Search cyberveille.decio.ch

Found 1503 bookmarks

Custom sorting

Microsoft’s AI Chatbot Replies to Election Questions With Conspiracies, Fake Scandals, and Lies

With less than a year to go before one of the most consequential elections in US history, Microsoft’s AI chatbot is responding to political queries with conspiracies, misinformation, and out-of-date or incorrect information. When WIRED asked the chatbot, initially called Bing Chat and recently renamed Microsoft Copilot, about polling locations for the 2024 US election, the bot referenced in-person voting by linking to an article about Russian president Vladimir Putin running for reelection next year. When asked about electoral candidates, it listed numerous GOP candidates who have already pulled out of the race.

#wired #EN #2023 #BingChat #Chatbot #Election #Conspiracies #Lies #AI

·wired.com·Dec 16, 2023

Microsoft’s AI Chatbot Replies to Election Questions With Conspiracies, Fake Scandals, and Lies

Marketing Company Claims That It Actually Is Listening to Your Phone and Smart Speakers to Target Ads

A marketing team within media giant Cox Media Group (CMG) claims it has the capability to listen to ambient conversations of consumers through embedded microphones in smartphones, smart TVs, and other devices to gather data and use it to target ads, according to a review of CMG marketing materials by 404 Media and details from a pitch given to an outside marketing professional. Called “Active Listening,” CMG claims the capability can identify potential customers “based on casual conversations in real time.”

#404media #EN #2023 #marketing #CMG #Cox-Media-Group #Listening #Phone #privacy

·404media.co·Dec 16, 2023

Marketing Company Claims That It Actually Is Listening to Your Phone and Smart Speakers to Target Ads

Exploiting GOG Galaxy XPC service for privilege escalation in macOS

Unpack the analysis of a GOG Galaxy XPC service vulnerability. More from IBM X-Force Red.

#securityintelligence #2023 #EN #macos #GOG #client #XPC #vulnerability

·securityintelligence.com·Dec 16, 2023

Exploiting GOG Galaxy XPC service for privilege escalation in macOS

Imperva Uncovers CVE-2023-22524, A RCE Vulnerability

Learn about a RCE vulnerability, discovered by the Imperva Red Team, identified as CVE-2023-22524, in Atlassian Companion for macOS.

#imperva #EN #2023 #RCE #vulnerability #CVE-2023-22524 #Atlassian #macOS

·imperva.com·Dec 16, 2023

Imperva Uncovers CVE-2023-22524, A RCE Vulnerability

3CX warns customers to disable SQL database integrations

VoIP communications company 3CX warned customers today to disable SQL Database integrations because of risks posed by what it describes as a potential vulnerability.

#bleepingcomputer #EN #2023 #CRM #SQL #VoIP #Warning #3CX

·bleepingcomputer.com·Dec 15, 2023

3CX warns customers to disable SQL database integrations

Cyberextorsion : 2023, année de l’industrialisation

L’année qui s’achève aura été notamment marquée par plusieurs campagnes d’exploitation de vulnérabilités inédites, en masse, par Cl0p, à des fins de cyberextorsion. Une première à cette échelle. L'...

#lemagit #FR #2023 #Cyberextorsion #industrialisation #Cl0p

·lemagit.fr·Dec 15, 2023

Cyberextorsion : 2023, année de l’industrialisation

A pernicious potpourri of Python packages in PyPI

The past year has seen over 10,000 downloads of malicious packages hosted on the official Python package repository, ESET research finds.

#welivesecurity #EN #2023 #Python #packages #malicious #PyPI

·welivesecurity.com·Dec 15, 2023

A pernicious potpourri of Python packages in PyPI

Paternity and fertility tests among data stolen in Asper Biogene cyberattack | News | ERR

Among the health data illegally downloaded from genetic testing company Asper Biogene's database were details related to paternity and fertility tests. Some of the data is easily understandable and can be directly connected to specific individuals, Pille Lehis, director general of the Data Protection Inspectorate, said on ETV morning show "Terevisioon.".

#err.ee #EN #2023 #cyberattack #data-protection-inspectorate #pille-lehis #asper-biogene #health-data-leak

·news.err.ee·Dec 15, 2023

Paternity and fertility tests among data stolen in Asper Biogene cyberattack | News | ERR

Supply chain attack targeting Ledger crypto wallet leaves users hacked

Hackers pushed out a malicious version of a software library made by crypto company Ledger, which powers several web3 applications.

#techcrunch #EN #2023 #crypto #security #cryptocurrency #ledger #Supply-chain-attack

·techcrunch.com·Dec 15, 2023

Supply chain attack targeting Ledger crypto wallet leaves users hacked

CVE-2023-50164

Apache Struts is a popular Java web application framework. On December 7, 2023 Apache published an advisory for CVE-2023-50164, a Struts parameter pollution vu…

#attackerkb #EN #2023 #CVE-2023-50164 #Apache #Struts #analysis

·attackerkb.com·Dec 15, 2023

CVE-2023-50164

Ledger's Web3 Connector library was compromised and replaced with a drainer

Ledger's software got hit with a serious security problem. banteg, a well-known crypto guy, tweeted that Ledger's library is messed up and now has a "drainer" in it.

#stackdiary #EN #2023 #Ledger #library #crypto #software #wallet

·stackdiary.com·Dec 14, 2023

Ledger's Web3 Connector library was compromised and replaced with a drainer

Apple will no longer give police users' push notification data without a warrant

Apple says it will now require a judge-approved order before handing over its users' push notification records to government agencies.

#techcrunch #EN #2023 #apple #cybersecurity #data-protection #law-enforcement #push

·techcrunch.com·Dec 13, 2023

Apple will no longer give police users' push notification data without a warrant

Hackers are exploiting critical Apache Struts flaw using public PoC

Hackers are attempting to leverage a recently fixed critical vulnerability (CVE-2023-50164) in Apache Struts that leads to remote code execution, in attacks that rely on publicly available proof-of-concept exploit code.

#bleepingcomputer #EN #2023 #Actively-Exploited #Apache-Struts #PoC #Proof-of-Concept #RCE #Remote-Code-Execution #CVE-2023-50164

·bleepingcomputer.com·Dec 13, 2023

Hackers are exploiting critical Apache Struts flaw using public PoC

Ukraine’s intelligence claims cyberattack on Russia’s state tax service

Ukraine's defense intelligence directorate (GUR) said it infected thousands of servers belonging to Russia's state tax service with malware, and destroyed databases and backups.

#therecord #EN #2023 #Ukraine #Russia #Russia-Ukraine-war #GUR #destroyed #state #tax #service #malware

·therecord.media·Dec 13, 2023

Ukraine’s intelligence claims cyberattack on Russia’s state tax service

CALISTO doxxing : Sekoia.io findings concurs to Reuters’ investigation on FSB-related Andrey Korinets

Discover activities linking Korinets to CALISTO doxxing in our investigation. Uncover details from emails, domains & servers used to target UK Parliament & Cambridge University.

#sekoia #EN #2023 #Korinets #CALISTO #doxxing #mail #whois

·blog.sekoia.io·Dec 13, 2023

CALISTO doxxing : Sekoia.io findings concurs to Reuters’ investigation on FSB-related Andrey Korinets

Threat actors misuse OAuth applications to automate financially driven attacks

Microsoft Threat Intelligence presents cases of threat actors misusing OAuth applications as automation tools in financially motivated attacks.

#microsoft #EN #2023 #OAuth #applications #automation #tools #attacks

·microsoft.com·Dec 13, 2023

Threat actors misuse OAuth applications to automate financially driven attacks

Spider-Man And Wolverine Devs Hit By Alleged Ransomware Attack

This would be the third time this year that a Sony-owned company has been breached by hackers

#kotaku #EN #2023 #Ransomware #Royal #Rhysida #Insomniac #Sony

·kotaku.com·Dec 13, 2023

Spider-Man And Wolverine Devs Hit By Alleged Ransomware Attack

Apple’s new iPhone security setting keeps thieves out of your digital accounts

Apple added a feature to iOS 17.3 that appears to address an iPhone security vulnerability that lets thieves steal iCloud accounts using only a user’s iPhone PIN.

#theverge #EN #2023 #iOS17.3 #iPhone #anti-theft #biometric #iCloud #setting

·theverge.com·Dec 13, 2023

Apple’s new iPhone security setting keeps thieves out of your digital accounts

Ransomware Hive : arrestation d’un suspect à Paris | LeMagIT

Un ressortant russe résidant à Chypre, âgé d’une quarantaine d’années, a été interpellé la semaine dernière à Paris, soupçonné de liens avec la franchise de rançongiciel Hive.

#lemagit #FR #2023 #Ransomware #arrestation #Hive #Paris

·lemagit.fr·Dec 13, 2023

Ransomware Hive : arrestation d’un suspect à Paris | LeMagIT

Ukraine's top mobile operator hit by biggest cyberattack of war so far | Reuters

Ukraine's biggest mobile network operator was hit on Tuesday by what appeared to be the largest cyberattack of the war with Russia so far, knocking out mobile and internet services for millions and the air raid alert system in parts of Kyiv region.

#reuters #EN #2023 #Ukraine #mobile #cyberattack #Russia #Russia-Ukraine-war #Kyivstar

·reuters.com·Dec 12, 2023

Ukraine's top mobile operator hit by biggest cyberattack of war so far | Reuters

pfSense Security: Sensing Code Vulnerabilities with SonarCloud

Our Clean Code solution SonarCloud discovered multiple vulnerabilities leading to remote code execution on pfSense CE 2.7.0. Let's see how SonarCloud found them and how it can keep your code clean.

#sonarsource #EN #2023 #pfsense #CVE-2023-42325 #CVE-2023-42327 #CVE-2023-42326

·sonarsource.com·Dec 12, 2023

pfSense Security: Sensing Code Vulnerabilities with SonarCloud

One in four apps remain exposed to Log4Shell

Two years after the Log4Shell vulnerability in the open source Java-based Log4j logging utility was disclosed, circa one in four applications are dependent on outdated libraries, leaving them open to exploitation. Research from security shop Veracode revealed that the vast majority of vulnerable apps may never have updated the Log4j library after it was implemented by developers as 32 percent were running pre-2015 EOL versions.

#theregister #EN #2023 #Log4Shell #Log4j #Veracode #outdated #vulnerable

·theregister.com·Dec 12, 2023

One in four apps remain exposed to Log4Shell

Sophos backports RCE fix after attacks on unsupported firewalls

Sophos was forced to backport a security update for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions after discovering hackers actively exploiting the flaw in attacks.

#bleepingcomputer #En #2023 #Actively-Exploited #Firewall #RCE #Remote-Code-Execution #Security-Update #Sophos

·bleepingcomputer.com·Dec 12, 2023

Sophos backports RCE fix after attacks on unsupported firewalls

50K WordPress sites exposed to RCE attacks by critical bug in backup plugin

A critical severity vulnerability in a WordPress plugin with more than 90,000 installs can let attackers gain remote code execution to fully compromise vulnerable websites.

#bleepingcomputer #EN #2023 #Backup-Migration #Code-Injection #CVE-2023-6553 #PHP #RCE #Remote-Code-Execution #WordPress

·bleepingcomputer.com·Dec 12, 2023

50K WordPress sites exposed to RCE attacks by critical bug in backup plugin

AI Act, come funziona lo stop al riconoscimento biometrico della prima legge europea sull'intelligenza artificiale | Wired Italia

Sono previste tre eccezioni per le forze dell'ordine, con una lista di 16 crimini per le cui indagini può essere ammesso. Serve un'autorizzazione dall'autorità giudiziaria, ma si può partire senza e richiederla in 24 ore

#wired.it #IT #2023 #ai-act #intelligenza-artificiale #big-data #europa #regole #copyright #privacy #chatgpt #google-bard #sorveglianza #riconoscimento-facciale

·wired.it·Dec 12, 2023

AI Act, come funziona lo stop al riconoscimento biometrico della prima legge europea sull'intelligenza artificiale | Wired Italia

Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws

Apple has released patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari to address multiple vulnerabilities.

#thehackernews #EN #2023 #Apple #Security #Updates #November2023 #iOS #macOS #tvOS #watchOS #patch #CVE-2023-45866

·thehackernews.com·Dec 12, 2023

Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws

US healthcare giant Norton says hackers stole millions of patients' data during ransomware attack | TechCrunch

Hackers accessed the personal and health data of 2.5 million patients — and employees — during a May ransomware attack.

#techcrunch #EN #2023 #data-breach #healthcare #ransomware #Norton

·techcrunch.com·Dec 12, 2023

US healthcare giant Norton says hackers stole millions of patients' data during ransomware attack | TechCrunch

L’AI Act européen adopté après des négociations marathon | ICTjournal

Les négociateurs du Parlement et du Conseil européens sont parvenus à un accord concernant la réglementation de l'intelligence artificielle. L'approche basée sur les risques, à la base du projet, est confirmée. Des compromis sont censés garantir la protection contre les risques liés à l’IA, tout en encourageant l’innovation.

#ictjournal #FR #2023 #EU #IA #réglementation #act #AI

·ictjournal.ch·Dec 11, 2023

L’AI Act européen adopté après des négociations marathon | ICTjournal

The EU Just Passed Sweeping New Rules to Regulate AI

The European Union agreed on terms of the AI Act, a major new set of rules that will govern the building and use of AI and have major implications for Google, OpenAI, and others racing to develop AI systems.

#wired #EN #2023 #artificial #intelligence #openai #EU #legal #act #ai

·wired.com·Dec 11, 2023

The EU Just Passed Sweeping New Rules to Regulate AI

Amazon sues group that fakes returns so people can get free MacBooks - The Verge

Amazon sues REKK, which allegedly helped shoppers get other expensive items for free by hacking and bribing fulfillment center employees to approve fake returns.

#theverge #2023 #EN #Amazon #REKK #fake #MacBook

·theverge.com·Dec 11, 2023

Amazon sues group that fakes returns so people can get free MacBooks - The Verge