Cyberveille

ChatGPT-4, Mistral, other AI chatbots spread Russian propaganda https://www.axios.com/2024/06/18/ai-chatbots-russian-propaganda

19/06/2024 19:45:48

A NewsGuard audit found that chatbots spewed misinformation from American fugitive John Mark Dougan.
#AI #Axios #ChatGPT #Google #Illustrations #License #Microsoft #Misinformation #OpenAI #Visuals #genAI #generative #or

SolarMarker Impersonates Job Employment Website, Indeed,… https://www.esentire.com/blog/solarmarker-impersonates-job-employment-website-indeed-with-a-team-building-themed-lure

19/06/2024 19:43:34

Learn more about SolarMarker impersonating a job employment website, Indeed, and get security recommendations from our Threat Response Unit (TRU) to…

All households in Scottish region to get alert about hackers publishing stolen medical data https://therecord.media/all-scottish-households-nhs-hack-alert

19/06/2024 19:37:23

The residents of Dumfries and Galloway are being warned their data was likely compromised in a February ransomware attack on the National Health Service (NHS).

UNC3944 Targets SaaS Applications https://cloud.google.com/blog/topics/threat-intelligence/unc3944-targets-saas-applications?hl=en

19/06/2024 10:47:01

UNC3944 is a financially motivated threat group that carries significant overlap with public reporting of "0ktapus," "Octo Tempest," "Scatter Swine," and "Scattered Spider" and has been observed adapting its tactics to include data theft from software-as-a-service (SaaS) applications to attacker-owned cloud storage objects (using cloud synchronization tools), persistence mechanisms against virtualization platforms, and lateral movement via SaaS permissions abuse. Active since at least May 2022, UNC3944 has leveraged underground communities like Telegram to acquire tools, services, and support to enhance their operations.

Attacco hacker all'Asst Rhodense, due settimane per il ripristino dei sistemi. Disservizi anche in altri ospedali per problemi al data center di Aria | Corriere.it https://milano.corriere.it/notizie/cronaca/24_giugno_07/attacco-hacker-all-asst-rhodense-due-settimane-per-il-ripristino-dei-sistemi-disservizi-anche-in-altri-ospedali-per-problemi-al-data-center-di-aria-b778739c-e62e-4cd2-a235-57e58f00cxlk.shtml

19/06/2024 09:09:49

L'Agenzia per la cybersicurezza nazionale al lavoro. Ancora bloccati esami e interventi non urgenti

Comment une nébuleuse, "The Comm", a engendré l’un des gangs les plus craints du moment, Scattered Spider https://www.usine-digitale.fr/article/comment-une-nebuleuse-the-comm-a-engendre-l-un-des-gangs-les-plus-craints-du-moment-scattered-spider.N2214764

19/06/2024 08:54:13

Enfin une bonne nouvelle à propos de Scattered Spider, ce gang de cybercriminels actif depuis le printemps 2022 ? La presse espagnole vient d’annoncer l’arrestation d’un Anglais présenté comme l’un des leaders de ce groupe informel de pirates informatiques. Le jeune homme de 22 ans s'apprêtait à s’envoler vers l’Italie quand il a été arrêté à Palma de Majorque, dans l’archipel des Baléares.

Security bug allows anyone to spoof Microsoft employee emails https://techcrunch.com/2024/06/18/security-bug-allows-anyone-to-spoof-microsoft-employee-emails/

19/06/2024 08:47:58

A researcher has found a way to impersonate Microsoft corporate email accounts, which could make phishing attacks harder to spot.

Suspected 'Scattered Spider' hacker, 22, reportedly arrested in Spain https://therecord.media/suspected-scattered-spider-cybercriminal-arrested-spain

18/06/2024 15:08:55

Spanish newspaper Murcia Today reported that a British man was detained at Palma Airport as he prepared to board a flight to Italy.

Les résultats et les suites de l’enquête administrative dans l’affaire Xplain https://swissprivacy.law/306/

17/06/2024 16:53:03

L'affaire Xplain a mis en évidence toutes les difficultés liées à la gestion d'un projet informatique complexe mené entre différents acteurs publics et privés. Plusieurs leçons ont pu être tirées pouvant certainement s'appliquer à d'autres situations comparables, quels que soient les acteurs concernés. Tour d'horizon des erreurs commises et des mesures ayant été prises

New Wi-Fi Takeover Attack—All Windows Users Warned To Update Now https://www.forbes.com/sites/daveywinder/2024/06/14/new-wi-fi-takeover-attack-all-windows-users-warned-to-update-now/

17/06/2024 16:43:12

Microsoft has released a critical security update for users of all supported Windows versions as a new Wi-Fi compromise requiring no authentication has been confirmed.

Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake https://www.wired.com/story/epam-snowflake-ticketmaster-breach-shinyhunters/

17/06/2024 15:07:44

A ShinyHunters hacker tells WIRED that they gained access to Ticketmaster’s Snowflake cloud account—and others—by first breaching a third-party contractor.

Newly discovered: BadSpace backdoor delivered by high-ranking websites https://www.gdatasoftware.com/blog/2024/06/37947-badspace-backdoor

17/06/2024 13:31:28

Threat actors deliver fake software updates on websites for popular browsers: Sites with a high search engine ranking are at an increased risk.

Microsoft Refused to Fix Flaw Years Before SolarWinds Hack https://www.propublica.org/article/microsoft-solarwinds-golden-saml-data-breach-russian-hackers

17/06/2024 13:20:05

Former employee says software giant dismissed his warnings about a critical flaw because it feared losing government business. Russian hackers later used the weakness to breach the National Nuclear Security Administration, among others.

New ARM 'TIKTAG' attack impacts Google Chrome, Linux systems https://www.bleepingcomputer.com/news/security/new-arm-tiktag-attack-impacts-google-chrome-linux-systems/

17/06/2024 09:25:20

A new speculative execution attack named

Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers https://thehackernews.com/2024/06/arm-warns-of-actively-exploited-zero.html

16/06/2024 00:13:01

Arm discloses a critical vulnerability (CVE-2024-4610) in Mali GPU Kernel Drivers. This flaw, actively exploited, affects versions from r34p0 to r40p0

Black Basta ransomware gang linked to Windows zero-day attacks https://www.bleepingcomputer.com/news/security/black-basta-ransomware-gang-linked-to-windows-zero-day-attacks/

16/06/2024 00:11:34

The Cardinal cybercrime group (Storm-1811, UNC4394), who are the main operators of the Black Basta ransomware, is suspected of exploiting a Windows privilege escalation vulnerability, CVE-2024-26169, before a fix was made available.

The mystery of an alleged data broker’s data breach https://techcrunch.com/2024/06/11/the-mystery-of-an-alleged-data-brokers-data-breach/

16/06/2024 00:09:50

The breached data appears partly legitimate — if imperfect — but also widely available for sale by data brokers.

New York Times warns freelancers of GitHub repo data breach https://www.bleepingcomputer.com/news/security/new-york-times-warns-freelancers-of-github-repo-data-breach/

16/06/2024 00:08:32

The New York Times notified an undisclosed number of contributors that some of their sensitive personal information was stolen and leaked after its GitHub repositories were breached in January 2024.

entagon ran secret anti-vax campaign to undermine China during pandemic https://www.reuters.com/investigates/special-report/usa-covid-propaganda/

16/06/2024 00:06:49

The U.S. military launched a clandestine program amid the COVID crisis to discredit China’s Sinovac inoculation – payback for Beijing’s efforts to blame Washington for the pandemic. One target: the Filipino public. Health experts say the gambit was indefensible and put innocent lives at risk.

Former head of NSA joins OpenAI board https://www.theverge.com/2024/6/13/24178079/openai-board-paul-nakasone-nsa-safety

16/06/2024 00:03:43

OpenAI has appointed Paul M. Nakasone, a retired general of the US Army and a former head of the National Security Agency, to its board of directors.

Liens par page

Filtres