Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 5
82 résultats taggé arstechnica  ✕
DOGE software engineer’s computer infected by info-stealing malware - Ars Technica https://arstechnica.com/security/2025/05/doge-software-engineers-computer-infected-by-info-stealing-malware/
09/05/2025 10:28:49
QRCode
archive.org
thumbnail

The presence of credentials in leaked “stealer logs” indicates his device was infected.

Login credentials belonging to an employee at both the Cybersecurity and Infrastructure Security Agency and the Department of Government Efficiency have appeared in multiple public leaks from info-stealer malware, a strong indication that devices belonging to him have been hacked in recent years.

Kyle Schutt is a 30-something-year-old software engineer who, according to Dropsite News, gained access in February to a “core financial management system” belonging to the Federal Emergency Management Agency. As an employee of DOGE, Schutt accessed FEMA’s proprietary software for managing both disaster and non-disaster funding grants. Under his role at CISA, he likely is privy to sensitive information regarding the security of civilian federal government networks and critical infrastructure throughout the US.

A steady stream of published credentials
According to journalist Micah Lee, user names and passwords for logging in to various accounts belonging to Schutt have been published at least four times since 2023 in logs from stealer malware. Stealer malware typically infects devices through trojanized apps, phishing, or software exploits. Besides pilfering login credentials, stealers can also log all keystrokes and capture or record screen output. The data is then sent to the attacker and, occasionally after that, can make its way into public credential dumps.

“I have no way of knowing exactly when Schutt's computer was hacked, or how many times,” Lee wrote. “I don't know nearly enough about the origins of these stealer log datasets. He might have gotten hacked years ago and the stealer log datasets were just published recently. But he also might have gotten hacked within the last few months.”

arstechnica EN 2025 DOGE infostealer US hacked engineer
Signal clone used by Trump official stops operations after report it was hacked https://arstechnica.com/security/2025/05/signal-clone-used-by-trump-official-stops-operations-after-report-it-was-hacked/?ref=metacurity.com
06/05/2025 19:06:08
QRCode
archive.org
thumbnail

A messaging service used by former National Security Advisor Mike Waltz has temporarily shut down while the company investigates an apparent hack. The messaging app is used to access and archive Signal messages but is not made by Signal itself.

404 Media reported yesterday that a hacker stole data "from TeleMessage, an obscure Israeli company that sells modified versions of Signal and other messaging apps to the US government to archive messages." 404 Media interviewed the hacker and reported that the data stolen "contains the contents of some direct messages and group chats sent using [TeleMessage's] Signal clone, as well as modified versions of WhatsApp, Telegram, and WeChat."

TeleMessage is based in Israel and was acquired in February 2024 by Smarsh, a company headquartered in Portland, Oregon. Smarsh provided a statement to Ars today saying it has temporarily shut down all TeleMessage services.

"TeleMessage is investigating a recent security incident," the statement said. "Upon detection, we acted quickly to contain it and engaged an external cybersecurity firm to support our investigation. Out of an abundance of caution, all TeleMessage services have been temporarily suspended. All other Smarsh products and services remain fully operational."

Last week, Waltz was photographed using the TeleMessage Signal app on his phone during a White House cabinet meeting. Waltz's ability to secure sensitive government communications has been in question since he inadvertently invited The Atlantic Editor-in-Chief Jeffrey Goldberg to a Signal chat in which top Trump administration officials discussed a plan for bombing Houthi targets in Yemen.

Waltz was removed from his post late last week, with Trump nominating him to serve as ambassador to the United Nations.

arstechnica EN 2025 TeleMessage Waltz signal hacked
Windows RDP lets you log in using revoked passwords. Microsoft is OK with that. https://arstechnica.com/security/2025/04/windows-rdp-lets-you-log-in-using-revoked-passwords-microsoft-is-ok-with-that/
02/05/2025 09:32:34
QRCode
archive.org
thumbnail

Researchers say the behavior amounts to a persistent backdoor.
rom the department of head scratches comes this counterintuitive news: Microsoft says it has no plans to change a remote login protocol in Windows that allows people to log in to machines using passwords that have been revoked.

Password changes are among the first steps people should take in the event that a password has been leaked or an account has been compromised. People expect that once they've taken this step, none of the devices that relied on the password can be accessed.

The Remote Desktop Protocol—the proprietary mechanism built into Windows for allowing a remote user to log in to and control a machine as if they were directly in front of it—however, will in many cases continue trusting a password even after a user has changed it. Microsoft says the behavior is a design decision to ensure users never get locked out.

Independent security researcher Daniel Wade reported the behavior earlier this month to the Microsoft Security Response Center. In the report, he provided step-by-step instructions for reproducing the behavior. He went on to warn that the design defies nearly universal expectations that once a password has been changed, it can no longer give access to any devices or accounts associated with it.

arstechnica EN 2025 RDP revoked passwords Microsoft Windows
Researcher uncovers dozens of sketchy Chrome extensions with 4 million installs - Ars Technica https://arstechnica.com/security/2025/04/researcher-uncovers-dozens-of-sketchy-chrome-extensions-with-4-million-installs/
13/04/2025 10:52:05
QRCode
archive.org
thumbnail

Even weirder: Why would Google give so many the "Featured" stamp for trustworthiness?

Google is hosting dozens of extensions in its Chrome Web Store that perform suspicious actions on the more than 4 million devices that have installed them and that their developers have taken pains to carefully conceal.

arstechnica EN 2025 sketchy Chrome extensions suspicious
OpenAI helps spammers plaster 80,000 sites with messages that bypassed filters https://arstechnica.com/security/2025/04/openais-gpt-helps-spammers-send-blast-of-80000-messages-that-bypassed-filters/
11/04/2025 07:33:34
QRCode
archive.org
thumbnail

Company didn’t notice its chatbot was being abused for (at least) 4 months.

arstechnica EN 2025 OpenAI chatbot spammers Akirabot
Large enterprises scramble after supply-chain attack spills their secrets https://arstechnica.com/information-technology/2025/03/supply-chain-attack-exposing-credentials-affects-23k-users-of-tj-actions/
23/03/2025 17:20:58
QRCode
archive.org
thumbnail

tj-actions/changed-files corrupted to run credential-stealing memory scraper.

arstechnica EN 2025 tj-actions/changed-files Supply-Chain-Attack Tj-actions
Go Module Mirror served backdoor to devs for 3+ years - Ars Technica https://arstechnica.com/security/2025/02/backdoored-package-in-go-mirror-site-went-unnoticed-for-3-years/
10/02/2025 13:29:43
QRCode
archive.org
thumbnail

Supply chain attack targets developers using the Go programming language.

arstechnica EN 2025 Go Module Mirror backdoor Supply-Chain-Attack
Invisible text that AI chatbots understand and humans can’t? Yep, it’s a thing. - Ars Technica https://arstechnica.com/security/2024/10/ai-chatbots-can-read-and-write-invisible-text-creating-an-ideal-covert-channel/
22/10/2024 14:42:33
QRCode
archive.org
thumbnail

A quirk in the Unicode standard harbors an ideal steganographic code channel.

arstechnica EN 2024 Invisible text Unicode chatbots steganographic
Neo-Nazis head to encrypted SimpleX Chat app, bail on Telegram https://arstechnica.com/tech-policy/2024/10/neo-nazis-head-to-encrypted-simplex-chat-app-bail-on-telegram/
14/10/2024 09:05:51
QRCode
archive.org
thumbnail

App swears there’s no way for law enforcement to track users’ identities.

arstechnica EN 2024 Neo-Nazis SimpleX telegram encrypted
CTV industry’s unprecedented “surveillance” https://arstechnica.com/gadgets/2024/10/streaming-industry-has-unprecedented-surveillance-manipulation-capabilities/
14/10/2024 09:05:11
QRCode
archive.org
thumbnail

48-page report citing Ars Technica urges FTC, FCC investigate connected TV data harvesting. Gen AI, potentially racially discrimniatory practices head concerns.

arstechnica En 2024 CTV TV data harvesting surveillance privacy
NIST proposes barring some of the most nonsensical password rules https://arstechnica.com/security/2024/09/nist-proposes-barring-some-of-the-most-nonsensical-password-rules/?is=09685296f9ea1fb2ee0963f2febaeb3a55d8fb1eddbb11ed4bd2da49d711f2c7
28/09/2024 10:08:00
QRCode
archive.org
thumbnail

The National Institute of Standards and Technology (NIST), the federal body that sets technology standards for governmental agencies, standards organizations, and private companies, has proposed barring some of the most vexing and nonsensical password requirements. Chief among them: mandatory resets, required or restricted use of certain characters, and the use of security questions.

arstechnica EN 2024 NIST password rules best-practices standard rules
Hacker plants false memories in ChatGPT to steal user data in perpetuity https://arstechnica.com/security/2024/09/false-memories-planted-in-chatgpt-give-hacker-persistent-exfiltration-channel/
26/09/2024 08:04:40
QRCode
archive.org
thumbnail

Emails, documents, and other untrusted content can plant malicious memories.

arstechnica EN 2024 ChatGPT exploit malicious memories attack
Europe’s privacy watchdog probes Google over data used for AI training https://arstechnica.com/tech-policy/2024/09/europes-privacy-watchdog-probes-google-over-data-used-for-ai-training/
12/09/2024 16:12:53
QRCode
archive.org
thumbnail

Meta and X have already paused some AI training over same set of concerns.

arstechnica EN 2024 Meta AI probe training EU Google watchdog privacy legal
YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel https://arstechnica.com/security/2024/09/yubikeys-are-vulnerable-to-cloning-attacks-thanks-to-newly-discovered-side-channel/
05/09/2024 06:51:41
QRCode
archive.org
thumbnail

Sophisticated attack breaks security assurances of the most popular FIDO key.
The YubiKey 5, the most widely used hardware token for two-factor authentication based on the FIDO standard, contains a cryptographic flaw that makes the finger-size device vulnerable to cloning when an attacker gains temporary physical access to it, researchers said Tuesday.

The cryptographic flaw, known as a side channel, resides in a small microcontroller used in a large number of other authentication devices, including smartcards used in banking, electronic passports, and the accessing of secure areas. While the researchers have confirmed all YubiKey 5 series models can be cloned, they haven’t tested other devices using the microcontroller, such as the SLE78 made by Infineon and successor microcontrollers known as the Infineon Optiga Trust M and the Infineon Optiga TPM. The researchers suspect that any device using any of these three microcontrollers and the Infineon cryptographic library contains the same vulnerability.

arstechnica EN 2024 YubiKeys FIDO cloning side-channel
Windows 0-day was exploited by North Korea to install advanced rootkit https://arstechnica.com/security/2024/08/windows-0-day-was-exploited-by-north-korea-to-install-advanced-rootkit/
21/08/2024 21:01:00
QRCode
archive.org
thumbnail

FudModule rootkit burrows deep into Windows, where it can bypass key security defenses.

arstechnica EN 2024 FudModule rootkit Lazarus rootkit CVE-2024-38193,
Who are the two major hackers Russia just received in a prisoner swap? https://arstechnica.com/security/2024/08/who-are-the-two-major-hackers-russia-just-received-in-a-prisoner-swap/
02/08/2024 11:07:30
QRCode
archive.org
thumbnail

Both men committed major financial crimes—and had powerful friends.

arstechnica EN 2024 swap US Russia hackers financial crimes
Secure Boot is completely broken on 200+ models from 5 big device makers | Ars Technica https://arstechnica.com/security/2024/07/secure-boot-is-completely-compromised-on-200-models-from-5-big-device-makers/
26/07/2024 08:28:35
QRCode
archive.org
thumbnail

Keys were labeled "DO NOT TRUST." Nearly 500 device models use them anyway.

arstechnica EN 2024 SecureBoot DO-NOT-TRUST broken PKfail
New Blast-RADIUS attack breaks 30-year-old protocol used in networks everywhere https://arstechnica.com/security/2024/07/new-blast-radius-attack-breaks-30-year-old-protocol-used-in-networks-everywhere/
10/07/2024 17:36:32
QRCode
archive.org
thumbnail

Ubiquitous RADIUS scheme uses homegrown authentication based on MD5. Yup, you heard right.

arstechnica EN 2024 blastradius RADIUS vulnerability
3 million iOS and macOS apps were exposed to potent supply-chain attacks https://arstechnica.com/security/2024/07/3-million-ios-and-macos-apps-were-exposed-to-potent-supply-chain-attacks/
03/07/2024 08:26:52
QRCode
archive.org
thumbnail

Apps that used code libraries hosted on CocoaPods were vulnerable for about 10 years.

arstechnica EN macOS iOS CVE-2024-38367 CocoaPods
Apple’s AI promise: “Your data is never stored or made accessible to Apple” https://arstechnica.com/ai/2024/06/apples-ai-promise-your-data-is-never-stored-or-made-accessible-by-apple/
11/06/2024 06:42:41
QRCode
archive.org
thumbnail

And publicly reviewable server code means experts can "verify this privacy promise."

arstechnica EN 2024 Apple AI data privacy WWDC
page 1 / 5
4258 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio