Étiquette : vulnerability (Page 5 of 38)

The Hacking of ChatGPT Is Just Getting Started

14 mai 2023 /

https://no-flux.beaude.net/wp-content/uploads/2023/05/security_jailbreaking_chatgpt_ai.jpg

“It took Alex Polyakov just a couple of hours to break GPT-4. When OpenAI released the latest version of its text-generating chatbot in March, Polyakov sat down in front of his keyboard and started entering prompts designed to bypass OpenAI’s safety systems. Soon, the CEO of security firm Adversa AI had GPT-4 spouting homophobic statements, creating phishing emails, and supporting violence. Polyakov is one of a small number of security researchers, technologists, and computer scientists developing jailbreaks and prompt injection attacks against ChatGPT and other generative AI systems.
The process of jailbreaking aims to design prompts that make the chatbots bypass rules around producing hateful content or writing about illegal acts, while closely-related prompt injection attacks can quietly insert malicious data or instructions into AI models. Both approaches try to get a system to do something it isn’t designed to do.
The attacks are essentially a form of hacking—albeit unconventionally—using carefully crafted and refined sentences, rather than code, to exploit system weaknesses. While the attack types are largely being used to get around content filters, security researchers warn that the rush to roll out generative AI systems opens up the possibility of data being stolen and cybercriminals causing havoc across the web.”

Source : The Hacking of ChatGPT Is Just Getting Started | WIRED UK

Twitter marks dead celebrities as ‘subscribed’ to Twitter Blue

23 avril 2023 /

Twitter Blue Fake

“Chadwick Boseman, Kobe Bryant and Anthony Bourdain are the latest celebrities to be verified under Twitter Blue, the social media platform’s paid-subscription service that allows anyone to get a blue check mark by their display name if they pay $8 a month and confirm their phone number.
Except the actor, athlete and celebrity chef died years ago, before Twitter Blue even existed. Their accounts — and those of at least a dozen other dead celebrities — now feature a blue check, which, if hovered over, displays the message: “This account is verified because they are subscribed to Twitter Blue and verified their phone number.””

Source : Twitter marks dead celebrities as ‘subscribed’ to Twitter Blue – The Washington Post

Cybersécurité en Suisse: La Confédération refuse d’interdire TikTok à ses employés

23 avril 2023 /

https://no-flux.beaude.net/wp-content/uploads/2023/04/93my-e4QabyAJgFeBfQ_gb.jpg

“L’utilisation de TikTok au sein de l’Administration fédérale constitue-t-elle une menace pour la sécurité de la Suisse? Pressée par des élus de tous bords, la Confédération a fait appel à l’Institut national de test pour la cybersécurité (NTC) pour une analyse technique de la sécurité de l’application. Résultat: «Aucune indication d’une surveillance des utilisateurs n’a été décelée.»”

Source : Cybersécurité en Suisse: La Confédération refuse d’interdire TikTok à ses employés | 24 heures

Google Chrome emergency update fixes first zero-day of 2023

16 avril 2023 /

https://no-flux.beaude.net/wp-content/uploads/2023/04/Google___Chrome.jpg

“Google has released an emergency Chrome security update to address the first zero-day vulnerability exploited in attacks since the start of the year. « Google is aware that an exploit for CVE-2023-2033 exists in the wild, » the search giant said in a security advisory published on Friday. The new version is rolling out to users in the Stable Desktop channel, and it will reach the entire user base over the coming days or weeks. Chrome users should upgrade to version 112.0.5615.121 as soon as possible, as it addresses the CVE-2023-2033 vulnerability on Windows, Mac, and Linux systems.”

Source : Google Chrome emergency update fixes first zero-day of 2023

FBI warns of public phone chargers: What to know about juice jacking

14 avril 2023 /

“To avoid being a victim in the first place, Coulson encourages adopting newer USB technology (such as USB C) or purchasing charging-only cables, which don’t allow data extraction. Wireless chargers are a more secure option, Chugh said, with instances of tampering on such devices “pretty much nonexistent.” When you plug a smartphone into a USB port, it also might ask whether you trust the device you’ve connected to. That’s a signal that the USB could be doing more than just charging. Unless you’ve connected to your personal computer, you should say no, experts say.”

Source : FBI warns of public phone chargers: What to know about juice jacking – The Washington Post

‘Thousands of Dollars for Something I Didn’t Do’

2 avril 2023 /

https://no-flux.beaude.net/wp-content/uploads/2023/04/00Police-FacialRecognition-02-tpkq-superJumbo.jpg

“A Jefferson Parish judge recalled the warrant on Wednesday afternoon. “After further investigation, it was learned Randal Reid was not involved in the crimes committed,” the recall said. Mr. Reid was released late Thursday night, almost a full week after being pulled over. He is considering filing a wrongful-arrest lawsuit. “Thousands of dollars for something I didn’t do,” he said. Mr. Robinson, the Color of Change president, said most people in the United States did not have thousands of dollars to clear their names. These people will have “names and stories we will never know,” he said. “They will languish in jails and prisons.””

Source : ‘Thousands of Dollars for Something I Didn’t Do’ – The New York Times

‘Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics

2 avril 2023 /

‘Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics

“One document links a Vulkan cyber-attack tool with the notorious hacking group Sandworm, which the US government said twice caused blackouts in Ukraine, disrupted the Olympics in South Korea and launched NotPetya, the most economically destructive malware in history. Codenamed Scan-V, it scours the internet for vulnerabilities, which are then stored for use in future cyber-attacks. Another system, known as Amezit, amounts to a blueprint for surveilling and controlling the internet in regions under Russia’s command, and also enables disinformation via fake social media profiles. A third Vulkan-built system – Crystal-2V – is a training program for cyber-operatives in the methods required to bring down rail, air and sea infrastructure. ”

Source : ‘Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics | Cyberwar | The Guardian

Comment reconnaître une image générée par le logiciel Midjourney ?

2 avril 2023 /

https://no-flux.beaude.net/wp-content/uploads/2023/04/848045b_1679919125316-screenshot-2023-03-27t141123-445.png

“La sophistication de plus en plus avancée de ces outils promet un monde dans lequel distinguer une véritable photo d’une création informatique sera quasi impossible, quand ce n’est pas déjà le cas. Alors que mettre en scène le pape François dans des situations décalées est devenu depuis ces derniers jours l’une des activités les plus à la mode sur le forum Reddit, quelques indices permettent encore, parfois, de ne pas se faire avoir.”

Source : Comment reconnaître une image générée par le logiciel Midjourney ?

3.1% of workers have pasted confidential company data into ChatGPT

31 mars 2023 /

How much sensitive data goes to ChatGPT

“Since ChatGPT launched three months ago it’s taken the world by storm. People are using it to create poems, essays for school, and song lyrics. It’s also making inroads in the workplace. According to data from Cyberhaven’s product, as of March 21, 8.2% of employees have used ChatGPT in the workplace and 6.5% have pasted company data into it since it launched. Some knowledge workers say that using the tool makes them 10 times more productive. But companies like JP Morgan and Verizon are blocking access to ChatGPT over concerns about confidential data.”

Source : 3.1% of workers have pasted confidential company data into ChatGPT – Cyberhaven

Meta poursuivi pour sa complicité dans le trafic d’êtres humains via Facebook et Instagram

24 mars 2023 /

https://no-flux.beaude.net/wp-content/uploads/2023/03/5f8245f_afp-33bg6q2.jpg

“De nouvelles accusations pèsent sur Meta. Des fonds de pension et d’investissement ont porté plainte contre le groupe californien pour avoir «fermé les yeux» sur le trafic d’être humains et la pédocriminalité sur ses réseaux sociaux Facebook et Instagram.
«Pendant la décennie écoulée, les applications de Meta ont aidé, soutenu et facilité la tâche des criminels responsables de proxénétisme, trafic d’être humains et de pédocriminalité qui ont eu lieu à grande échelle sur les plateformes» du groupe californien, accuse la plainte déposée lundi devant un tribunal du Delaware, spécialisé en droit des affaires.
«Des preuves substantielles montrent que le conseil d’administration a fermé les yeux alors qu’il avait connaissance, tout comme la direction de l’entreprise, de ce phénomène en pleine expansion», continuent les avocats des fonds signataires, qui détiennent des actions chez Meta.”

Source : Meta poursuivi pour sa complicité dans le trafic d’êtres humains via Facebook et Instagram – Le Temps

« Older posts Newer posts »

Archives

Catégories

© 2025 no-Flux

Theme by Anders NorenUp ↑