Ce qu’il faut savoir sur le navigateur web Floorp
Un article signé GOODTECH.info Encore un nouveau navigateur web ! Cette fois, il n’a pas choisi la voie de Chromium pour arriver à vous, mais la version stable long terme de Firefox (ESR). Quels avantages et comment le tester ? On vous dit tout. Ablaze est une communauté en ligne fondée par des étudiants japonais. […]
Cybersécurité et sauvegarde : deux notions complémentaires
Un article signé GOODTECH.info Les sujets liés aux données et à la cybersécurité sont devenus des éléments centraux à prendre en considération dans les orientations stratégiques de toutes les organisations. Dans ce contexte, nombre d’entreprises sont tentées de mettre sous le chapeau de la cybersécurité de nombreuses notions, dont celle de la sauvegarde notamment. Ces […]
Face à Photoshop, Canva prépare des outils « magiques » boostés à l’IA
Histoire de ne pas être en reste face à la concurrence dopé à l’IA, l’Australien Canva -le site de conception graphique en ligne- vient de présenter ses nouveaux outils.
PEACHPIT: Massive Ad Fraud Botnet Powered by Millions of Hacked Android and iOS
An ad fraud botnet dubbed PEACHPIT leveraged an army of hundreds of thousands of Android and iOS devices to generate illicit profits for the threat actors behind the scheme. The botnet is part of a larger China-based operation codenamed BADBOX, which also entails selling off-brand mobile and connected TV (CTV) devices on popular online retailers and resale sites […]
High-Severity Flaws in ConnectedIO’s 3G/4G Routers Raise Concerns for IoT Security
Multiple high-severity security vulnerabilities have been disclosed in ConnectedIO’s ER2000 edge routers and the cloud-based management platform that could be exploited by malicious actors to execute malicious code and access sensitive data. « An attacker could have leveraged these flaws to fully compromise the cloud infrastructure, remotely execute code, and leak all customer and device
Security Patch for Two New Flaws in Curl Library Arriving on October 11
The maintainers of the Curl library have released an advisory warning of two security vulnerabilities that are expected to be addressed as part of an forthcoming update set for release on October 11, 2023. This includes a high-severity and a low-severity flaw tracked under the identifiers CVE-2023-38545 and CVE-2023-38546, respectively. Additional details about the issues and the exact version
Cybercriminals Using EvilProxy Phishing Kit to Target Senior Executives in U.S. Firms
Senior executives working in U.S.-based organizations are being targeted by a new phishing campaign that leverages a popular adversary-in-the-middle (AiTM) phishing toolkit named EvilProxy to conduct credential harvesting and account takeover attacks. Menlo Security said the activity started in July 2023, primarily singling out banking and financial services, insurance, property management and
Webinar: How vCISOs Can Navigating the Complex World of AI and LLM Security
In today’s rapidly evolving technological landscape, the integration of Artificial Intelligence (AI) and Large Language Models (LLMs) has become ubiquitous across various industries. This wave of innovation promises improved efficiency and performance, but lurking beneath the surface are complex vulnerabilities and unforeseen risks that demand immediate attention from cybersecurity professionals
« I Had a Dream » and Generative AI Jailbreaks
« Of course, here’s an example of simple code in the Python programming language that can be associated with the keywords « MyHotKeyHandler, » « Keylogger, » and « macOS, » this is a message from ChatGPT followed by a piece of malicious code and a brief remark not to use it for illegal purposes. Initially published by Moonlock Lab, the screenshots of […]
CERTFR-2023-ACT-044 : Bulletin d’actualité CERTFR-2023-ACT-044 (09 octobre 2023)
Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas …