ICT Security-Sécurité PC et Internet
112.9K views | +2 today
 
Scooped by Gust MEES
onto ICT Security-Sécurité PC et Internet
October 15, 2024 2:39 PM
Scoop.it!

Experts say MFA is no longer enough for enterprises

Experts say MFA is no longer enough for enterprises | ICT Security-Sécurité PC et Internet | Scoop.it
From www.scworld.com - October 11, 2024 12:15 PM

The UK’s cyber watchdog says that companies need to be more mindful with how they handle their multi-factor authentication.

The National Cyber Security Centre (NCSC) said companies can no longer rely on MFA as a blanket solution to their network security woes. The problem, say experts, is that in many cases attackers are now able to intercept MFA keys much in the same way they did passwords.

“Attackers have realized that many of the same social engineering techniques that tricked us into handing over passwords can also be updated to overcome some methods of MFA,” the NCSC said.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=MFA

 

Read more
Gust MEES's insight:

The UK’s cyber watchdog says that companies need to be more mindful with how they handle their multi-factor authentication.

The National Cyber Security Centre (NCSC) said companies can no longer rely on MFA as a blanket solution to their network security woes. The problem, say experts, is that in many cases attackers are now able to intercept MFA keys much in the same way they did passwords.

“Attackers have realized that many of the same social engineering techniques that tricked us into handing over passwords can also be updated to overcome some methods of MFA,” the NCSC said.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=MFA

 

more...
No comment yet.
Sign up to comment
ICT Security-Sécurité PC et Internet
Education Technology
ICT Security + Privacy + Piracy + Data Protection - Censorship - Des cours et infos gratuites sur la"Sécurité PC et Internet" pour usage non-commercial... (FR, EN+DE)...
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Rescooped by Gust MEES from 21st Century Learning and Teaching
April 29, 2013 5:39 PM
Scoop.it!

Why (And How) Teachers and Education Should Start Learning and Teaching Cyber-Security

Why (And How) Teachers and Education Should Start Learning and Teaching Cyber-Security | ICT Security-Sécurité PC et Internet | Scoop.it
From gustmees.wordpress.com - April 29, 2013 5:33 PM

Why (And How) Teachers Should Start Learning and Teaching Cyber-Security . What should get be taught and learned more in the 21st Century while using ICT?

 

In the 21st Century, Education has a BIG responsibility to adapt to the very quick change in the world and to teach the students the knowledge they need and which are required to fulfill the market’s needs!

 

The market’s needs are ALSO to employ people with the basics of Cyber-Security knowledge as a modern company needs to protect its online reputation and a data loss could be lethal to them, their ruin eventually! SO, the new employees is the students coming out of school, College, High school, Universities; ALL of them need to have the basic knowledge of  Cyber-Security to be competitive in a working market where there is more and more unemployment worldwide…

 

===> A company would take advantage of a new employee who as already the necessary knowledge of Cyber-Security as the company doesn’t need to train him, which saves it a lot of money! <===

  

Read more
Gust MEES's insight:

 

In the 21st Century, Education has a BIG responsibility to adapt to the very quick change in the world and to teach the students the knowledge they need and which are required to fulfill the market’s needs!

 

The market’s needs are ALSO to employ people with the basics of Cyber-Security knowledge as a modern company needs to protect its online reputation and a data loss could be lethal to them, their ruin eventually! SO, the new employees is the students coming out of school, College, High school, Universities; ALL of them need to have the basic knowledge of  Cyber-Security to be competitive in a working market where there is more and more unemployment worldwide…

 

===> A company would take advantage of a new employee who as already the necessary knowledge of Cyber-Security as the company doesn’t need to train him, which saves it a lot of money! <===

 

===============================================

 

There has been a lot of talk both in the U.S. and internationally about a shortage in skilled IT professionals - with a predicted 864,000 IT vacancies in Europe alone by 2015.

 

What are these skills that organizations are looking for? This infographic by via resource highlights the top skills that make a successful information security professional and skills the future workforce will need to tackle emerging threats.

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet?tag=Infographic

 

http://www.scoop.it/t/21st-century-learning-and-teaching?tag=Infographi

 

http://www.scoop.it/t/ict-security-tools

 

 

Check also:

 

https://gustmees.wordpress.com/

 

https://gustmeesen.wordpress.com/

 

https://gustmeesfr.wordpress.com/

 

  

more...
Zhao KQiang's curator insight, March 27, 2014 7:23 AM

give some opinions of that why teachers and education should learn network secutity
Dean J. Fusto's curator insight, July 31, 2015 10:12 AM

 

In the 21st Century, Education has a BIG responsibility to adapt to the very quick change in the world and to teach the students the knowledge they need and which are required to fulfill the market’s needs!

 

The market’s needs are ALSO to employ people with the basics of Cyber-Security knowledge as a modern company needs to protect its online reputation and a data loss could be lethal to them, their ruin eventually! SO, the new employees is the students coming out of school, College, High school, Universities; ALL of them need to have the basic knowledge of  Cyber-Security to be competitive in a working market where there is more and more unemployment worldwide…

 

===> A company would take advantage of a new employee who as already the necessary knowledge of Cyber-Security as the company doesn’t need to train him, which saves it a lot of money! <===

 

===============================================

 

There has been a lot of talk both in the U.S. and internationally about a shortage in skilled IT professionals - with a predicted 864,000 IT vacancies in Europe alone by 2015.

 

What are these skills that organizations are looking for? This infographic by via resource highlights the top skills that make a successful information security professional and skills the future workforce will need to tackle emerging threats.

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet?tag=Infographic

 

http://www.scoop.it/t/21st-century-learning-and-teaching?tag=Infographi

 

http://www.scoop.it/t/ict-security-tools

 

 

Check also:

 

https://gustmees.wordpress.com/

 

https://gustmeesen.wordpress.com/

 

https://gustmeesfr.wordpress.com/

 

  
Jean-Pierre Blanger's curator insight, August 1, 2015 4:19 PM

 

In the 21st Century, Education has a BIG responsibility to adapt to the very quick change in the world and to teach the students the knowledge they need and which are required to fulfill the market’s needs!

 

The market’s needs are ALSO to employ people with the basics of Cyber-Security knowledge as a modern company needs to protect its online reputation and a data loss could be lethal to them, their ruin eventually! SO, the new employees is the students coming out of school, College, High school, Universities; ALL of them need to have the basic knowledge of  Cyber-Security to be competitive in a working market where there is more and more unemployment worldwide…

 

===> A company would take advantage of a new employee who as already the necessary knowledge of Cyber-Security as the company doesn’t need to train him, which saves it a lot of money! <===

 

===============================================

 

There has been a lot of talk both in the U.S. and internationally about a shortage in skilled IT professionals - with a predicted 864,000 IT vacancies in Europe alone by 2015.

 

What are these skills that organizations are looking for? This infographic by via resource highlights the top skills that make a successful information security professional and skills the future workforce will need to tackle emerging threats.

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet?tag=Infographic

 

http://www.scoop.it/t/21st-century-learning-and-teaching?tag=Infographi

 

http://www.scoop.it/t/ict-security-tools

 

 

Check also:

 

https://gustmees.wordpress.com/

 

https://gustmeesen.wordpress.com/

 

https://gustmeesfr.wordpress.com/

 

  
Sign up to comment
Scooped by Gust MEES
June 11, 1:55 PM
Scoop.it!

Researcher Hacked Google Using AI and Earned $500,000 Bug Bounty

From cybersecuritynews.com - June 11, 12:43 PM

A security researcher known as brutecat has disclosed how an AI-driven fuzzing pipeline uncovered more than $500,000 in vulnerabilities across Google’s infrastructure in under three months, exposing systemic access-control failures hidden inside roughly 1,500 APIs.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

 

Read more
Gust MEES's insight:

A security researcher known as brutecat has disclosed how an AI-driven fuzzing pipeline uncovered more than $500,000 in vulnerabilities across Google’s infrastructure in under three months, exposing systemic access-control failures hidden inside roughly 1,500 APIs.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
June 1, 4:24 PM
Scoop.it!

Meta’s own AI was exploited to hijack Instagram accounts

Meta’s own AI was exploited to hijack Instagram accounts | ICT Security-Sécurité PC et Internet | Scoop.it
From www.theverge.com - June 1, 3:20 PM

Meta says it has fixed an issue that allowed hackers to take over a target’s Instagram account using its AI-powered support chatbot.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

Read more
Gust MEES's insight:

Meta says it has fixed an issue that allowed hackers to take over a target’s Instagram account using its AI-powered support chatbot.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 31, 11:19 AM
Scoop.it!

New ChatGPT Vulnerability Lets Attackers Turn Web Pages Into Phishing Payloads

From cybersecuritynews.com - May 29, 10:18 AM

A browser-based prompt injection technique that transforms any web page into a phishing delivery surface by exploiting ChatGPT's page summarization feature, rendering attacker-controlled links, fake security alerts, and QR codes directly inside the trusted ChatGPT interface.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

Read more
Gust MEES's insight:

A browser-based prompt injection technique that transforms any web page into a phishing delivery surface by exploiting ChatGPT's page summarization feature, rendering attacker-controlled links, fake security alerts, and QR codes directly inside the trusted ChatGPT interface.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 30, 6:58 AM
Scoop.it!

New VoidStealer Malware Bypasses Chrome's Protection to Steal User Data

From cybersecuritynews.com - May 19, 8:53 AM

A newly discovered malware called VoidStealer has emerged as a serious threat to Chrome users on Windows, using a clever technique to bypass one of the browser’s most important security features.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Browsers

 

Read more
Gust MEES's insight:

A newly discovered malware called VoidStealer has emerged as a serious threat to Chrome users on Windows, using a clever technique to bypass one of the browser’s most important security features.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Browsers

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 20, 6:57 PM
Scoop.it!

PinTheft Linux Vulnerability Let Attackers Gain Root Access - PoC Released

PinTheft Linux Vulnerability Let Attackers Gain Root Access - PoC Released | ICT Security-Sécurité PC et Internet | Scoop.it
From cybersecuritynews.com - May 20, 1:22 PM

A proof-of-concept (PoC) exploit was published for a new Linux Local Privilege Escalation (LPE) vulnerability dubbed “PinTheft.” Exploitvulnerability assessment

Discovered by Aaron Esau of the V12 security team, the flaw allows local attackers to gain root access by exploiting an RDS zerocopy double-free bug.

A kernel patch is currently available, prompting the researchers to release their PoC code to the public.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Read more
Gust MEES's insight:

A proof-of-concept (PoC) exploit was published for a new Linux Local Privilege Escalation (LPE) vulnerability dubbed “PinTheft.” Exploitvulnerability assessment

Discovered by Aaron Esau of the V12 security team, the flaw allows local attackers to gain root access by exploiting an RDS zerocopy double-free bug.

A kernel patch is currently available, prompting the researchers to release their PoC code to the public.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 18, 5:38 AM
Scoop.it!

Le malware TrickMo est de retour sur Android, et il se cache sur la blockchain

Le malware TrickMo est de retour sur Android, et il se cache sur la blockchain | ICT Security-Sécurité PC et Internet | Scoop.it
From www.01net.com - May 17, 6:01 AM

TrickMo, l’un des virus bancaires les plus redoutables sur Android, fait son grand retour. Pour échapper aux chercheurs et aux autorités, il se cache sur la blockchain. C’est une tactique de plus en plus répandue dans le milieu criminel.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

Read more
Gust MEES's insight:

TrickMo, l’un des virus bancaires les plus redoutables sur Android, fait son grand retour. Pour échapper aux chercheurs et aux autorités, il se cache sur la blockchain. C’est une tactique de plus en plus répandue dans le milieu criminel.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 16, 7:15 PM
Scoop.it!

The third major Linux kernel flaw in two weeks has been found - thanks to AI

The third major Linux kernel flaw in two weeks has been found - thanks to AI | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - May 14, 8:27 AM

AI is exposing Linux security holes faster than developers can patch them. Fragnesia is the latest. Here's what we know about it.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Read more
Gust MEES's insight:

AI is exposing Linux security holes faster than developers can patch them. Fragnesia is the latest. Here's what we know about it.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 16, 6:32 PM
Scoop.it!

« Dirty Frag » : une nouvelle faille dangereuse sous Linux 

« Dirty Frag » : une nouvelle faille dangereuse sous Linux  | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.fr - May 12, 4:53 AM

Cette faille du noyau Linux met les responsables de la sécurité en émoi. Voici les systèmes concernés et les mesures à prendre sans tarder.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Read more
Gust MEES's insight:

Cette faille du noyau Linux met les responsables de la sécurité en émoi. Voici les systèmes concernés et les mesures à prendre sans tarder.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 16, 8:57 AM
Scoop.it!

Cyberattaques IA : Google révèle que des hackers ont trouvé le moyen de contourner la double authentification, c'est une première

Cyberattaques IA : Google révèle que des hackers ont trouvé le moyen de contourner la double authentification, c'est une première | ICT Security-Sécurité PC et Internet | Scoop.it
From www.01net.com - May 16, 3:01 AM

Pour la première fois, des hackers ont utilisé une intelligence artificielle pour découvrir et exploiter une faille zero day dans un logiciel. Comme l’a découvert Google, cette vulnérabilité permet de contourner la double authentification, même si celle-ci a été configurée sur le compte.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

https://www.scoop.it/topic/securite-pc-et-internet?tag=2FA

 

Read more
Gust MEES's insight:

Pour la première fois, des hackers ont utilisé une intelligence artificielle pour découvrir et exploiter une faille zero day dans un logiciel. Comme l’a découvert Google, cette vulnérabilité permet de contourner la double authentification, même si celle-ci a été configurée sur le compte.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

https://www.scoop.it/topic/securite-pc-et-internet?tag=2FA

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 15, 8:36 AM
Scoop.it!

New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption

New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption | ICT Security-Sécurité PC et Internet | Scoop.it
From thehackernews.com - May 14, 3:06 AM

Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root access, making it the third such bug to be identified in the kernel within a span of two weeks.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Read more
Gust MEES's insight:

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 11, 3:41 PM
Scoop.it!

Google Warns of Hackers Using AI to Create Working Zero-Day Exploit

Google Warns of Hackers Using AI to Create Working Zero-Day Exploit | ICT Security-Sécurité PC et Internet | Scoop.it
From cybersecuritynews.com - May 11, 12:04 PM

Google Threat Intelligence Group recently published an alarming report detailing the rapid industrialization of generative artificial intelligence in adversarial workflows.

The most significant finding reveals that a cybercriminal syndicate successfully developed a working zero-day exploit entirely through artificial intelligence assistance. The Python-based exploit was designed to bypass two-factor authentication in a popular open-source web administration tool

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

https://www.scoop.it/topic/securite-pc-et-internet?tag=2FA

 

Read more
Gust MEES's insight:

Google Threat Intelligence Group recently published an alarming report detailing the rapid industrialization of generative artificial intelligence in adversarial workflows.

The most significant finding reveals that a cybercriminal syndicate successfully developed a working zero-day exploit entirely through artificial intelligence assistance. The Python-based exploit was designed to bypass two-factor authentication in a popular open-source web administration tool

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

https://www.scoop.it/topic/securite-pc-et-internet?tag=2FA

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
April 30, 9:34 AM
Scoop.it!

Linux Kernel 0-Day "Copy Fail" Roots Every Major Distribution Since 2017

From cybersecuritynews.com - April 29, 10:31 PM

A critical zero-day vulnerability in the Linux kernel has been publicly disclosed, enabling any unprivileged local user to obtain root access on virtually every major Linux distribution shipped since 2017.

Dubbed “Copy Fail” and tracked as CVE-2026-31431, the flaw was discovered by Theori researcher Taeyang Lee and scaled into a full exploit chain by the Xint Code Research Team using AI-assisted analysis.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Read more
Gust MEES's insight:

A critical zero-day vulnerability in the Linux kernel has been publicly disclosed, enabling any unprivileged local user to obtain root access on virtually every major Linux distribution shipped since 2017.

Dubbed “Copy Fail” and tracked as CVE-2026-31431, the flaw was discovered by Theori researcher Taeyang Lee and scaled into a full exploit chain by the Xint Code Research Team using AI-assisted analysis.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
June 13, 2:59 PM
Scoop.it!

New Agentjacking Attack Hijacks Your AI Coding Agent to Run Code From Hackers Server

New Agentjacking Attack Hijacks Your AI Coding Agent to Run Code From Hackers Server | ICT Security-Sécurité PC et Internet | Scoop.it
From cybersecuritynews.com - June 13, 12:48 PM

New “Agentjacking” attack that hijacks AI coding agents and silently executes attacker-controlled code on developer machines using nothing more than a single injected Sentry error.

The technique turns trusted AI assistants like Claude Code and Cursor into an execution layer for malicious commands, without phishing, malware delivery, or any breach of the victim’s infrastructure.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

Read more
Gust MEES's insight:

New “Agentjacking” attack that hijacks AI coding agents and silently executes attacker-controlled code on developer machines using nothing more than a single injected Sentry error.

The technique turns trusted AI assistants like Claude Code and Cursor into an execution layer for malicious commands, without phishing, malware delivery, or any breach of the victim’s infrastructure.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
June 3, 5:17 PM
Scoop.it!

Five OpenClaw 0-Days let Attackers to Hijack Trusted AI Agent Access

From cybersecuritynews.com - June 3, 10:15 AM

Five zero-day flaws in OpenClaw allowed attackers to bypass trust boundaries and hijack AI agent access across multiple messaging platforms.

OpenClaw, which integrates AI agents with services such as Slack, Discord, Microsoft Teams, Matrix, and Telegram, relies heavily on user-defined allowlists to determine who can interact with an agent.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

 

Read more
Gust MEES's insight:

Five zero-day flaws in OpenClaw allowed attackers to bypass trust boundaries and hijack AI agent access across multiple messaging platforms.

OpenClaw, which integrates AI agents with services such as Slack, Discord, Microsoft Teams, Matrix, and Telegram, relies heavily on user-defined allowlists to determine who can interact with an agent.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
June 1, 7:12 AM
Scoop.it!

Instagram Meta AI Vulnerability Allegedly Enables Password Reset for Accounts

From cybersecuritynews.com - May 31, 11:50 PM

A critical flaw in Meta's AI-powered account recovery tool on Instagram allowed attackers to hijack high-value accounts by tricking the chatbot into forwarding password reset codes with no verification required.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

Read more
Gust MEES's insight:

A critical flaw in Meta's AI-powered account recovery tool on Instagram allowed attackers to hijack high-value accounts by tricking the chatbot into forwarding password reset codes with no verification required.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 30, 5:10 PM
Scoop.it!

ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface

ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface | ICT Security-Sécurité PC et Internet | Scoop.it
From thehackernews.com - May 29, 2:07 PM
ChatGPhish exploits ChatGPT Markdown rendering to deliver phishing content from summarized web pages, increasing AI attack surfaces.

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

Read more
Gust MEES's insight:
ChatGPhish exploits ChatGPT Markdown rendering to deliver phishing content from summarized web pages, increasing AI attack surfaces.

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 21, 5:45 AM
Scoop.it!

Claude Code's Network Sandbox Vulnerability Exposes User Credentials and Source Code

Claude Code's Network Sandbox Vulnerability Exposes User Credentials and Source Code | ICT Security-Sécurité PC et Internet | Scoop.it
From cybersecuritynews.com - May 20, 10:45 PM

Anthropic’s Claude Code AI coding assistant harbored a critical network sandbox bypass for over five months, allowing attackers to exfiltrate credentials, source code, and environment variables from developer systems, and the company issued no public advisory for either incident.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

https://www.scoop.it/topic/securite-pc-et-internet?tag=Claude

 

Read more
Gust MEES's insight:

Anthropic’s Claude Code AI coding assistant harbored a critical network sandbox bypass for over five months, allowing attackers to exfiltrate credentials, source code, and environment variables from developer systems, and the company issued no public advisory for either incident.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

https://www.scoop.it/topic/securite-pc-et-internet?tag=Claude

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 18, 5:46 AM
Scoop.it!

Claude Code RCE Flaw Lets Attackers Execute Commands via Malicious Deeplinks

From cybersecuritynews.com - May 17, 11:14 PM

A critical remote code execution (RCE) vulnerability has been discovered in Anthropic’s Claude Code CLI tool, allowing attackers to execute arbitrary commands on a victim’s machine by tricking them into clicking a specially crafted deeplink.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

https://www.scoop.it/topic/securite-pc-et-internet?tag=Claude

 

 

 

Read more
Gust MEES's insight:

A critical remote code execution (RCE) vulnerability has been discovered in Anthropic’s Claude Code CLI tool, allowing attackers to execute arbitrary commands on a victim’s machine by tricking them into clicking a specially crafted deeplink.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

https://www.scoop.it/topic/securite-pc-et-internet?tag=Claude

 

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 18, 4:15 AM
Scoop.it!

Exploit available for new DirtyDecrypt Linux root escalation flaw

Exploit available for new DirtyDecrypt Linux root escalation flaw | ICT Security-Sécurité PC et Internet | Scoop.it
From www.bleepingcomputer.com - May 18, 3:18 AM

A recently patched local privilege escalation vulnerability in the Linux kernel's rxgk module now has a proof-of-concept exploit that allows attackers to gain root access on some Linux systems.

Named DirtyDecrypt and also known as DirtyCBC, this security flaw was also autonomously found and reported by the V12 security team earlier this month, when the maintainers informed them that it was a duplicate that had already been patched in the mainline.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

 
Read more
Gust MEES's insight:

A recently patched local privilege escalation vulnerability in the Linux kernel's rxgk module now has a proof-of-concept exploit that allows attackers to gain root access on some Linux systems.

Named DirtyDecrypt and also known as DirtyCBC, this security flaw was also autonomously found and reported by the V12 security team earlier this month, when the maintainers informed them that it was a duplicate that had already been patched in the mainline.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

 
more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 16, 6:58 PM
Scoop.it!

The 4th Linux kernel flaw this month can lead to stolen SSH host keys

The 4th Linux kernel flaw this month can lead to stolen SSH host keys | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - May 15, 4:41 PM

The good news is there's already a patch. The bad news is that the fix isn't available for all Linux distributions yet. Here's what you can do in the meantime.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Read more
Gust MEES's insight:

The good news is there's already a patch. The bad news is that the fix isn't available for all Linux distributions yet. Here's what you can do in the meantime.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 16, 9:07 AM
Scoop.it!

OpenAI Confirms Security Breach Via TanStack npm Supply Chain Attack

From cybersecuritynews.com - May 15, 12:03 AM

Two employee devices at OpenAI were compromised in a sweeping software supply chain attack targeting TanStack npm, but the AI company confirmed no user data, production systems, or intellectual property were affected.

 

 
 
 
Read more
Gust MEES's insight:

Two employee devices at OpenAI were compromised in a sweeping software supply chain attack targeting TanStack npm, but the AI company confirmed no user data, production systems, or intellectual property were affected.

 

 
 
 
more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 16, 7:38 AM
Scoop.it!

Critical Linux Kernel Flaw 'ssh-keysign-pwn' Exposes SSH Keys and Shadow Passwords

From cybersecuritynews.com - May 16, 3:36 AM

A newly disclosed Linux kernel vulnerability is raising serious concerns across the security community, as it allows attackers to access highly sensitive data, including SSH private keys and password hashes, on affected systems.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Read more
Gust MEES's insight:

A newly disclosed Linux kernel vulnerability is raising serious concerns across the security community, as it allows attackers to access highly sensitive data, including SSH private keys and password hashes, on affected systems.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 15, 8:04 AM
Scoop.it!

Fragnesia - New Linux Kernel Vulnerability Enables Root Access

From cybersecuritynews.com - May 13, 9:48 AM

A newly disclosed Linux kernel vulnerability dubbed Fragnesia allows any local unprivileged user to escalate privileges to root without requiring a race condition, making it one of the more reliable local privilege escalation exploits seen in recent years.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Read more
Gust MEES's insight:

A newly disclosed Linux kernel vulnerability dubbed Fragnesia allows any local unprivileged user to escalate privileges to root without requiring a race condition, making it one of the more reliable local privilege escalation exploits seen in recent years.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
May 11, 3:31 PM
Scoop.it!

Hackers abuse Google ads, Claude.ai chats to push Mac malware

Hackers abuse Google ads, Claude.ai chats to push Mac malware | ICT Security-Sécurité PC et Internet | Scoop.it
From www.bleepingcomputer.com - May 10, 1:52 PM

Attackers are abusing Google Ads and legitimate Claude.ai shared chats in an active malvertising campaign. Users searching for "Claude mac download" may come across sponsored search results that list claude.ai as the target website, but lead to instructions that install malware on their Mac.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

Read more
Gust MEES's insight:

Attackers are abusing Google Ads and legitimate Claude.ai shared chats in an active malvertising campaign. Users searching for "Claude mac download" may come across sponsored search results that list claude.ai as the target website, but lead to instructions that install malware on their Mac.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
April 27, 5:01 AM
Scoop.it!

„Pack2TheRoot“: Sicherheitslücke betrifft mehrere Linux-Distributionen

„Pack2TheRoot“: Sicherheitslücke betrifft mehrere Linux-Distributionen | ICT Security-Sécurité PC et Internet | Scoop.it
From www.heise.de - April 27, 4:37 AM

Das Telekom-Sicherheitsteam hat die Sicherheitslücke „Pack2TheRoot“ entdeckt, die Rechteausweitung in mehreren Distributionen ermöglicht.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Read more
Gust MEES's insight:

Das Telekom-Sicherheitsteam hat die Sicherheitslücke „Pack2TheRoot“ entdeckt, die Rechteausweitung in mehreren Distributionen ermöglicht.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

more...
No comment yet.
Sign up to comment
About Follow us Resources Terms Mobile Features
Facebook
X
LinkedIn