Goupil

The display you’re reading this on sucks. Your brain is just too slow to notice. For decades, panel manufacturers have used an optical-illusion to expand the perceived color depth. If you look closely, the artifacts (on cheaper displays) are easy to spot.

New publication by ANSSI: "Cyber Threat Overview 2024". CERTFR-2025-CTI-004 cert.ssi.gouv.fr/uploads/CERTFR…

🆕We publish today the result of a deep-dive investigation into a malicious campaign leveraging #ShadowPad and #PlugX to distribute a previously-undocumented ransomware, dubbed #NailaoLocker. This campaign targeted 🇪🇺 organizations during S2 2024 and is tied to Chinese TA 🇨🇳. /🧵

Qubes OS 4.2.4 has been released! qubes-os.org/news/2025/02/1…

.@GaryMarcus discusses AI's technical problems, and explains why he thinks Large Language Models have reached a "point of diminishing returns,” in an #interview with @LeahHoffmann. bit.ly/4jUzLZ3

This joint advisory is in response to exploitation disclosed by #Ivanti in Sept. 2024 and is intended to share historical analysis and indicators that remain a threat to unpatched appliances.

Seashell Blizzard, a Russia-based threat actor that has been linked to destructive attacks since the start of the war in Ukraine, has been observed conducting spear-phishing campaigns against the European energy sector. msft.it/6017UKvaW

I'm not sure people fully grasp the severity of this #Fortigate config dump - Kevin breaks it down in his Mastodon posts : @GossiTheDog/113834848200229959" target="_blank" rel="nofollow noopener">cyberplace.social/@GossiTheDog/1…

🟡 Au cours des derniers mois, l’ANSSI a observé de nombreux incidents de sécurité sur des équipements situés en bordure des systèmes d’information : pare-feux, passerelles VPN, passerelles de filtrage ou des gestionnaires d’équipements.

⚠️ Vulnérabilité Fortinet. 📢 Le @CERT_FR a publié une alerte de sécurité relatif à une vulnérabilité critique affectant FortiOS et FortiProxy. ➡️Informations et recommandations sur : cert.ssi.gouv.fr/alerte/CERTFR-…

10 Python Books for FREE on this Christmas Eve 🎄

Due to U.S. telco networks being compromised, today CISA is recommending: 1. Use only end-to-end encrypted communications 2. Enable Fast Identity Online (FIDO) phishing-resistant authentication 3. Migrate away from Short Message Service (SMS)-based MFA 4. Use a password manager to store all passwords 5. Set a Telco PIN 6. Regularly update software 7. Opt for the latest hardware version from your cell phone manufacturer 8. Do not use a personal virtual private network (VPN)

🚨 BREAKING: Amnesty’s latest report on digital surveillance in Serbia: new *NoviSpy* spyware discovered; zero days identified and patched; and first evidence showing use of Cellebrite UFED forensic products to unlock phones to then infect with spyware. 🧵

Very cool research, with IOCs, describing a previously unknown gov spyware, NoviSpy. Full report: securitylab.amnesty.org/latest/2024/12…

Dans son dernier bulletin d'actualité, le CERT-FR revient sur certaines vulnérabilités significatives de la semaine dernière. cert.ssi.gouv.fr/actualite/CERT…

#Podcast #Cybersécurité Épisode #483 consacré au fonctionnement d'un antivirus, avec Renaud Tabary (@malcat4ever) nolimitsecu.fr/fonctionnement…

@ju_hnny5 @restosducoeur bien sur

@FuraxFox @restosducoeur On peut en discuter en pv ?

Aux @restosducoeur nous recherchons activement (en don) : - des ordinateurs portables pour nos centres d’activités - des écrans (idéalement hdmi) Pour l’infra : - des disques (hdd/ssd) - des cartes réseau 10G fibre - des firewalls Si vous avez, n’hésitez pas à me contacter. 🩷🙏🏼