown time and time again to be a security and privacy nightmare — albeit one that can be mostly solved with a simple toggling of an off switch.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Bluetooth

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=BLURtooth

 

Gust MEES's insight:

Everyone uses Bluetooth. Perhaps they shouldn't.

The technology that we've come to rely on to connect our phones, smart speakers, cars, vibrators, and toasters is problematic for reasons more serious than pairing issues. Bluetooth has been shown time and time again to be a security and privacy nightmare — albeit one that can be mostly solved with a simple toggling of an off switch.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Bluetooth

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=BLURtooth

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Microsoft points out privilege-escalation flaws in Linux | #CyberSecurity #Nimbuspwn

Microsoft points out privilege-escalation flaws in Linux | #CyberSecurity #Nimbuspwn | ICT Security-Sécurité PC et Internet | Scoop.it
From www.theregister.com - April 27, 2022 6:44 PM

Flaws in networkd-dispatcher, a service used in the Linux world, can be exploited by a rogue logged-in user or application to escalate their privileges to root level, allowing the box to be commandeered, Microsoft researchers said Wednnesday.

It's nice of Redmond to point out these flaws and have them fixed in any affected distributions; the US tech giant is a big user of Linux and relies on the open-source OS throughout its empire. It's just a little perplexing the biz went to all the effort of a big write-up and giving the flaws a catchy name, Nimbuspwn, when countless privilege-elevation holes are fixed in its Windows operating system each month, and we can't recall Microsoft lately making this much of a song and dance over them.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Gust MEES's insight:

Flaws in networkd-dispatcher, a service used in the Linux world, can be exploited by a rogue logged-in user or application to escalate their privileges to root level, allowing the box to be commandeered, Microsoft researchers said Wednnesday.

It's nice of Redmond to point out these flaws and have them fixed in any affected distributions; the US tech giant is a big user of Linux and relies on the open-source OS throughout its empire. It's just a little perplexing the biz went to all the effort of a big write-up and giving the flaws a catchy name, Nimbuspwn, when countless privilege-elevation holes are fixed in its Windows operating system each month, and we can't recall Microsoft lately making this much of a song and dance over them.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Borat RAT malware: A 'unique' triple threat that is far from funny

Borat RAT malware: A 'unique' triple threat that is far from funny | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - April 4, 2022 2:41 PM

A new Remote Access Trojan (RAT) might have an amusing name to some, but its capabilities show the malware to be no laughing matter.

Dubbed Borat RAT, Cyble Research Labs said in a recent malware analysis that the new threat doesn't settle for standard remote access capabilities; instead, Borat RAT also includes spyware and ransomware functions.

According to the cybersecurity researchers, the Trojan, named after the character adopted by comedian Sacha Baron Cohen, is offered for sale to cybercriminals in underground forums.

Borat RAT has a centralized dashboard and is packaged up with a builder, feature modules, and a server certificate.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=RAT

 

Gust MEES's insight:

A new Remote Access Trojan (RAT) might have an amusing name to some, but its capabilities show the malware to be no laughing matter.

Dubbed Borat RAT, Cyble Research Labs said in a recent malware analysis that the new threat doesn't settle for standard remote access capabilities; instead, Borat RAT also includes spyware and ransomware functions.

According to the cybersecurity researchers, the Trojan, named after the character adopted by comedian Sacha Baron Cohen, is offered for sale to cybercriminals in underground forums.

Borat RAT has a centralized dashboard and is packaged up with a builder, feature modules, and a server certificate.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=RAT

 

more...
Anna Maria Przekwas's curator insight, December 14, 2022 3:04 PM

R.A.T. (Remote Access Trojans - trojany dające zdalny dostęp) są trojanami nowej generacji, służącymi hakerom do kontrolowania i nadzorowania komputerów swoich ofiar. Ta rodzina szkodników rozmnaża się równie szybko, jak jej odpowiednik ze świata zwierząt.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

FBI, CISA Warn of Russian Hackers Exploiting MFA and PrintNightmare Bug

FBI, CISA Warn of Russian Hackers Exploiting MFA and PrintNightmare Bug | ICT Security-Sécurité PC et Internet | Scoop.it
From thehackernews.com - March 16, 2022 5:05 PM

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint advisory warning that Russia-backed threat actors hacked the network of an unnamed non-governmental entity by exploiting a combination of flaws.

"As early as May 2021, Russian state-sponsored cyber actors took advantage of a misconfigured account set to default [multi-factor authentication] protocols at a non-governmental organization (NGO), allowing them to enroll a new device for MFA and access the victim network," the agencies said.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=MFA

 

Gust MEES's insight:

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint advisory warning that Russia-backed threat actors hacked the network of an unnamed non-governmental entity by exploiting a combination of flaws.

"As early as May 2021, Russian state-sponsored cyber actors took advantage of a misconfigured account set to default [multi-factor authentication] protocols at a non-governmental organization (NGO), allowing them to enroll a new device for MFA and access the victim network," the agencies said.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=MFA

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Dozens of COVID passport apps put user's privacy at risk | #CyberSecurity #COVID19 #CoronaVirus 

Dozens of COVID passport apps put user's privacy at risk | #CyberSecurity #COVID19 #CoronaVirus  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.bleepingcomputer.com - March 7, 2022 3:10 PM

Roughly two-thirds of test digital vaccination applications commonly used today as safe passes and travel passports exhibit behavior that may put users' privacy at risk.

The risks are substantial as these apps are required for large populations worldwide, allowing hackers an extensive target base.

Digital passports
Digital passport apps store proof of a person's COVID-19 vaccination status, full name, ID number, date of birth, and other personally identifiable information (PII) encoded in a QR code or displayed directly in the app.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Privacy

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Coronavirus

 

 

Gust MEES's insight:

Roughly two-thirds of test digital vaccination applications commonly used today as safe passes and travel passports exhibit behavior that may put users' privacy at risk.

The risks are substantial as these apps are required for large populations worldwide, allowing hackers an extensive target base.

Digital passports
Digital passport apps store proof of a person's COVID-19 vaccination status, full name, ID number, date of birth, and other personally identifiable information (PII) encoded in a QR code or displayed directly in the app.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Privacy

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Coronavirus

 

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Scam artists swindle NFTs worth 'millions' in OpenSea phishing attack | #CyberSecurity 

Scam artists swindle NFTs worth 'millions' in OpenSea phishing attack | #CyberSecurity  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - February 25, 2022 3:51 PM

Scam artists have taken advantage of a contract migration initiative to swindle NFTs out of users in an opportunistic phishing attack.

Last week, NFT marketplace OpenSea announced the rollout of contract migrations and an upgrade to make sure inactive, old NFT listings on Ethereum expire safely and to allow OpenSea to "offer new safety features in the future."

The contract migration timeline was set from February 18 to February 25. 

NFT holders are required to make the change, and OpenSea published a guide to assist them. After the deadline, any listings that were not migrated would expire, although they could be re-listed after this window without further fees. 

However, an attacker saw an opportunity to cash in. Check Point Research has suggested that phishing emails were sent to users, linking them to fraudulent websites.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=blockchain

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=WEB3 

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=crypto-currency

 

Gust MEES's insight:

Scam artists have taken advantage of a contract migration initiative to swindle NFTs out of users in an opportunistic phishing attack.

Last week, NFT marketplace OpenSea announced the rollout of contract migrations and an upgrade to make sure inactive, old NFT listings on Ethereum expire safely and to allow OpenSea to "offer new safety features in the future."

The contract migration timeline was set from February 18 to February 25. 

NFT holders are required to make the change, and OpenSea published a guide to assist them. After the deadline, any listings that were not migrated would expire, although they could be re-listed after this window without further fees. 

However, an attacker saw an opportunity to cash in. Check Point Research has suggested that phishing emails were sent to users, linking them to fraudulent websites.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=blockchain

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=WEB3 

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=crypto-currency

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Linux Support Expands Cyber Spy Group's Arsenal

Linux Support Expands Cyber Spy Group's Arsenal | ICT Security-Sécurité PC et Internet | Scoop.it
From www.darkreading.com - March 2, 2023 12:57 PM

A pervasive cyber-espionage group known as Iron Tiger, believed to be out of China, has updated one of its malware frameworks to attack Linux-based systems.


Researchers at Trend Micro recently discovered that Iron Tiger (aka Emissary Panda or APT27) had added new features to its so called SysUpdate malware family, which allows it to infect Linux platforms in addition to Windows. SysUpdate abuses system services, grabs screenshots, browses and terminates processes, retrieves drive information, executes commands, and can find, delete, rename, upload, and download files as well as peruse a victim's file directory.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Gust MEES's insight:

A pervasive cyber-espionage group known as Iron Tiger, believed to be out of China, has updated one of its malware frameworks to attack Linux-based systems.


Researchers at Trend Micro recently discovered that Iron Tiger (aka Emissary Panda or APT27) had added new features to its so called SysUpdate malware family, which allows it to infect Linux platforms in addition to Windows. SysUpdate abuses system services, grabs screenshots, browses and terminates processes, retrieves drive information, executes commands, and can find, delete, rename, upload, and download files as well as peruse a victim's file directory.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

ChatGPT: A New Wave of Cybersecurity Concerns?

ChatGPT: A New Wave of Cybersecurity Concerns? | ICT Security-Sécurité PC et Internet | Scoop.it
From www.infosecurity-magazine.com - February 1, 2023 11:20 AM

As 2022 ended, OpenAI made ChatGPT live to the world. It is an artificially intelligent research and deployment chatbot that interacts through text using realistic human responses. Its deep learning techniques can generate conversations that convince anyone they are interacting with an actual human. 

Like opening the jar and releasing the genie, its impact is relatively unknown, but grave intrigue and curiosity surrounded it. How will it be used; how does it work; is it for good or evil? No, this is not the next Terminator sequel…

Its intentions are certainly for positive use, and its articulate responses have led many to claim it as the best chatbot to be released. However, in a short period, ChatGPT has already been linked to cyber threats as cyber-criminals leverage its advanced capabilities for nefarious means. 

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=ChatGPT

 

 

Gust MEES's insight:

As 2022 ended, OpenAI made ChatGPT live to the world. It is an artificially intelligent research and deployment chatbot that interacts through text using realistic human responses. Its deep learning techniques can generate conversations that convince anyone they are interacting with an actual human. 

Like opening the jar and releasing the genie, its impact is relatively unknown, but grave intrigue and curiosity surrounded it. How will it be used; how does it work; is it for good or evil? No, this is not the next Terminator sequel…

Its intentions are certainly for positive use, and its articulate responses have led many to claim it as the best chatbot to be released. However, in a short period, ChatGPT has already been linked to cyber threats as cyber-criminals leverage its advanced capabilities for nefarious means. 

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=ChatGPT

 

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

ChatGPT est déjà détourné pour écrire des logiciels malveillants | #CyberSecurity

ChatGPT est déjà détourné pour écrire des logiciels malveillants | #CyberSecurity | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.fr - January 12, 2023 6:20 AM

ChatGPT est déjà détourné pour écrire des logiciels malveillants
Sécurité : L'analyse des discussions sur les forums du dark web montre que des efforts sont déjà en cours pour utiliser le chatbot d'OpenAI afin d'aider à la rédaction de logiciels malveillants.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=ChatGPT

 

Gust MEES's insight:

ChatGPT est déjà détourné pour écrire des logiciels malveillants
Sécurité : L'analyse des discussions sur les forums du dark web montre que des efforts sont déjà en cours pour utiliser le chatbot d'OpenAI afin d'aider à la rédaction de logiciels malveillants.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=ChatGPT

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Une grave faille de sécurité affecte le noyau Linux | #CyberSecurity

Une grave faille de sécurité affecte le noyau Linux | #CyberSecurity | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.fr - December 27, 2022 3:09 PM

Une grave faille de sécurité affecte le noyau Linux
Sécurité : La faille de sécurité affecte ksmbd, un serveur SMB intégré au noyau de Linux 5.15, et sa note de gravité avoisine le 10, selon la ZDI.

Joyeux Noël à tous les administrateurs de systèmes Linux ! Et en guise de cadeau : une grave faille de sécurité dans le noyau Linux.

C’est la Zero Day Initiative (ZDI), une société de recherche sur les failles zero-day, qui l’a découverte et annoncée juste avant le réveillon.

Cette vulnérabilité pourrait permettre à un attaquant à distance authentifié de divulguer des informations sensibles et d’exécuter du code sur les versions vulnérables du noyau Linux.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

 
Gust MEES's insight:

Une grave faille de sécurité affecte le noyau Linux
Sécurité : La faille de sécurité affecte ksmbd, un serveur SMB intégré au noyau de Linux 5.15, et sa note de gravité avoisine le 10, selon la ZDI.

Joyeux Noël à tous les administrateurs de systèmes Linux ! Et en guise de cadeau : une grave faille de sécurité dans le noyau Linux.

C’est la Zero Day Initiative (ZDI), une société de recherche sur les failles zero-day, qui l’a découverte et annoncée juste avant le réveillon.

Cette vulnérabilité pourrait permettre à un attaquant à distance authentifié de divulguer des informations sensibles et d’exécuter du code sur les versions vulnérables du noyau Linux.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

 
more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Smartphones Can Be Tracked Via Bluetooth Signals

Smartphones Can Be Tracked Via Bluetooth Signals | ICT Security-Sécurité PC et Internet | Scoop.it
From www.techworm.net - August 10, 2022 8:06 AM

Researchers from the University of California San Diego in a new paper have demonstrated how Bluetooth signals can be used to identify and track smartphones.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Bluetooth

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=BLURtooth

 

Gust MEES's insight:

Researchers from the University of California San Diego in a new paper have demonstrated how Bluetooth signals can be used to identify and track smartphones.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Bluetooth

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=BLURtooth

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Twitter confirms zero-day used to expose data of 5.4 million accounts  | #CyberSecurity #Socialmedia 

Twitter confirms zero-day used to expose data of 5.4 million accounts  | #CyberSecurity #Socialmedia  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.bleepingcomputer.com - August 6, 2022 6:40 AM

Twitter has confirmed a recent data breach was caused by a now-patched zero-day vulnerability used to link email addresses and phone numbers to users' accounts, allowing a threat actor to compile a list of 5.4 million user account profiles.

Last month, BleepingComputer spoke to a threat actor who said that they were able to create a list of 5.4 million Twitter account profiles using a vulnerability on the social media site.

This vulnerability allowed anyone to submit an email address or phone number, verify if it was associated with a Twitter account, and retrieve the associated account ID. The threat actor then used this ID to scrape the public information for the account.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Twitter

 

Gust MEES's insight:

Twitter has confirmed a recent data breach was caused by a now-patched zero-day vulnerability used to link email addresses and phone numbers to users' accounts, allowing a threat actor to compile a list of 5.4 million user account profiles.

Last month, BleepingComputer spoke to a threat actor who said that they were able to create a list of 5.4 million Twitter account profiles using a vulnerability on the social media site.

This vulnerability allowed anyone to submit an email address or phone number, verify if it was associated with a Twitter account, and retrieve the associated account ID. The threat actor then used this ID to scrape the public information for the account.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Twitter

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Abschaffung der Passwörter: Google will FIDO-Indentität Ende-zu-Ende sichern | #CyberSecurity #Passwords

Abschaffung der Passwörter: Google will FIDO-Indentität Ende-zu-Ende sichern | #CyberSecurity #Passwords | ICT Security-Sécurité PC et Internet | Scoop.it
From www.heise.de - July 3, 2022 10:36 AM

Zukünftig soll es möglich sein, sich von all seinen Geräten aus sicher und ohne Passwort bei Online-Diensten anzumelden, verspricht die Allianz für Fast IDentity Online (FIDO). Bei der Synchronisierung der FIDO-Identitäten über die Cloud zeichnet sich jetzt ein Paradigmenwechsel ab: Die könnte nämlich Ende-zu-Ende-verschlüsselt erfolgen – also, ohne dass die Cloud-Betreiber Zugriff darauf erhalten. Dazu hat sich nach Apple überraschend jetzt auch Google committet.

Die FIDO hat ein technisch ausgefeiltes Konzept zur Anmeldung bei Internet-Diensten auf Basis von asymmetrischer Kryptografie und Challenge-Response-Verfahren entworfen, das deutlich sicherer als Passwörter und noch dazu komfortabel ist. Um tatsächlich Passwörter ablösen zu können, will man, dass der Anwender zukünftig seine FIDO-Identität auf all seinen Geräten nutzen kann – auf dem Smartphone genauso wie auf dem PC. Dazu muss ein geheimer Schlüssel auf all diese Geräte verteilt werden, was gemäß FIDO über die Infrastruktur der großen Plattform-Provider – also primär Google, Apple und Microsoft geschehen soll. Alle drei haben sich auch bereits dazu bekannt, das umzusetzen.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=FIDO

 

Gust MEES's insight:

Zukünftig soll es möglich sein, sich von all seinen Geräten aus sicher und ohne Passwort bei Online-Diensten anzumelden, verspricht die Allianz für Fast IDentity Online (FIDO). Bei der Synchronisierung der FIDO-Identitäten über die Cloud zeichnet sich jetzt ein Paradigmenwechsel ab: Die könnte nämlich Ende-zu-Ende-verschlüsselt erfolgen – also, ohne dass die Cloud-Betreiber Zugriff darauf erhalten. Dazu hat sich nach Apple überraschend jetzt auch Google committet.

Die FIDO hat ein technisch ausgefeiltes Konzept zur Anmeldung bei Internet-Diensten auf Basis von asymmetrischer Kryptografie und Challenge-Response-Verfahren entworfen, das deutlich sicherer als Passwörter und noch dazu komfortabel ist. Um tatsächlich Passwörter ablösen zu können, will man, dass der Anwender zukünftig seine FIDO-Identität auf all seinen Geräten nutzen kann – auf dem Smartphone genauso wie auf dem PC. Dazu muss ein geheimer Schlüssel auf all diese Geräte verteilt werden, was gemäß FIDO über die Infrastruktur der großen Plattform-Provider – also primär Google, Apple und Microsoft geschehen soll. Alle drei haben sich auch bereits dazu bekannt, das umzusetzen.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=FIDO

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Google, Apple et Microsoft promettent un « avenir sans mots de passe » | #CyberSecurity #Passwords #FIDO #PassKey 

Google, Apple et Microsoft promettent un « avenir sans mots de passe » | #CyberSecurity #Passwords #FIDO #PassKey  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.fr - May 5, 2022 3:18 PM

Résultat des courses : vous n'aurez bientôt plus besoin d'un mot de passe pour vous connecter à vos appareils, à des sites web ou à des applications.

Au lieu de cela, votre téléphone stockera un justificatif FIDO appelé "passkey", qui sera utilisé pour déverrouiller votre appareil – et l'ensemble de vos comptes en ligne. Il s'agit d'un dispositif plus sûr qu'un mot de passe, car cette clé est protégée par de la cryptographie et n'est montrée à votre compte en ligne que lorsque vous déverrouillez votre appareil. A contrario, les mots de passe nous rendent vulnérables aux tentatives d’hameçonnage et à nos propres mauvaises habitudes, comme l'utilisation du même mot de passe sur plusieurs comptes.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

Gust MEES's insight:

Résultat des courses : vous n'aurez bientôt plus besoin d'un mot de passe pour vous connecter à vos appareils, à des sites web ou à des applications.

Au lieu de cela, votre téléphone stockera un justificatif FIDO appelé "passkey", qui sera utilisé pour déverrouiller votre appareil – et l'ensemble de vos comptes en ligne. Il s'agit d'un dispositif plus sûr qu'un mot de passe, car cette clé est protégée par de la cryptographie et n'est montrée à votre compte en ligne que lorsque vous déverrouillez votre appareil. A contrario, les mots de passe nous rendent vulnérables aux tentatives d’hameçonnage et à nos propres mauvaises habitudes, comme l'utilisation du même mot de passe sur plusieurs comptes.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Bored Apes Yacht Club's Instagram hacked, resulting in theft of millions of dollars of NFTs | #CyberSecurity 

Bored Apes Yacht Club's Instagram hacked, resulting in theft of millions of dollars of NFTs | #CyberSecurity  | ICT Security-Sécurité PC et Internet | Scoop.it
From mashable.com - April 27, 2022 7:36 AM

The multibillion dollar valued Bored Ape Yacht Club NFT project's Instagram account was hacked, resulting in the loss in millions of dollars worth of NFTs.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=blockchain

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=WEB3 

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=crypto-currency

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=NFT

 

Gust MEES's insight:

The multibillion dollar valued Bored Ape Yacht Club NFT project's Instagram account was hacked, resulting in the loss in millions of dollars worth of NFTs.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=blockchain

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=WEB3 

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=crypto-currency

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=NFT

 

more...
THE OFFICIAL ANDREASCY's curator insight, April 27, 2022 8:24 AM

$2.5 Μillion of Bored Ape Yacht Club NFTs stolen.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Nasty Linux netfilter firewall security hole found | #CyberSecurity #NobodyIsPerfect 

Nasty Linux netfilter firewall security hole found | #CyberSecurity #NobodyIsPerfect  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - March 18, 2022 5:47 PM

Behind almost all Linux firewalls tools such as iptables; its newer version, nftables; firewalld; and ufw, is netfilter, which controls access to and from Linux's network stack. It's an essential Linux security program, so when a security hole is found in it, it's a big deal. 

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

 
Gust MEES's insight:

Behind almost all Linux firewalls tools such as iptables; its newer version, nftables; firewalld; and ufw, is netfilter, which controls access to and from Linux's network stack. It's an essential Linux security program, so when a security hole is found in it, it's a big deal. 

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

 
more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Les malwares mobiles se multiplient sur nos smartphones | #CyberSecurity #MobileSecurity 

Les malwares mobiles se multiplient sur nos smartphones | #CyberSecurity #MobileSecurity  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.fr - March 10, 2022 1:10 PM

Les malwares mobiles se multiplient sur nos smartphones
Sécurité : Les experts en cybersécurité alertent sur une augmentation de 500 % des cyberattaques mobiles. Une flambée qui doit beaucoup à la multiplication des malwares destinés aux smartphones, qu'affectionnent les pirates.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Mobile-Security

 

Gust MEES's insight:

Les malwares mobiles se multiplient sur nos smartphones
Sécurité : Les experts en cybersécurité alertent sur une augmentation de 500 % des cyberattaques mobiles. Une flambée qui doit beaucoup à la multiplication des malwares destinés aux smartphones, qu'affectionnent les pirates.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Mobile-Security

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Dirty Pipe: Linux-Kernel-Lücke erlaubt Schreibzugriff mit Root-Rechten | #CyberSecurity

Dirty Pipe: Linux-Kernel-Lücke erlaubt Schreibzugriff mit Root-Rechten | #CyberSecurity | ICT Security-Sécurité PC et Internet | Scoop.it
From www.golem.de - March 7, 2022 9:13 AM

Linux-Kernel-Lücke erlaubt Schreibzugriff mit Root-Rechten
Ein Fehler bei der Verarbeitung von Pipes im Linux-Kernel lässt sich ausnutzen, um Root-Rechte zu erlangen.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Gust MEES's insight:

Linux-Kernel-Lücke erlaubt Schreibzugriff mit Root-Rechten
Ein Fehler bei der Verarbeitung von Pipes im Linux-Kernel lässt sich ausnutzen, um Root-Rechte zu erlangen.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
About Follow us Resources Terms Mobile Features
Facebook
X
LinkedIn