“L’utilisation de TikTok au sein de l’Administration fédérale constitue-t-elle une menace pour la sécurité de la Suisse? Pressée par des élus de tous bords, la Confédération a fait appel à l’Institut national de test pour la cybersécurité (NTC) pour une analyse technique de la sécurité de l’application. Résultat: «Aucune indication d’une surveillance des utilisateurs n’a été décelée.»”
Source : Cybersécurité en Suisse: La Confédération refuse d’interdire TikTok à ses employés | 24 heures
“Google has released an emergency Chrome security update to address the first zero-day vulnerability exploited in attacks since the start of the year. « Google is aware that an exploit for CVE-2023-2033 exists in the wild, » the search giant said in a security advisory published on Friday. The new version is rolling out to users in the Stable Desktop channel, and it will reach the entire user base over the coming days or weeks. Chrome users should upgrade to version 112.0.5615.121 as soon as possible, as it addresses the CVE-2023-2033 vulnerability on Windows, Mac, and Linux systems.”
Source : Google Chrome emergency update fixes first zero-day of 2023
“To avoid being a victim in the first place, Coulson encourages adopting newer USB technology (such as USB C) or purchasing charging-only cables, which don’t allow data extraction. Wireless chargers are a more secure option, Chugh said, with instances of tampering on such devices “pretty much nonexistent.” When you plug a smartphone into a USB port, it also might ask whether you trust the device you’ve connected to. That’s a signal that the USB could be doing more than just charging. Unless you’ve connected to your personal computer, you should say no, experts say.”
Source : FBI warns of public phone chargers: What to know about juice jacking – The Washington Post
“A Jefferson Parish judge recalled the warrant on Wednesday afternoon. “After further investigation, it was learned Randal Reid was not involved in the crimes committed,” the recall said. Mr. Reid was released late Thursday night, almost a full week after being pulled over. He is considering filing a wrongful-arrest lawsuit. “Thousands of dollars for something I didn’t do,” he said. Mr. Robinson, the Color of Change president, said most people in the United States did not have thousands of dollars to clear their names. These people will have “names and stories we will never know,” he said. “They will languish in jails and prisons.””
Source : ‘Thousands of Dollars for Something I Didn’t Do’ – The New York Times
“One document links a Vulkan cyber-attack tool with the notorious hacking group Sandworm, which the US government said twice caused blackouts in Ukraine, disrupted the Olympics in South Korea and launched NotPetya, the most economically destructive malware in history. Codenamed Scan-V, it scours the internet for vulnerabilities, which are then stored for use in future cyber-attacks. Another system, known as Amezit, amounts to a blueprint for surveilling and controlling the internet in regions under Russia’s command, and also enables disinformation via fake social media profiles. A third Vulkan-built system – Crystal-2V – is a training program for cyber-operatives in the methods required to bring down rail, air and sea infrastructure. ”
“La sophistication de plus en plus avancée de ces outils promet un monde dans lequel distinguer une véritable photo d’une création informatique sera quasi impossible, quand ce n’est pas déjà le cas. Alors que mettre en scène le pape François dans des situations décalées est devenu depuis ces derniers jours l’une des activités les plus à la mode sur le forum Reddit, quelques indices permettent encore, parfois, de ne pas se faire avoir.”
Source : Comment reconnaître une image générée par le logiciel Midjourney ?
“Since ChatGPT launched three months ago it’s taken the world by storm. People are using it to create poems, essays for school, and song lyrics. It’s also making inroads in the workplace. According to data from Cyberhaven’s product, as of March 21, 8.2% of employees have used ChatGPT in the workplace and 6.5% have pasted company data into it since it launched. Some knowledge workers say that using the tool makes them 10 times more productive. But companies like JP Morgan and Verizon are blocking access to ChatGPT over concerns about confidential data.”
Source : 3.1% of workers have pasted confidential company data into ChatGPT – Cyberhaven
“De nouvelles accusations pèsent sur Meta. Des fonds de pension et d’investissement ont porté plainte contre le groupe californien pour avoir «fermé les yeux» sur le trafic d’être humains et la pédocriminalité sur ses réseaux sociaux Facebook et Instagram.
«Pendant la décennie écoulée, les applications de Meta ont aidé, soutenu et facilité la tâche des criminels responsables de proxénétisme, trafic d’être humains et de pédocriminalité qui ont eu lieu à grande échelle sur les plateformes» du groupe californien, accuse la plainte déposée lundi devant un tribunal du Delaware, spécialisé en droit des affaires.
«Des preuves substantielles montrent que le conseil d’administration a fermé les yeux alors qu’il avait connaissance, tout comme la direction de l’entreprise, de ce phénomène en pleine expansion», continuent les avocats des fonds signataires, qui détiennent des actions chez Meta.”
“Project Zero, Google’s team dedicated to security research, has found some big problems in the Samsung modems that power devices like the Pixel 6, Pixel 7, and some models of the Galaxy S22 and A53. According to its blog post, a variety of Exynos modems have a series of vulnerabilities that could “allow an attacker to remotely compromise a phone at the baseband level with no user interaction” without needing much more than a victim’s phone number. And, frustratingly, it seems like Samsung is dragging its feet on fixing it.”
Source : Google says hackers could silently own your phone until Samsung fixes its modems – The Verge
“A cancer patient from the Scranton area has filed a class-action lawsuit against Lehigh Valley Health Network after a cybercriminal group stole sensitive data including nude images from the network and posted them online after LVHN refused to pay a ransom. The health network based in Allentown was targeted in a February attack by ALPHV, also known as BlackCat, a group associated with Russia and known for similar acts in academia and healthcare. BlackCat demanded a ransom payment, which LVHN refused to pay. The U.S. Department of Health and Human services said in a warning in January that BlackCat has demanded ransoms as high as $1.5 million.”
© 2025 no-Flux
Theme by Anders Noren — Up ↑
