Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 2 / 76
1513 résultats taggé 2024  ✕
Many-shot jailbreaking \ Anthropic https://www.anthropic.com/research/many-shot-jailbreaking
08/01/2025 12:17:06
QRCode
archive.org
thumbnail

Anthropic is an AI safety and research company that's working to build reliable, interpretable, and steerable AI systems.

anthropic EN 2024 AI LLM Jailbreak Many-shot
Bad Likert Judge: A Novel Multi-Turn Technique to Jailbreak LLMs by Misusing Their Evaluation Capability https://unit42.paloaltonetworks.com/multi-turn-technique-jailbreaks-llms/?is=e4f6b16c6de31130985364bb824bcb39ef6b2c4e902e4e553f0ec11bdbefc118
08/01/2025 12:15:25
QRCode
archive.org
thumbnail

The jailbreak technique "Bad Likert Judge" manipulates LLMs to generate harmful content using Likert scales, exposing safety gaps in LLM guardrails. The jailbreak technique "Bad Likert Judge" manipulates LLMs to generate harmful content using Likert scales, exposing safety gaps in LLM guardrails.

unit42 EN 2024 LLM Jailbreak Likert
Telegram Hands U.S. Authorities Data on Thousands of Users https://www.404media.co/telegram-hands-u-s-authorities-data-on-thousands-of-users/
07/01/2025 09:37:50
QRCode
archive.org
thumbnail

The number of data requests fulfilled by Telegram skyrocketed, with the company providing data to U.S. authorities on 2,253 users last year.

404media EN 2024 US Telegrm Durov fulfilled data-request
LDAPNightmare: SafeBreach Publishes First PoC Exploit (CVE-2024-49113) https://www.safebreach.com/blog/ldapnightmare-safebreach-labs-publishes-first-proof-of-concept-exploit-for-cve-2024-49113/
04/01/2025 12:13:12
QRCode
archive.org
thumbnail

See how SafeBreach researchers developed a zero-click PoC exploit for LDAPNightmare (CVE-2024-49113) that crashes unpatched Windows Servers.

safebreach EN 2024 PoC CVE-2024-49113 LDAPNightmare
What We Know About CVE-2024-49112 and CVE-2024-49113 https://www.trendmicro.com/en_us/research/25/a/what-we-know-about-cve-2024-49112-and-cve-2024-49113.html
04/01/2025 12:11:50
QRCode
archive.org
thumbnail

In December 2024, two Windows Lightweight Directory Access Protocol (LDAP) vulnerabilities were identified by independent security researcher Yuki Chen: CVE-2024-49112, a remote code execution (RCE) flaw with a 9.8 CVSS score, and CVE-2024-49113, a denial-of-service (DoS) flaw with a 7.5 CVSS score.

trendmicro EN 2024 CVE-2024-49112 CVE-2024-49113 LDAPNightmare Microsoft LDAP RCE
White House: Salt Typhoon hacks possible because telecoms lacked basic security measures https://cyberscoop.com/salt-typhoon-telecom-cybersecurity-gaps-white-house-response/?is=09685296f9ea1fb2ee0963f2febaeb3a55d8fb1eddbb11ed4bd2da49d711f2c7
03/01/2025 23:50:23
QRCode
archive.org
thumbnail

The White House said Friday the Salt Typhoon breach occurred in large part due to failures at telecom companies to protect their systems. 

cyberscoop EN 2024 Salt-Typhoon telecoms failures
NATO’s Emergency Plan for an Orbital Backup Internet https://spectrum.ieee.org/undersea-internet-cables-nato
03/01/2025 22:11:37
QRCode
archive.org
thumbnail

An undersea cable breach would reroute to satellites

spectrum.ieee.org EN 2024 cables information-security internet-traffic nato satellite-communications
DoubleClickjacking: A New Era of UI Redressing https://www.paulosyibelo.com/2024/12/doubleclickjacking-what.html
03/01/2025 02:39:01
QRCode
archive.org
thumbnail

“Clickjacking” attacks have been around for over a decade, enabling malicious websites to trick users into clicking hidden or disguised buttons they never intended to click . This technique is becoming less practical as modern browsers set all cookies to “SameSite: Lax” by default. Even if an attacker site can frame another website, the framed site would be unauthenticated, because cross-site cookies are not sent. This significantly reduces the risk of successful clickjacking attacks, as most interesting functionality on websites typically requires authentication.

paulosyibelo EN 2024 DoubleClickjacking analysis technique
Introducing the MISP Threat Actor Naming Standard https://www.misp-standard.org/blog/Naming-Threat-Actor/
02/01/2025 22:53:50
QRCode
archive.org

How to name threat actor and adversaries in threat intelligence

misp-standard EN 2024 standards name convention Actor Naming
Cyber attack on Italy's Foreign Ministry, airports claimed by pro-Russian hacker group https://www.reuters.com/technology/cybersecurity/cyber-attack-italys-foreign-ministry-airports-claimed-by-pro-russian-hacker-2024-12-28/
02/01/2025 22:50:55
QRCode
archive.org

Hackers targeted around ten official websites in Italy on Saturday, including the websites of the Foreign Ministry and Milan's two airports, putting them out of action temporarily, the country's cyber security agency said.
The pro-Russian hacker group Noname057(16) claimed the cyber attack on Telegram, saying Italy's "Russophobes get a well deserved cyber response".

reuters EN 2024 Noname057(16) Italy DDoS
New details reveal how hackers hijacked 35 Google Chrome extensions https://www.bleepingcomputer.com/news/security/new-details-reveal-how-hackers-hijacked-35-google-chrome-extensions/
02/01/2025 10:47:03
QRCode
archive.org
thumbnail

New details have emerged about a phishing campaign targeting Chrome browser extension developers that led to the compromise of at least thirty-five extensions to inject data-stealing code, including those from cybersecurity firm Cyberhaven.

bleepingcomputer EN 2024 Chrome-extension Cyberhaven Data-Theft Facebook OAuth Phishing Supply-Chain-Attack
U.S. Army Soldier Arrested in AT&T, Verizon Extortions – Krebs on Security https://krebsonsecurity.com/2024/12/u-s-army-soldier-arrested-in-att-verizon-extortions/
01/01/2025 22:23:33
QRCode
archive.org

Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier this year from AT&T and Verizon. As first reported by…

krebsonsecurity EN 2024 U.S. Army Soldier busted arrested Verizon Extortions AT&T
Finland identifies seven suspects among crew of alleged Russian 'spy' tanker https://therecord.media/finland-suspects-identified-alleged-russian-spy-ship
31/12/2024 16:59:47
QRCode
archive.org
thumbnail

Seven crew members of the seized ship Eagle S are being treated as suspects as Finland investigates undersea cable sabotage and alleged Russian spying.

therecord.media EN 2024 Finland Russia cable sabotage
Ces hackers israéliens qui s’installent à Barcelone https://www.courrierinternational.com/article/cybersecurite-ces-hackers-israeliens-qui-s-installent-a-barcelone_226052
31/12/2024 13:12:03
QRCode
archive.org
thumbnail

Barcelone se mue en “capitale européenne de la cyberguerre”. Depuis un an et demi, “au moins trois équipes renommées d’experts en piratage informatique”, venus d’Israël, se sont installées dans la capitale de la Catalogne, détaille El Periódico de Catalunya. Le journal espagnol s’appuie sur les informations du quotidien de Tel-Aviv Ha’Aretz, qui a publié le 26 décembre un article sur les hackers “délocalisés” d’Israël vers des pays de l’Union européenne, dont l’Espagne.

courrierinternational FR 2024 Barcelone Espagne spyware Israel cyberguerre
Infocert, in vendita nel deep web milioni di dati di utenti italiani https://www.wired.it/article/infocert-spid-furto-dati/
31/12/2024 12:58:53
QRCode
archive.org
thumbnail

InfoCert, uno dei principali fornitori di identità digitale, ha confermato la violazione annunciata sui forum da criminali informatici. I dati rubati potrebbero essere usati per attacchi phishing mirati

wired IT 2024 spid pubblica-amministrazione data-leak InfoCert Italia
Palo Alto Firewalls Backdoored by Suspected Chinese Hackers https://www.databreachtoday.eu/palo-alto-firewalls-backdoored-by-suspected-chinese-hackers-a-27182
31/12/2024 00:58:46
QRCode
archive.org
thumbnail

A suspected Chinese hacking campaign that began in November is exploiting a vulnerability in Palo Alto firewalls to install a custom malware backdoor for espionage.

databreachtoday EN 2024 Palo-Alto PAN-OS China Northwave CVE-2024-9474 UNC5325 Espionage Littlelamb.Wooltea
China Hacked Treasury Dept. in ‘Major’ Breach, U.S. Says https://www.nytimes.com/2024/12/30/us/politics/china-hack-treasury.html?unlocked_article_code=1.lU4.cvt0.VKdgPzM0c08e&smid=url-share
31/12/2024 00:47:58
QRCode
archive.org

The department notified lawmakers of the episode, which it said was linked to a state-sponsored actor in China.
In a letter informing lawmakers of the episode, the Treasury Department said that it had been notified on Dec. 8 by a third-party software service company, BeyondTrust, that the hacker had obtained a security key that allowed it to remotely gain access to certain Treasury workstations and documents on them

nytimes EN 2024 US Treasury Breach BeyondTrust attribution China Hacked
US Treasury says China accessed government documents in 'major' cyberattack https://techcrunch.com/2024/12/30/us-treasury-says-china-stole-documents-in-major-cyberattack/
31/12/2024 00:45:01
QRCode
archive.org
thumbnail

Treasury officials attributed the December theft of unclassified documents to China.

The Treasury said it was notified on December 8 by BeyondTrust, a company that provides identity access and remote support tech for large organizations and government departments, that hackers had “gained access to a key used by the vendor” for providing remote access technical support to Treasury employees. BeyondTrust disclosed the incident at the time, but did not say how the key was obtained.

techcrunch EN 2024 US Treasury China BeyondTrust cyberattack attribution
Thousands of widely-used public workspaces are leaking data https://www.techradar.com/pro/security/thousands-of-widely-used-public-workspaces-are-leaking-data
29/12/2024 18:26:10
QRCode
archive.org
thumbnail

Following disclosure, Postman implemented additional safeguards

techradar EN 2024 postman data-leak workspaces safeguards public
Massive VW Data Leak Exposed 800,000 EV Owners’ Movements, From Homes To Private Spaces | Carscoops https://www.carscoops.com/2024/12/vw-group-data-breach-exposed-location-info-for-800000-evs/
28/12/2024 12:13:25
QRCode
archive.org
thumbnail

The sensitive information of VW, Audi, Seat, and Skoda EV owners was stored on a poorly secured Amazon cloud account for months

carscoops EN 2024 data-leak Exposed car Skoda EV Seat Audi VW Amazon
page 2 / 76
4503 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio