Étiquette : vulnerability (Page 3 of 39)

Subaru Security Flaws Exposed Its System for Tracking Millions of Cars

24 janvier 2025 /

Location Point Neighborhood Chart and Plot

“Most disturbing for Curry, though, was that they found they could also track the Subaru’s location—not merely where it was at the moment but also where it had been for the entire year that his mother had owned it. The map of the car’s whereabouts was so accurate and detailed, Curry says, that he was able to see her doctor visits, the homes of the friends she visited, even which exact parking space his mother parked in every time she went to church.”

Source : Subaru Security Flaws Exposed Its System for Tracking Millions of Cars | WIRED

Cybercriminalité: «Léa Rossier» a berné plus de 13 000 fonctionnaires vaudois

14 janvier 2025 /

https://no-flux.beaude.net/wp-content/uploads/2025/01/5VWrke-6arc8aF52oOkxyu.jpg

“Une certaine «Léa Rossier» a envoyé un courriel aux quelque 47’000 collaborateurs de l’État de Vaud durant la première semaine de novembre. Mais Léa n’existe pas. Il s’agit d’un «faux mail malveillant» diffusé dans le cadre de la sixième campagne de sensibilisation aux dangers de l’hameçonnage par messagerie. La première à une échelle aussi large à l’État. Résultat: c’est un échec. Comme le relate la Gazette de l’État de Vaud dans un article de décembre, plus d’un quart des destinataires (29%), soit 13’661 employés de l’État, se sont fait avoir par ce mail envoyé par «lea.rossier@adminaccounts.ch» et ont cliqué sur la pièce jointe «Plan_amelioration_processus_Urgent». En outre, 5182 (11%) d’entre eux ont même saisi un identifiant et un mot de passe.”

Source : Cybercriminalité: «Léa Rossier» a berné plus de 13 000 fonctionnaires vaudois | 24 heures

Lawsuit: A chatbot hinted a kid should kill his parents over screen time limits

13 décembre 2024 /

Two examples of interactions users have had with chatbots from the company Character.AI.

“ »It is simply a terrible harm these defendants and others like them are causing and concealing as a matter of product design, distribution and programming, » the lawsuit states.The suit argues that the concerning interactions experienced by the plaintiffs’ children were not « hallucinations, » a term researchers use to refer to an AI chatbot’s tendency to make things up. « This was ongoing manipulation and abuse, active isolation and encouragement designed to and that did incite anger and violence. »According to the suit, the 17-year-old engaged in self-harm after being encouraged to do so by the bot, which the suit says « convinced him that his family did not love him. »”

Source : Lawsuit: A chatbot hinted a kid should kill his parents over screen time limits : NPR

Cybercriminalité : 1 000 suspects arrêtés dans 19 pays africains via Interpol et Afripol

4 décembre 2024 /

“Les autorités de 19 pays africains ont arrêté 1 006 suspects et démantelé 134 089 infrastructures et réseaux malveillants grâce à une opération conjointe d’INTERPOL et d’AFRIPOL contre la cybercriminalité. L’Opération Serengeti, qui s’est étalée du 2 septembre au 31 octobre, a ciblé des délinquants recourant à des ransomwares, compromissions de courriers électroniques professionnels (BEC), extorsions numériques et escroqueries en ligne par marketing multi-niveaux ou à la carte de crédit, « à l’échelle industrielle », souligne Valdecy Urquiza, Secrétaire Général d’INTERPOL. Huit personnes, dont cinq ressortissants chinois, ont été arrêtées au Sénégal pour une escroquerie de type pyramide de Ponzi en ligne d’une valeur de 6 millions dollars ayant fait 1 811 victimes. Les autorités nigérianes ont de leur côté arrêté un homme accusé d’avoir organisé des escroqueries à l’investissement en ligne par le biais de plateformes de messagerie avec de fausses promesses de rendements en crypto-monnaies.”

Source : Cybercriminalité : 1 000 suspects arrêtés dans 19 pays africains via Interpol et Afripol – Next

Sécurité : Microsoft parle désormais de « cybertempête » et confirme la course à l’IA

18 octobre 2024 /

“La défense améliorée par l’IA peut se faire sur deux axes. La première, évidente, est l’enrichissement des méthodes existantes pour les enrichir, de la détection des anomalies au triage et à la réponse. La seconde est l’arrivée de « méthodes entièrement nouvelles ». Microsoft donne l’exemple de systèmes persistants capables de surveiller en permanence les vulnérabilités et de réagir rapidement en cas de violation.”

Source : Sécurité : Microsoft parle désormais de « cybertempête » et confirme la course à l’IA – Next

WA man jailed for sextortion of 286 victims | Australian Federal Police

9 septembre 2024 /

“A Perth man who coerced 286 victims – including 180 children – from 20 different countries into performing sexually explicit acts on camera or video, has been sentenced to 17 years’ imprisonment.The man, 29, who posed as a teenage social media celebrity to prey on the children and young adults online, was sentenced by the Perth District Court today (27 August, 2024), after pleading guilty in December 2023 to 119 charges that covered more than 550 incidents across 11 months.When determining the sentence, the Judge also took into account another three charges capturing 108 incidences of behaviour.”

Source : WA man jailed for sextortion of 286 victims | Australian Federal Police

An update on our approach to tackling intimate image abuse – Microsoft On the Issues

6 septembre 2024 /

“We have heard concerns from victims, experts, and other stakeholders that user reporting alone may not scale effectively for impact or adequately address the risk that imagery can be accessed via search. As a result, today we are announcing that we are partnering with StopNCII to pilot a victim-centered approach to detection in Bing, our search engine. StopNCII is a platform run by SWGfL that enables adults from around the world to protect themselves from having their intimate images shared online without their consent. StopNCII enables victims to create a “hash” or digital fingerprint of their images, without those images ever leaving their device (including synthetic imagery). Those hashes can then be used by a wide range of industry partners to detect that imagery on their services and take action in line with their policies.”

Source : An update on our approach to tackling intimate image abuse – Microsoft On the Issues

Sutskever strikes AI gold with billion-dollar backing for superintelligent AI

5 septembre 2024 /

https://no-flux.beaude.net/wp-content/uploads/2024/09/IMG_9427-1280x960-1.jpg

“Sutskever’s departure from OpenAI followed a rough period at the company that reportedly included disenchantment that OpenAI management did not devote proper resources to his « superalignment » research team and then Sutskever’s involvement in the brief ouster of OpenAI CEO Sam Altman last November. After leaving OpenAI in May, Sutskever said his new company would « pursue safe superintelligence in a straight shot, with one focus, one goal, and one product. »Superintelligence, as we’ve noted previously, is a nebulous term for a hypothetical technology that would far surpass human intelligence. There is no guarantee that Sutskever will succeed in his mission (and skeptics abound), but the star power he gained from his academic bona fides and being a key cofounder of OpenAI has made rapid fundraising for his new company relatively easy.”

Source : Sutskever strikes AI gold with billion-dollar backing for superintelligent AI | Ars Technica

Releasing Re-LAION 5B: transparent iteration on LAION-5B with additional safety fixes

5 septembre 2024 /

“Re-LAION-5B fixes the issues as reported by Stanford Internet Observatory in December 2023 for the original LAION-5B and is available for download in two versions, Re-LAION-5B research and Re-LAION-5B research-safe. The work was completed in partnership with the Internet Watch Foundation (IWF), the Canadian Center for Child Protection (C3P), and Stanford Internet Observatory. For the work, we utilized lists of link and image hashes provided by our partners, as of July 2024. In all, 2236 links were removed after matching with the lists of link and image hashes provided by our partners. These links also subsume 1008 links found by the Stanford Internet Observatory report in Dec 2023. Note: A substantial fraction of these links known to IWF and C3P are most likely dead (as organizations make continual efforts to take the known material down from public web), therefore this number is an upper bound for links leading to potential CSAM. Total number of text-link to images pairs in Re-LAION-5B: 5.5 B (5,526,641,167)”

Source : Releasing Re-LAION 5B: transparent iteration on LAION-5B with additional safety fixes | LAION

Grok est un superdiffuseur de désinformation

21 août 2024 /

https://next.ink/wp-content/uploads/2024/08/Musk-Grok.webp

“Dans la mesure où les productions de Grok ont déjà été promues par les algorithmes du réseau social X, l’attelage des deux services fait de ces produits un danger particulier en matière de désinformation. Si leur propriétaire Elon Musk ne s’est jamais caché de sa position sur le sujet, il se place en revanche en faux des multiples initiatives menées à l’international pour tenter de protéger l’espace public numérique, et les discussions qui s’y tiennent.”

Source : Grok est un superdiffuseur de désinformation – Next

« Older posts Newer posts »

Archives

Catégories

© 2025 no-Flux

Theme by Anders NorenUp ↑