ICT Security-Sécurité PC et Internet
87.1K views | +0 today
Follow
 
Scooped by Gust MEES
onto ICT Security-Sécurité PC et Internet
Scoop.it!

DDoS: Google has a new tool to defend against attacks launched by botnets

DDoS: Google has a new tool to defend against attacks launched by botnets | ICT Security-Sécurité PC et Internet | Scoop.it

Google Could have unveiled a public preview of Cloud Armor's Adaptive Protection -- a machine learning-powered method of detecting and protecting enterprise applications and services from Layer 7 DDoS attacks. 

It's the same technology that Google uses to provide Project Shield, a free service from Google parent Alphabet that protects human rights, government and media organizations against DDoS attacks.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=DDos...

 

 

Gust MEES's insight:

Google Could have unveiled a public preview of Cloud Armor's Adaptive Protection -- a machine learning-powered method of detecting and protecting enterprise applications and services from Layer 7 DDoS attacks. 

It's the same technology that Google uses to provide Project Shield, a free service from Google parent Alphabet that protects human rights, government and media organizations against DDoS attacks.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=DDos...

 

 

No comment yet.
ICT Security-Sécurité PC et Internet
ICT Security + Privacy + Piracy + Data Protection - Censorship - Des cours et infos gratuites sur la"Sécurité PC et Internet" pour usage non-commercial... (FR, EN+DE)...
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Why (And How) Teachers and Education Should Start Learning and Teaching Cyber-Security

Why (And How) Teachers and Education Should Start Learning and Teaching Cyber-Security | ICT Security-Sécurité PC et Internet | Scoop.it

Why (And How) Teachers Should Start Learning and Teaching Cyber-Security . What should get be taught and learned more in the 21st Century while using ICT?

 

In the 21st Century, Education has a BIG responsibility to adapt to the very quick change in the world and to teach the students the knowledge they need and which are required to fulfill the market’s needs!

 

The market’s needs are ALSO to employ people with the basics of Cyber-Security knowledge as a modern company needs to protect its online reputation and a data loss could be lethal to them, their ruin eventually! SO, the new employees is the students coming out of school, College, High school, Universities; ALL of them need to have the basic knowledge of  Cyber-Security to be competitive in a working market where there is more and more unemployment worldwide…

 

===> A company would take advantage of a new employee who as already the necessary knowledge of Cyber-Security as the company doesn’t need to train him, which saves it a lot of money! <===

  

Gust MEES's insight:

 

In the 21st Century, Education has a BIG responsibility to adapt to the very quick change in the world and to teach the students the knowledge they need and which are required to fulfill the market’s needs!

 

The market’s needs are ALSO to employ people with the basics of Cyber-Security knowledge as a modern company needs to protect its online reputation and a data loss could be lethal to them, their ruin eventually! SO, the new employees is the students coming out of school, College, High school, Universities; ALL of them need to have the basic knowledge of  Cyber-Security to be competitive in a working market where there is more and more unemployment worldwide…

 

===> A company would take advantage of a new employee who as already the necessary knowledge of Cyber-Security as the company doesn’t need to train him, which saves it a lot of money! <===

 

===============================================

 

There has been a lot of talk both in the U.S. and internationally about a shortage in skilled IT professionals - with a predicted 864,000 IT vacancies in Europe alone by 2015.

 

What are these skills that organizations are looking for? This infographic by via resource highlights the top skills that make a successful information security professional and skills the future workforce will need to tackle emerging threats.

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet?tag=Infographic

 

http://www.scoop.it/t/21st-century-learning-and-teaching?tag=Infographi

 

http://www.scoop.it/t/ict-security-tools

 

 

Check also:

 

https://gustmees.wordpress.com/

 

https://gustmeesen.wordpress.com/

 

https://gustmeesfr.wordpress.com/

 

  

Zhao KQiang's curator insight, March 27, 2014 7:23 AM

give some opinions of that why teachers and education should learn network secutity

Dean J. Fusto's curator insight, July 31, 2015 10:12 AM

 

In the 21st Century, Education has a BIG responsibility to adapt to the very quick change in the world and to teach the students the knowledge they need and which are required to fulfill the market’s needs!

 

The market’s needs are ALSO to employ people with the basics of Cyber-Security knowledge as a modern company needs to protect its online reputation and a data loss could be lethal to them, their ruin eventually! SO, the new employees is the students coming out of school, College, High school, Universities; ALL of them need to have the basic knowledge of  Cyber-Security to be competitive in a working market where there is more and more unemployment worldwide…

 

===> A company would take advantage of a new employee who as already the necessary knowledge of Cyber-Security as the company doesn’t need to train him, which saves it a lot of money! <===

 

===============================================

 

There has been a lot of talk both in the U.S. and internationally about a shortage in skilled IT professionals - with a predicted 864,000 IT vacancies in Europe alone by 2015.

 

What are these skills that organizations are looking for? This infographic by via resource highlights the top skills that make a successful information security professional and skills the future workforce will need to tackle emerging threats.

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet?tag=Infographic

 

http://www.scoop.it/t/21st-century-learning-and-teaching?tag=Infographi

 

http://www.scoop.it/t/ict-security-tools

 

 

Check also:

 

https://gustmees.wordpress.com/

 

https://gustmeesen.wordpress.com/

 

https://gustmeesfr.wordpress.com/

 

  

Jean-Pierre Blanger's curator insight, August 1, 2015 4:19 PM

 

In the 21st Century, Education has a BIG responsibility to adapt to the very quick change in the world and to teach the students the knowledge they need and which are required to fulfill the market’s needs!

 

The market’s needs are ALSO to employ people with the basics of Cyber-Security knowledge as a modern company needs to protect its online reputation and a data loss could be lethal to them, their ruin eventually! SO, the new employees is the students coming out of school, College, High school, Universities; ALL of them need to have the basic knowledge of  Cyber-Security to be competitive in a working market where there is more and more unemployment worldwide…

 

===> A company would take advantage of a new employee who as already the necessary knowledge of Cyber-Security as the company doesn’t need to train him, which saves it a lot of money! <===

 

===============================================

 

There has been a lot of talk both in the U.S. and internationally about a shortage in skilled IT professionals - with a predicted 864,000 IT vacancies in Europe alone by 2015.

 

What are these skills that organizations are looking for? This infographic by via resource highlights the top skills that make a successful information security professional and skills the future workforce will need to tackle emerging threats.

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet?tag=Infographic

 

http://www.scoop.it/t/21st-century-learning-and-teaching?tag=Infographi

 

http://www.scoop.it/t/ict-security-tools

 

 

Check also:

 

https://gustmees.wordpress.com/

 

https://gustmeesen.wordpress.com/

 

https://gustmeesfr.wordpress.com/

 

  

Scooped by Gust MEES
Scoop.it!

Over 5,300 GitLab servers exposed to zero-click account takeover attacks

Over 5,300 GitLab servers exposed to zero-click account takeover attacks | ICT Security-Sécurité PC et Internet | Scoop.it

Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month.

The critical (CVSS score: 10.0) flaw allows attackers to send password reset emails for a targeted account to an attacker-controlled email address, allowing the threat actor to change the password and take over the account.

Although the flaw does not bypass two-factor authentication (2FA), it is a significant risk for any accounts not protected by this extra security mechanism.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=GitHub

 

 

Gust MEES's insight:

Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month.

The critical (CVSS score: 10.0) flaw allows attackers to send password reset emails for a targeted account to an attacker-controlled email address, allowing the threat actor to change the password and take over the account.

Although the flaw does not bypass two-factor authentication (2FA), it is a significant risk for any accounts not protected by this extra security mechanism.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=GitHub

 

 

No comment yet.
Scooped by Gust MEES
Scoop.it!

4 key takeaways from NIST’s new guide on AI cyber threats

4 key takeaways from NIST’s new guide on AI cyber threats | ICT Security-Sécurité PC et Internet | Scoop.it

An AI threat guide, outlining cyberattacks that target or leverage machine learning models, was published by the National Institute of Standards and Technology (NIST) on Jan. 4.

The nearly 100-page paper, titled “Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations,” provides a comprehensive overview of the cybersecurity and privacy risks that come with the rapid development of both predictive and generative AI tools over the last few years.

 

 
 
 
 
Gust MEES's insight:

An AI threat guide, outlining cyberattacks that target or leverage machine learning models, was published by the National Institute of Standards and Technology (NIST) on Jan. 4.

The nearly 100-page paper, titled “Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations,” provides a comprehensive overview of the cybersecurity and privacy risks that come with the rapid development of both predictive and generative AI tools over the last few years.

 

 
 
 
 
No comment yet.
Scooped by Gust MEES
Scoop.it!

Google-Konten in Gefahr: Exploit erlaubt böswilligen Zugriff trotz Passwort-Reset 

Google-Konten in Gefahr: Exploit erlaubt böswilligen Zugriff trotz Passwort-Reset  | ICT Security-Sécurité PC et Internet | Scoop.it

Exploit erlaubt böswilligen Zugriff trotz Passwort-Reset
Durch eine Schwachstelle in einem OAuth-Endpunkt können sich Cyberkriminelle dauerhaft Zugriff auf das Google-Konto einer Zielperson verschaffen.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

Gust MEES's insight:

Exploit erlaubt böswilligen Zugriff trotz Passwort-Reset
Durch eine Schwachstelle in einem OAuth-Endpunkt können sich Cyberkriminelle dauerhaft Zugriff auf das Google-Konto einer Zielperson verschaffen.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

No comment yet.
Scooped by Gust MEES
Scoop.it!

New JaskaGO Malware Targets Mac and Windows for Crypto, Browser Data

New JaskaGO Malware Targets Mac and Windows for Crypto, Browser Data | ICT Security-Sécurité PC et Internet | Scoop.it

A recently discovered cross-platform malware, appropriately named JaskaGO, has surfaced, targeting both macOS and Windows systems.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

Gust MEES's insight:

A recently discovered cross-platform malware, appropriately named JaskaGO, has surfaced, targeting both macOS and Windows systems.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

No comment yet.
Scooped by Gust MEES
Scoop.it!

Google macht Passkeys zur Standard-Anmeldung für alle

Google macht Passkeys zur Standard-Anmeldung für alle | ICT Security-Sécurité PC et Internet | Scoop.it

Google macht Passkeys zur Standard-Anmeldung für alle
Wer ein Passkey erstellt, kann sich damit ganz einfach ohne Passwort in sein Google-Konto einloggen. Nun will Google Passkeys zum Standard für alle Nutzer:innen machen.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=PassKey

 

 

Gust MEES's insight:

Google macht Passkeys zur Standard-Anmeldung für alle
Wer ein Passkey erstellt, kann sich damit ganz einfach ohne Passwort in sein Google-Konto einloggen. Nun will Google Passkeys zum Standard für alle Nutzer:innen machen.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=PassKey

 

 

No comment yet.
Scooped by Gust MEES
Scoop.it!

'Atomic macOS Stealer' Malware Delivered via Malvertising Campaign

'Atomic macOS Stealer' Malware Delivered via Malvertising Campaign | ICT Security-Sécurité PC et Internet | Scoop.it

The fake TradingView website is hosted on trabingviews[.]com, with special font characters being used to make it look like the legitimate domain and help it avoid detection.

The malicious website is designed to look authentic, claiming to offer downloads for the TradingView app’s Windows, macOS and Linux versions.

While the Windows and Linux files deliver the NetSupport RAT, the Mac file delivers the AMOS malware. 

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

 

Gust MEES's insight:

The fake TradingView website is hosted on trabingviews[.]com, with special font characters being used to make it look like the legitimate domain and help it avoid detection.

The malicious website is designed to look authentic, claiming to offer downloads for the TradingView app’s Windows, macOS and Linux versions.

While the Windows and Linux files deliver the NetSupport RAT, the Mac file delivers the AMOS malware. 

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

 

No comment yet.
Scooped by Gust MEES
Scoop.it!

Monti Ransomware Returns with New Linux Variant and Enhanced Evasion Tactics

Monti Ransomware Returns with New Linux Variant and Enhanced Evasion Tactics | ICT Security-Sécurité PC et Internet | Scoop.it

The threat actors behind the Monti ransomware have resurfaced after a two-month break with a new Linux version of the encryptor in its attacks targeting government and legal sectors.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

 

Gust MEES's insight:

The threat actors behind the Monti ransomware have resurfaced after a two-month break with a new Linux version of the encryptor in its attacks targeting government and legal sectors.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

 

No comment yet.
Scooped by Gust MEES
Scoop.it!

A New Attack Impacts ChatGPT—and No One Knows How to Stop It

A New Attack Impacts ChatGPT—and No One Knows How to Stop It | ICT Security-Sécurité PC et Internet | Scoop.it

CHATGPT AND ITS artificially intelligent siblings have been tweaked over and over to prevent troublemakers from getting them to spit out undesirable messages such as hate speech, personal information, or step-by-step instructions for building an improvised bomb. But researchers at Carnegie Mellon University last week showed that adding a simple incantation to a prompt—a string text that might look like gobbledygook to you or me but which carries subtle significance to an AI model trained on huge quantities of web data—can defy all of these defenses in several popular chatbots at once.

 

 
 
 
Gust MEES's insight:

CHATGPT AND ITS artificially intelligent siblings have been tweaked over and over to prevent troublemakers from getting them to spit out undesirable messages such as hate speech, personal information, or step-by-step instructions for building an improvised bomb. But researchers at Carnegie Mellon University last week showed that adding a simple incantation to a prompt—a string text that might look like gobbledygook to you or me but which carries subtle significance to an AI model trained on huge quantities of web data—can defy all of these defenses in several popular chatbots at once.

 

 
 
 
No comment yet.
Scooped by Gust MEES
Scoop.it!

AVrecon malware infects 70,000 Linux routers to build botnet

AVrecon malware infects 70,000 Linux routers to build botnet | ICT Security-Sécurité PC et Internet | Scoop.it

Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers to a botnet designed to steal bandwidth and provide a hidden residential proxy service.

This allows its operators to hide a wide spectrum of malicious activities, from digital advertising fraud to password spraying.

According to Lumen's Black Lotus Labs threat research team, while the AVrecon remote access trojan (RAT) compromised over 70,000 devices, only 40,000 were added to the botnet after gaining persistence.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

 

Gust MEES's insight:

Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers to a botnet designed to steal bandwidth and provide a hidden residential proxy service.

This allows its operators to hide a wide spectrum of malicious activities, from digital advertising fraud to password spraying.

According to Lumen's Black Lotus Labs threat research team, while the AVrecon remote access trojan (RAT) compromised over 70,000 devices, only 40,000 were added to the botnet after gaining persistence.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

No comment yet.
Scooped by Gust MEES
Scoop.it!

Critical TootRoot bug lets attackers hijack Mastodon servers

Critical TootRoot bug lets attackers hijack Mastodon servers | ICT Security-Sécurité PC et Internet | Scoop.it

Mastodon, the free and open-source decentralized social networking platform, has patched four vulnerabilities, one of them critical that allows hackers to create arbitrary files on the server using specially crafted media files.

Mastodon has about 8.8 million users spread across 13,000 separate servers (instances) hosted by volunteers to support distinct yet inter-connected (federated) communities.

All the four issues fixed were discovered by independent auditors at Cure53, a company that provides penetration testing for online services. The auditors inspected Mastodon's code at Mozilla's request.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/social-media-and-its-influence/?&tag=Mastodon

 

 

Gust MEES's insight:

Mastodon, the free and open-source decentralized social networking platform, has patched four vulnerabilities, one of them critical that allows hackers to create arbitrary files on the server using specially crafted media files.

Mastodon has about 8.8 million users spread across 13,000 separate servers (instances) hosted by volunteers to support distinct yet inter-connected (federated) communities.

All the four issues fixed were discovered by independent auditors at Cure53, a company that provides penetration testing for online services. The auditors inspected Mastodon's code at Mozilla's request.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/social-media-and-its-influence/?&tag=Mastodon

 

 

Scooped by Gust MEES
Scoop.it!

Android Security Updates Patch 3 Exploited Vulnerabilities

Android Security Updates Patch 3 Exploited Vulnerabilities | ICT Security-Sécurité PC et Internet | Scoop.it

Security updates that Google released this week for Android resolve 43 vulnerabilities, including three that have been exploited in attacks.

The exploited flaws, tracked as CVE-2023-2136, CVE-2023-26083, and CVE-2021-29256, impact Android’s System and Arm Mali components.

The internet giant says “there are indications” that these security defects “may be under limited, targeted exploitation”.

CVE-2023-2136 was disclosed in April as a zero-day vulnerability in the Chrome browser, and is described as an integer overflow issue in Skia.

The bug allows “a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page,” a NIST advisory explains.

 

Learn more / En savoir plus / Mehr erfahren: 

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Android

 

Gust MEES's insight:

Security updates that Google released this week for Android resolve 43 vulnerabilities, including three that have been exploited in attacks.

The exploited flaws, tracked as CVE-2023-2136, CVE-2023-26083, and CVE-2021-29256, impact Android’s System and Arm Mali components.

The internet giant says “there are indications” that these security defects “may be under limited, targeted exploitation”.

CVE-2023-2136 was disclosed in April as a zero-day vulnerability in the Chrome browser, and is described as an integer overflow issue in Skia.

The bug allows “a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page,” a NIST advisory explains.

 

Learn more / En savoir plus / Mehr erfahren: 

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Android

 

No comment yet.
Scooped by Gust MEES
Scoop.it!

Infostealer malware have stolen 101,000 ChatGPT accounts

Infostealer malware have stolen 101,000 ChatGPT accounts | ICT Security-Sécurité PC et Internet | Scoop.it

​More than 101,000 ChatGPT user accounts have been stolen by information-stealing malware over the past year, according to dark web marketplace data.

Cyberintelligence firm Group-IB reports having identified over a hundred thousand info-stealer logs on various underground websites containing ChatGPT accounts, with the peak observed in May 2023, when threat actors posted 26,800 new ChatGPT credential pairs.

 

 
 
 
Gust MEES's insight:

​More than 101,000 ChatGPT user accounts have been stolen by information-stealing malware over the past year, according to dark web marketplace data.

Cyberintelligence firm Group-IB reports having identified over a hundred thousand info-stealer logs on various underground websites containing ChatGPT accounts, with the peak observed in May 2023, when threat actors posted 26,800 new ChatGPT credential pairs.

 

 
 
 
No comment yet.
Scooped by Gust MEES
Scoop.it!

Bootloader-Lücke gefährdet viele Linux-Distributionen | heise online

Bootloader-Lücke gefährdet viele Linux-Distributionen | heise online | ICT Security-Sécurité PC et Internet | Scoop.it

Bootloader-Lücke gefährdet viele Linux-Distributionen
Im Bootloader shim, der Secure-Boot auch für nicht-Windows-Betriebssysteme erlaubt, klafft eine Sicherheitslücke.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Gust MEES's insight:

Bootloader-Lücke gefährdet viele Linux-Distributionen
Im Bootloader shim, der Secure-Boot auch für nicht-Windows-Betriebssysteme erlaubt, klafft eine Sicherheitslücke.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

No comment yet.
Scooped by Gust MEES
Scoop.it!

Info-stealers can steal cookies for permanent access to your Google account

Info-stealers can steal cookies for permanent access to your Google account | ICT Security-Sécurité PC et Internet | Scoop.it

Hackers have found a way to gain unauthorized access to Google accounts, bypassing any multi-factor authentication (MFA) the user may have set up. To do this they steal authentication cookies and then extend their lifespan. It doesn’t even help if the owner of the account changes their password.

Since the discovery of the exploit, numerous white and black hat security researchers have looked into and discussed the issue. As a result, the exploit is now built into various information stealers.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=MFA

 

 

Gust MEES's insight:

Hackers have found a way to gain unauthorized access to Google accounts, bypassing any multi-factor authentication (MFA) the user may have set up. To do this they steal authentication cookies and then extend their lifespan. It doesn’t even help if the owner of the account changes their password.

Since the discovery of the exploit, numerous white and black hat security researchers have looked into and discussed the issue. As a result, the exploit is now built into various information stealers.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Two-factor+authentication

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=2FA

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=MFA

 

 

No comment yet.
Scooped by Gust MEES
Scoop.it!

Google-Nutzer aufgepasst: Trojaner nutzt Cookies, um Konten zu übernehmen

Google-Nutzer aufgepasst: Trojaner nutzt Cookies, um Konten zu übernehmen | ICT Security-Sécurité PC et Internet | Scoop.it

Google-Nutzer aufgepasst: Trojaner nutzt Cookies, um Konten zu übernehmen
Ein relativ neuer Typ von Schadsoftware nutzt Cookies, um Zugang zu Google-Konten zu erlangen. Da er diese auch selbst generieren und entschlüsseln kann, behalten Hacker auch dann Kontrolle über das Konto, wenn das Passwort geändert wird.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

Gust MEES's insight:

Google-Nutzer aufgepasst: Trojaner nutzt Cookies, um Konten zu übernehmen
Ein relativ neuer Typ von Schadsoftware nutzt Cookies, um Zugang zu Google-Konten zu erlangen. Da er diese auch selbst generieren und entschlüsseln kann, behalten Hacker auch dann Kontrolle über das Konto, wenn das Passwort geändert wird.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

No comment yet.
Scooped by Gust MEES
Scoop.it!

ChatGPT : une faille de sécurité menace la vie privée sur Internet

ChatGPT : une faille de sécurité menace la vie privée sur Internet | ICT Security-Sécurité PC et Internet | Scoop.it

ChatGPT est victime d’une nouvelle faille de sécurité. En exploitant cette brèche, il est possible d’extraire des données sensibles concernant des individus en s’adressant au chatbot d’OpenAI.

 

 
 
 
Gust MEES's insight:

ChatGPT est victime d’une nouvelle faille de sécurité. En exploitant cette brèche, il est possible d’extraire des données sensibles concernant des individus en s’adressant au chatbot d’OpenAI.

 

 
 
 
No comment yet.
Scooped by Gust MEES
Scoop.it!

Google Makes Passkeys Default for All Users

Google Makes Passkeys Default for All Users | ICT Security-Sécurité PC et Internet | Scoop.it

Google is making passkeys the default option, aiming to replace passwords altogether.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=PassKey

 

 

Gust MEES's insight:

Google is making passkeys the default option, aiming to replace passwords altogether.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

https://www.scoop.it/topic/securite-pc-et-internet/?&tag=PassKey

 

 

No comment yet.
Scooped by Gust MEES
Scoop.it!

Free Download Manager site redirected Linux users to malware for years

Free Download Manager site redirected Linux users to malware for years | ICT Security-Sécurité PC et Internet | Scoop.it

A reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing malware.

The malware used in this campaign establishes a reverse shell to a C2 server and installs a Bash stealer that collects user data and account credentials.

Kaspersky discovered the potential supply chain compromise case while investigating suspicious domains, finding that the campaign has been underway for over three years.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

 

Gust MEES's insight:

A reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing malware.

The malware used in this campaign establishes a reverse shell to a C2 server and installs a Bash stealer that collects user data and account credentials.

Kaspersky discovered the potential supply chain compromise case while investigating suspicious domains, finding that the campaign has been underway for over three years.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

 

No comment yet.
Scooped by Gust MEES
Scoop.it!

Smart light bulbs could give away your password secrets

Smart light bulbs could give away your password secrets | ICT Security-Sécurité PC et Internet | Scoop.it

A trio of researchers split between Italy and the UK have recently published a paper about cryptographic insecurities they found in a widely-known smart light bulb.

The researchers seem to have chosen their target device, the TP-Link Tapo L530E, on the basis that it is “currently [the] best seller on Amazon Italy,” so we don’t know how other smart bulbs stack up, but their report has plenty to teach us anyway.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=Smart+Home

 

 

Gust MEES's insight:

A trio of researchers split between Italy and the UK have recently published a paper about cryptographic insecurities they found in a widely-known smart light bulb.

The researchers seem to have chosen their target device, the TP-Link Tapo L530E, on the basis that it is “currently [the] best seller on Amazon Italy,” so we don’t know how other smart bulbs stack up, but their report has plenty to teach us anyway.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?tag=Smart+Home

 

No comment yet.
Scooped by Gust MEES
Scoop.it!

Researchers Leverage ChatGPT to Expose Notorious macOS Malware

Researchers Leverage ChatGPT to Expose Notorious macOS Malware | ICT Security-Sécurité PC et Internet | Scoop.it

Russian hackers and cybercrime forums are notorious for exploiting critical infrastructure. Last month, Hackread.com exclusively reported that a Russian-speaking threat actor was selling access to a US military satellite. Now, researchers have identified macOS malware being sold for $60,000.

 

 
 
 
 
Gust MEES's insight:

Russian hackers and cybercrime forums are notorious for exploiting critical infrastructure. Last month, Hackread.com exclusively reported that a Russian-speaking threat actor was selling access to a US military satellite. Now, researchers have identified macOS malware being sold for $60,000.

 

 
 
 
 
No comment yet.
Scooped by Gust MEES
Scoop.it!

Researchers jailbreak AI chatbots like ChatGPT, Claude

Researchers jailbreak AI chatbots like ChatGPT, Claude | ICT Security-Sécurité PC et Internet | Scoop.it

Researchers jailbreak AI chatbots, including ChatGPT
Like a magic wand that turns chatbots evil.

 

 
 
 
 
Gust MEES's insight:

Researchers jailbreak AI chatbots, including ChatGPT
Like a magic wand that turns chatbots evil.

 

 
 
 
 
No comment yet.
Scooped by Gust MEES
Scoop.it!

Angriff ohne Spuren: Kryptomining-Malware versteckt sich ausschließlich im Ram 

Angriff ohne Spuren: Kryptomining-Malware versteckt sich ausschließlich im Ram  | ICT Security-Sécurité PC et Internet | Scoop.it

Kryptomining-Malware versteckt sich ausschließlich im Ram
Ein Python-Skript namens Pyloose hat es auf Linux-Systeme abgesehen, um direkt aus dem Arbeitsspeicher heraus Kryptowährungen zu schürfen.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

 
Gust MEES's insight:

Kryptomining-Malware versteckt sich ausschließlich im Ram
Ein Python-Skript namens Pyloose hat es auf Linux-Systeme abgesehen, um direkt aus dem Arbeitsspeicher heraus Kryptowährungen zu schürfen.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

No comment yet.
Scooped by Gust MEES
Scoop.it!

Tootroot: Mastodon-Instanzen ließen sich durch spezielle Toots kapern - Golem.de

Tootroot: Mastodon-Instanzen ließen sich durch spezielle Toots kapern - Golem.de | ICT Security-Sécurité PC et Internet | Scoop.it

Die Entwickler der quelloffenen Software hinter dem sozialen Netzwerk Mastodon haben kürzlich ein Sicherheitsupdate für die aufstrebende Twitter-Alternative veröffentlicht. Damit behoben sie insgesamt fünf Schwachstellen, von denen eine es Hackern ermöglichte, ganze Mastodon-Instanzen zu kapern. Auf Github heißt es zu der als CVE-2023-36460 registrierten Sicherheitslücke, sie erlaube es "Angreifern, jede Datei zu erstellen und zu überschreiben, auf die Mastodon Zugriff hat". Dadurch seien etwa Denial-of-Service-Angriffe oder eine beliebige Codeausführung aus der Ferne (RCE) umsetzbar.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/social-media-and-its-influence/?&tag=Mastodon

 

 

Gust MEES's insight:

Die Entwickler der quelloffenen Software hinter dem sozialen Netzwerk Mastodon haben kürzlich ein Sicherheitsupdate für die aufstrebende Twitter-Alternative veröffentlicht. Damit behoben sie insgesamt fünf Schwachstellen, von denen eine es Hackern ermöglichte, ganze Mastodon-Instanzen zu kapern. Auf Github heißt es zu der als CVE-2023-36460 registrierten Sicherheitslücke, sie erlaube es "Angreifern, jede Datei zu erstellen und zu überschreiben, auf die Mastodon Zugriff hat". Dadurch seien etwa Denial-of-Service-Angriffe oder eine beliebige Codeausführung aus der Ferne (RCE) umsetzbar.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/social-media-and-its-influence/?&tag=Mastodon

 

 

No comment yet.
Scooped by Gust MEES
Scoop.it!

New StackRot Linux kernel flaw allows privilege escalation

New StackRot Linux kernel flaw allows privilege escalation | ICT Security-Sécurité PC et Internet | Scoop.it

Technical information has emerged for a serious vulnerability affecting multiple Linux kernel versions that could be triggered with "minimal capabilities." The security issue is being referred to as StackRot (CVE-2023-3269) and can be used to compromise the kernel and elevate privileges.

A patch is available for the affected stable kernels since July 1st and full details about the issue along with a complete exploit code are expected by the end of the month.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

Gust MEES's insight:

Technical information has emerged for a serious vulnerability affecting multiple Linux kernel versions that could be triggered with "minimal capabilities." The security issue is being referred to as StackRot (CVE-2023-3269) and can be used to compromise the kernel and elevate privileges.

A patch is available for the affected stable kernels since July 1st and full details about the issue along with a complete exploit code are expected by the end of the month.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/securite-pc-et-internet/?&tag=Linux

 

No comment yet.
Scooped by Gust MEES
Scoop.it!

Gefahr für Windows-Nutzer: Gegen neue Schadsoftware haben Virenscanner keine Chance | #CyberSecurity #Terminator

Gefahr für Windows-Nutzer: Gegen neue Schadsoftware haben Virenscanner keine Chance | #CyberSecurity #Terminator | ICT Security-Sécurité PC et Internet | Scoop.it

Neue Gefahr für Windows-Nutzer: Wie unter anderem "Bleeping Computer" berichtet, wird in Hacker-Foren aktuell ein Tool verkauft, das sich "Terminator" nennt. Kriminelle zahlen dem Portal zufolge bis zu 3.000 US-Dollar für die offenbar sehr effektive Software. Der Entwickler nennt sich in den Foren selbst "Spyboy".


Was "Terminator" so gefährlich macht: Das Tool ist offenbar in der Lage, 24 weitverbreitete Antivirus-, Endpoint Detection and Response- und Extended Detection and Response-Sicherheitsanwendungen zu umgehen. Davon ist offenbar auch der Windows Defender betroffen. Angreifbar sind alle Systeme ab Windows 7.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

Gust MEES's insight:

Neue Gefahr für Windows-Nutzer: Wie unter anderem "Bleeping Computer" berichtet, wird in Hacker-Foren aktuell ein Tool verkauft, das sich "Terminator" nennt. Kriminelle zahlen dem Portal zufolge bis zu 3.000 US-Dollar für die offenbar sehr effektive Software. Der Entwickler nennt sich in den Foren selbst "Spyboy".


Was "Terminator" so gefährlich macht: Das Tool ist offenbar in der Lage, 24 weitverbreitete Antivirus-, Endpoint Detection and Response- und Extended Detection and Response-Sicherheitsanwendungen zu umgehen. Davon ist offenbar auch der Windows Defender betroffen. Angreifbar sind alle Systeme ab Windows 7.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/topic/securite-pc-et-internet

 

No comment yet.