Éric Freyssinet

J'avoue que je suis assez bluffé du nombre de médias européens qui sont maintenant présents grâce à flipboard sur le #fediverse
@Le_Parisien @OuestFrance @SudOuest @euronewsfr
...

Adult sites trick users into Liking Facebook posts using a clickjack Trojan As the use of age verification to access adult websites increases in various countries around the world, shady websites with adult content have started a timely malware-fueled campaign to promote links to their own websites. During our daily rounds on Facebook, looking for the latest scams, we noticed something odd about some posts pointing to adult websites. We found that several of the sites promoted in this way were hosted on blogspot[.]com, and that these sites linked to other similar sites. Here’s one example: Most of these sites promise the visitor explicit pictures of celebrities, most of which will undoubtedly turn out to be generated by Artificial Intelligence (AI). This in itself is not uncommon. However, what did stand out was that a few of the Facebook posts had a lot of Likes. Most people don’t like that type of content on Facebook since everyone can see who the Likes are from. A high number of Likes for a post is great for the accounts posting these links, because when a Facebook profile or post gets more Likes it is more likely to show up in people’s feeds, which is basically more advertising for the same money. So, how do the posts get these Likes? It turns out the criminals use a Trojan to promote their posts and profiles. When clicking through links displayed on the adult sites some—selected–visitors will download a Scalable Vector Graphics (SVG) image file. So while surfing from one of these sites to the next one, sometimes, not always, it triggers a download. Now, the cybercriminals are banking on the fact that SVG is not a filetype that will set off an alarm for most people, given that most people see it as an image file. But SVG files are not always simply image files.They are written in XML, and this allows them to contain HTML and Javascript code, which means that the cybercriminals can use them to get up to no good. Here is the one provided by the adult sites: Despite the heavy obfuscation of the second part of the script, for anyone able to read the code it is pretty clear this file is up to no good. In fact, it actually downloads another malicious javascript file, but it was hard to figure out which one. Because the code in the SVG file uses a technique called “hybrid JSFuck” (how fitting) to hide its intentions we immediately assumed that it was malicious. From the easier to read parts of the script we can deduct that the script downloads and executes a malicious script from the domain crhammerstein[.]de, which was blocked by Malwarebytes. JSFuck is a form of obfuscation that encodes JavaScript using only six characters: “[ ] ( ) ! +”. There are several online deobfuscators available for pure JSFuck obfuscation, but the criminals used a hybrid method by adding the String.fromCharCode elements which is not that easy to unravel. Opening the SVG file opens an empty Edge tab titled Process Monitor. This happens because SVG files on Windows are opened by Edge, even if the user has another browser set as their default. In the end we managed to figure out that the downloaded script was another javascript, detected as Trojan.JS.Likejack. This Trojan, also written in Javascript silently clicks a ‘Like’ button for a Facebook page without the user’s knowledge or consent, in this case the adult posts we found above. The user will have to be logged in on Facebook for this to work, but we know many people keep Facebook open for easy access. Once we knew how this campaign worked, we found a huge amount of blogspot[.]com pages involved in this campaign: ## Conclusion Now that governments are imposing age verification upon adult sites that play by the rules, they are driving those interested in that type of content into the arms of those that don’t care about the rules, even to the extent that they are willing to deploy Trojans to get visitors to their sites. An alternative is that those trying to access content use a VPN to visit the sites from locations that don’t impose these restrictions. Given those options we would obviously recommend using a VPN. To be protected against this type of campaigns, it’s worth considering using real-time malware protection. Malwarebytes blocks the domains associated with this campaign. * * * **We don’t just report on threats—we remove them** Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

Adult sites trick users into Liking Facebook posts using a clickjack Trojan | Malwarebytes

https://www.malwarebytes.com/blog/news/2025/08/adult-sites-trick-users-into-liking-facebook-posts-using-a-clickjack-trojan

@cyberfr

IMatch - The Digital Asset Management Solution - photools.com Since 1998 photools.com creates software and solutions for Digital Asset Management: (DAM). Our main products are IMatch and IMatch Anywhere™.

@gastonrampersad
I have used iMatch in the past https://www.photools.com/imatch/

Because | treated a gap in the official docs as if | could fill it in from what | think is true about how Projects behave, instead of stopping to check whether OpenAl actually confirms it.

I confronted GPT-5 with one of its mistakes... And it answered about what he "thinks" is true. Seriously ?

Note: I am still not sure how to delete all chats, except those in projects.

#GPT5

We’ve just dropped the first draft agenda for @hack_lu ! The conference is taking place over 4 days (from Tuesday 21st October 2025 until the 24th October 2025)

This year’s edition is going to be wild, expect mind-blowing talks, hands-on workshops, extra CTF challenges during the conference […]

Alors...

le mode "Agent" a complètement disparu avec #GPT5

ah ça y est, mais uniquement dans la version Web

#GPT5

Toujours pas de GPT-5 pour moi :-( le déploiement est lent comme d'habitude

WSBTV2 Logo We're Sorry! This website is unavailable in your location. Error 451 It appears you are attempting to access this website from a country outside of the United States, therefore access cannot be granted at this time.

@w7voa

That website is unavailable "outside the US"

KISS - I was made for lovin you (1979)

https://www.dailymotion.com/video/x479v0v

Grok’s ‘spicy’ video setting instantly made me Taylor Swift nude deepfakes I didn’t even ask it to take her clothes off.

Grok’s ‘spicy’ video mode instantly made me Taylor Swift nude deepfakes | The Verge

https://www.theverge.com/report/718975/xai-grok-imagine-taylor-swifty-deepfake-nudes

Microsoft Recall can still nab credit cards, passwords, info exclusive: Our tests have shown there are ways to get around the promised security improvements

Microsoft Recall can still nab credit cards, passwords, info • The Register

https://www.theregister.com/2025/08/01/microsoft_recall_captures_credit_card_info/

Un grand fonds américain va s’offrir le cloud sécurisé du français Ciril Group L’éditeur lyonnais de logiciels et hébergeur de données, particulièrement bien implanté au sein des collectivités locales, était jusqu’alors détenu par la famille Grivel.

Un grand fonds américain va s’offrir le cloud sécurisé du français Ciril Group

https://www.linforme.com/tech-telecom/article/un-grand-fonds-americain-va-s-offrir-le-cloud-securise-du-francais-ciril-group_3097.html

Escape-X - Let's take back control of our digital spaces!

@davidaugust Maybe have a look at https://www.escape-x.org/

Autorisez ou non le traitement de vos données a des fins publicitaires Dans le cadre des lois locales, vous pouvez choisir de nous autoriser ou non a traiter vos données personnelles pour personnaliser vos publicités sur les produits Meta.

0Q Meta Voulez-vous vous abonner, ou continuer a utiliser nos produits sans paiement avec des publicités ? Conformément aux lois de votre région, vous avez le choix de consentir ou non au traitement de vos données personnelles a des fins publicitaires. Votre choix s’appliquera aux comptes dans cet Espace Comptes. S'abonner pour utiliser sans publicités [@) Abonnez-vous pour utiliser vos comptes Facebook et Instagram sans publicité, a partir de 5,99 € / mois. Vos données ne seront pas traitées a des fins publicitaires. Utiliser sans paiement avec des publicités [@) Découvrez des produits et des marques grace aux publicités personnalisées, tout en utilisant vos comptes Facebook et Instagram sans paiement. Vos données seront traitées a des fins publicitaires. Vous aurez ensuite I'option de voir des publicités moins personnalisées. Avant de confirmer votre choix, vous en saurez plus sur la signification de chaque option. Vous pouvez comparer les choix disponibles et vérifier la fagon dont ils influencent votre expérience. Vous pouvez modifier votre choix a tout moment. Si vous ne voulez pas faire ce choix, vous pouvez télécharger vos informations et quitter nos services.

Instagram a repris ses pratiques (illégales - position du CEPD avril 2024) d'extorsion du consentement

misp-galaxy website - Threat-actor galaxy and relationships with other galaxy clusters.

Seeing all the synonyms from a threat-actor on the misp-galaxy.org website

Threat-actor database in MISP

When I added the threat-actor @misp galaxy type on Mar 4, 2016, I didn’t expect that, years later, vendors would still invent new names for already known threat actors, avoid using UUIDs, reuse similar names for different actors, and create confusing names […]

[Original post on infosec.exchange]

Enquête de la Commission européenne: Étude sur l’utilisation critique des logiciels libres dans les administrations publiques dans toute l’Europe

https://ec.europa.eu/eusurvey/runner/FOSSEPS_CriticalOSS_Survey

😂

BBC: Warning issued after US energy drink cans accidentally filled with vodka

"US authorities are warning consumers of Celsius energy drinks to check their cans after some were accidently filled with vodka.

The US Food & Drug Administration (USFDA) issued the warning for the Astro Vibe Blue […]

the former head of research at #coindesk - someone who spent most of a decade deep inside the crypto industry as a true believer - has written a long form piece titled "Money By Vile Means" about how the crypto industry has become something deeply evil, fucked up, and wholly dependent on the […]

@jamesmarshall for chat definitely, as it uses XMPP as its base. OMEMO e2e is implemented. For the rest it is not clear how they implement access control for what they call "Communities".

@jamesmarshall @fediforum have you checked the potential of @movim ?

Copilot Vision on Windows 11 sends data to Microsoft servers : Total Recall: Capturing everything you do on your PC screen to become a 'true companion'

Copilot Vision on Windows 11 sends data to Microsoft servers • The Register

https://www.theregister.com/2025/07/23/microsoft_copilot_vision/

I would strongly suggest organisations disable Microsoft Translator for Edge. It's enabled by default, and allows users to automatically translate webpages (without prompt after first use) to native language by sending the entire page content to MS. This […]

[Original post on cyberplace.social]

Cato CTRL™ Threat Research: Analyzing LAMEHUG | Cato Networks

https://www.catonetworks.com/blog/cato-ctrl-threat-research-analyzing-lamehug/

🧠 Le cerveau, capable d'être multitâche ? par Jessica Dubois @cea

https://www.youtube.com/watch?v=AJ0l935Regc

Crypto investment fraud ring dismantled in Spain after defrauding 5 000 victims worldwide - Fraudsters laundered EUR 460 million in illicit proceeds | Europol […]

Spanish police arrest five over $542 million crypto investment scheme Spain's Guardia Civil and Europol touted an operation that took down an international scheme that lured victims into bogus cryptocurrency investments.

Spanish police arrest five over $542 million crypto investment scheme | The Record from Recorded Future News

https://therecord.media/spain-europol-cryptocurrency-investment-scheme-takedown

Space satellite company is using #hamradio bands without permission, and now is looking to take away the 430 to 440Mhz band for its exclusive use.

AMSAT:

"Despite not being amateur satellites the first five commercial satellites use these amateur frequencies for telemetry links with a 50 kHz […]

Instagram et Facebook seront bloqués si vous ne faites pas ce choix Sur Instagram ou Facebook, Meta force désormais ses utilisateurs à faire un choix clair : payer pour naviguer sans publicité ou bien accepter le traitement de vos données personnelles pour continuer à utiliser les réseaux sociaux gratuitement. Depuis quelques jours, vous avez peut-être eu la surprise de voir une

« Payer ou consentir » : Meta bloque l’accès à Instagram et Facebook si vous ne faites pas ce choix - @numerama
https://www.numerama.com/tech/2034695-payer-ou-consentir-meta-bloque-lacces-a-instagram-et-facebook-si-vous-ne-faites-pas-ce-choix.html

Visa integrity fee: What to know about new travel fee to enter the US

https://www.cnbc.com/2025/07/18/visa-integrity-fee-what-to-know-about-new-travel-fee-to-enter-the-us-.html