 Your new post is loading...
Your new post is loading...
|
Scooped by
Gust MEES
June 20, 2023 8:47 AM
|
More than 101,000 ChatGPT user accounts have been stolen by information-stealing malware over the past year, according to dark web marketplace data.
Cyberintelligence firm Group-IB reports having identified over a hundred thousand info-stealer logs on various underground websites containing ChatGPT accounts, with the peak observed in May 2023, when threat actors posted 26,800 new ChatGPT credential pairs.
|
|
Scooped by
Gust MEES
May 17, 2023 9:54 AM
|
Abo-Malware: Googles und Apples Stores von teuren ChatGPT-Fakes geflutet
Sophos warnt vor ChatGPT-Nachahmer-Apps in Apples und Googles App-Stores, die arglose Nutzer mit verschleierten Gebühren abzocken.
|
|
Scooped by
Gust MEES
April 28, 2023 11:26 AM
|
|
|
Scooped by
Gust MEES
March 25, 2023 5:26 PM
|
In den Stunden vor der Abschaltung von ChatGPT, war es demnach für einige Benutzer möglich, den Vor- und Nachnamen, die E-Mail- und Zahlungsadresse, die letzten vier Ziffern der Kreditkartennummer und das Ablaufdatum der Kreditkarte eines anderen aktiven Benutzers zu sehen. Die vollständigen Kreditkartennummern seien zu keinem Zeitpunkt offengelegt worden.
|
|
Scooped by
Gust MEES
March 17, 2023 3:12 PM
|
Mehrere Mastodon-Nutzer wurden kürzlich über einen "Security Incident auf Mastodon.social" informiert, dem originalen Server, der durch die Mastodon gGmbH betrieben wird. Durch eine Fehlkonfiguration konnten demnach Dritte alle Daten von files.mastodon.social abrufen.
Die meisten der dort abgelegten Dateien sind zwar ohnehin öffentlich einsehbar, darunter die Profilbilder, benutzerdefinierte Emojis, Bilder und Videos, allerdings nicht alle: Auch die von Nutzern angeforderten Datenexporte wurden hier abgelegt, in denen auch nicht-öffentlich geteilte Beiträge enthalten sind. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/social-media-and-its-influence/?&tag=Mastodon
|
|
Scooped by
Gust MEES
March 2, 2023 12:57 PM
|
A pervasive cyber-espionage group known as Iron Tiger, believed to be out of China, has updated one of its malware frameworks to attack Linux-based systems.
Researchers at Trend Micro recently discovered that Iron Tiger (aka Emissary Panda or APT27) had added new features to its so called SysUpdate malware family, which allows it to infect Linux platforms in addition to Windows. SysUpdate abuses system services, grabs screenshots, browses and terminates processes, retrieves drive information, executes commands, and can find, delete, rename, upload, and download files as well as peruse a victim's file directory. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux
|
|
Scooped by
Gust MEES
February 1, 2023 11:20 AM
|
As 2022 ended, OpenAI made ChatGPT live to the world. It is an artificially intelligent research and deployment chatbot that interacts through text using realistic human responses. Its deep learning techniques can generate conversations that convince anyone they are interacting with an actual human.
Like opening the jar and releasing the genie, its impact is relatively unknown, but grave intrigue and curiosity surrounded it. How will it be used; how does it work; is it for good or evil? No, this is not the next Terminator sequel…
Its intentions are certainly for positive use, and its articulate responses have led many to claim it as the best chatbot to be released. However, in a short period, ChatGPT has already been linked to cyber threats as cyber-criminals leverage its advanced capabilities for nefarious means. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/securite-pc-et-internet/?&tag=ChatGPT
|
|
Scooped by
Gust MEES
January 12, 2023 6:20 AM
|
ChatGPT est déjà détourné pour écrire des logiciels malveillants
Sécurité : L'analyse des discussions sur les forums du dark web montre que des efforts sont déjà en cours pour utiliser le chatbot d'OpenAI afin d'aider à la rédaction de logiciels malveillants. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/securite-pc-et-internet/?&tag=ChatGPT
|
|
Scooped by
Gust MEES
December 27, 2022 3:09 PM
|
Une grave faille de sécurité affecte le noyau Linux
Sécurité : La faille de sécurité affecte ksmbd, un serveur SMB intégré au noyau de Linux 5.15, et sa note de gravité avoisine le 10, selon la ZDI.
Joyeux Noël à tous les administrateurs de systèmes Linux ! Et en guise de cadeau : une grave faille de sécurité dans le noyau Linux.
C’est la Zero Day Initiative (ZDI), une société de recherche sur les failles zero-day, qui l’a découverte et annoncée juste avant le réveillon.
Cette vulnérabilité pourrait permettre à un attaquant à distance authentifié de divulguer des informations sensibles et d’exécuter du code sur les versions vulnérables du noyau Linux.
|
|
Scooped by
Gust MEES
August 10, 2022 8:06 AM
|
|
|
Scooped by
Gust MEES
August 6, 2022 6:40 AM
|
Twitter has confirmed a recent data breach was caused by a now-patched zero-day vulnerability used to link email addresses and phone numbers to users' accounts, allowing a threat actor to compile a list of 5.4 million user account profiles.
Last month, BleepingComputer spoke to a threat actor who said that they were able to create a list of 5.4 million Twitter account profiles using a vulnerability on the social media site.
This vulnerability allowed anyone to submit an email address or phone number, verify if it was associated with a Twitter account, and retrieve the associated account ID. The threat actor then used this ID to scrape the public information for the account. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Twitter
|
|
Scooped by
Gust MEES
July 3, 2022 10:36 AM
|
Zukünftig soll es möglich sein, sich von all seinen Geräten aus sicher und ohne Passwort bei Online-Diensten anzumelden, verspricht die Allianz für Fast IDentity Online (FIDO). Bei der Synchronisierung der FIDO-Identitäten über die Cloud zeichnet sich jetzt ein Paradigmenwechsel ab: Die könnte nämlich Ende-zu-Ende-verschlüsselt erfolgen – also, ohne dass die Cloud-Betreiber Zugriff darauf erhalten. Dazu hat sich nach Apple überraschend jetzt auch Google committet.
Die FIDO hat ein technisch ausgefeiltes Konzept zur Anmeldung bei Internet-Diensten auf Basis von asymmetrischer Kryptografie und Challenge-Response-Verfahren entworfen, das deutlich sicherer als Passwörter und noch dazu komfortabel ist. Um tatsächlich Passwörter ablösen zu können, will man, dass der Anwender zukünftig seine FIDO-Identität auf all seinen Geräten nutzen kann – auf dem Smartphone genauso wie auf dem PC. Dazu muss ein geheimer Schlüssel auf all diese Geräte verteilt werden, was gemäß FIDO über die Infrastruktur der großen Plattform-Provider – also primär Google, Apple und Microsoft geschehen soll. Alle drei haben sich auch bereits dazu bekannt, das umzusetzen. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/securite-pc-et-internet/?&tag=FIDO
|
|
Scooped by
Gust MEES
May 5, 2022 3:18 PM
|
Résultat des courses : vous n'aurez bientôt plus besoin d'un mot de passe pour vous connecter à vos appareils, à des sites web ou à des applications.
Au lieu de cela, votre téléphone stockera un justificatif FIDO appelé "passkey", qui sera utilisé pour déverrouiller votre appareil – et l'ensemble de vos comptes en ligne. Il s'agit d'un dispositif plus sûr qu'un mot de passe, car cette clé est protégée par de la cryptographie et n'est montrée à votre compte en ligne que lorsque vous déverrouillez votre appareil. A contrario, les mots de passe nous rendent vulnérables aux tentatives d’hameçonnage et à nos propres mauvaises habitudes, comme l'utilisation du même mot de passe sur plusieurs comptes. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/securite-pc-et-internet
|
|
|
Scooped by
Gust MEES
June 3, 2023 9:39 AM
|
Neue Gefahr für Windows-Nutzer: Wie unter anderem "Bleeping Computer" berichtet, wird in Hacker-Foren aktuell ein Tool verkauft, das sich "Terminator" nennt. Kriminelle zahlen dem Portal zufolge bis zu 3.000 US-Dollar für die offenbar sehr effektive Software. Der Entwickler nennt sich in den Foren selbst "Spyboy".
Was "Terminator" so gefährlich macht: Das Tool ist offenbar in der Lage, 24 weitverbreitete Antivirus-, Endpoint Detection and Response- und Extended Detection and Response-Sicherheitsanwendungen zu umgehen. Davon ist offenbar auch der Windows Defender betroffen. Angreifbar sind alle Systeme ab Windows 7.
Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/securite-pc-et-internet
|
|
Scooped by
Gust MEES
May 9, 2023 12:54 PM
|
A new Linux NetFilter kernel flaw has been discovered, allowing unprivileged local users to escalate their privileges to root level, allowing complete control over a system.
The CVE-2023-32233 identifier has been reserved for the vulnerability, but a severity level is yet to be determined. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux
|
|
Scooped by
Gust MEES
March 28, 2023 12:43 PM
|
Kriminelle lieben ChatGPT – und Europol hat konkrete Beispiele dafür entdeckt
Was Beobachter:innen vorhergesagt haben, ist eingetreten: ChatGPT kommt längst bei kriminellen Machenschaften zum Einsatz, wie Europol warnt – und sei es nur zur Recherche für Verbrechen. Doch das Gefahrenpotenzial geht weit darüber hinaus.
|
|
Scooped by
Gust MEES
March 24, 2023 3:54 PM
|
A ChatGPT bug found earlier this week also revealed user's payment information, says OpenAI(Opens in a new tab).
The AI chatbot was shut down on March 20, due to a bug that exposed titles and the first message of new conversations from active users' chat history to other users.
Now, OpenAI has shared that even more private data from a small number of users was exposed.
"In the hours before we took ChatGPT offline on Monday, it was possible for some users to see another active user’s first and last name, email address, payment address, the last four digits (only) of a credit card number, and credit card expiration date," said OpenAI. "Full credit card numbers were not exposed at any time.
|
|
Scooped by
Gust MEES
March 17, 2023 1:38 PM
|
A new Golang-based botnet dubbed HinataBot has been observed to leverage known flaws to compromise routers and servers and use them to stage distributed denial-of-service (DDoS) attacks. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/securite-pc-et-internet
|
|
Scooped by
Gust MEES
February 8, 2023 4:42 PM
|
If you've been experiencing Tor network connectivity and performance issues lately, you're not the only one since many others have had problems with onion and i2p sites loading slower or not loading at all.
Tor Project's Executive Director Isabela Dias Fernandes revealed on Tuesday that a wave of distributed denial-of-service (DDoS) attacks has been targeting the network since at least July 2022.
"At some points, the attacks impacted the network severely enough that users could not load pages or access onion services," Fernandes said on Tuesday. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/securite-pc-et-internet
|
|
Scooped by
Gust MEES
January 12, 2023 10:20 AM
|
|
|
Scooped by
Gust MEES
January 10, 2023 11:30 AM
|
Attackers Are Already Exploiting ChatGPT to Write Malicious Code
The AI-based chatbot is allowing bad actors with absolutely no coding experience to develop malware.
Since OpenAI released ChatGPT in late November, many security experts have predicted it would only be a matter of time before cybercriminals began using the AI chatbot for writing malware and enabling other nefarious activities. Just weeks later, it looks like that time is already here.
In fact, researchers at Check Point Research (CPR) have reported spotting at least three instances where black hat hackers demonstrated, in underground forums, how they had leveraged ChatGPT's AI-smarts for malicious purposes. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/securite-pc-et-internet Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/securite-pc-et-internet/?&tag=ChatGPT
|
|
Scooped by
Gust MEES
November 24, 2022 7:46 AM
|
|
|
Scooped by
Gust MEES
August 6, 2022 7:11 AM
|
A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas.
The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy (BLE), a wireless technology used for authenticating Bluetooth devices that are physically located within a close range.
"An attacker can falsely indicate the proximity of Bluetooth LE (BLE) devices to one another through the use of a relay attack," U.K.-based cybersecurity company NCC Group said. "This may enable unauthorized access to devices in BLE-based proximity authentication systems. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=Bluetooth https://www.scoop.it/topic/securite-pc-et-internet/?&tag=BLURtooth
|
|
Scooped by
Gust MEES
August 5, 2022 5:26 AM
|
|
|
Scooped by
Gust MEES
June 16, 2022 4:26 PM
|
|
More than 101,000 ChatGPT user accounts have been stolen by information-stealing malware over the past year, according to dark web marketplace data.
Cyberintelligence firm Group-IB reports having identified over a hundred thousand info-stealer logs on various underground websites containing ChatGPT accounts, with the peak observed in May 2023, when threat actors posted 26,800 new ChatGPT credential pairs.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=ChatGPT
https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Ethics