Godzil (./36688) :Microsoft n'est pas étatique non plus mais le droit américain s'applique dessus. Il me semble bien qu'a partir du moment ou une seule personne de nationalité américaine a participé au code d'un logiciel, les USA se réclament le droit de faire appliquer leurs lois dessus.
Linux n'est pas étatique
I've seen the Chinese Tiktok (douyin) db before. Few years back, I came across a large exposed ES DB that had 1000s indexes that indicated data from chinese tiktok and other companies.
— Internet User (@PvtGomerPyIe) September 5, 2022
Most likely it was some 3rd party scraping or some gov monitoring program that exposed it. pic.twitter.com/2Re49OufT0
To create this reverse shell, the attacker must first convince a user to install a malicious stager that executes commands, and uploads command output via a GIF url to a Microsoft Teams web hook.Donc pas une faille à priori, plutôt un moyen d'exfiltration.
(...)
Microsoft acknowledged the research but said it would not be fixed as no security boundaries were bypassed.
"For this case, 72412, while this is great research and the engineering team will endeavor to improve these areas over time, these all are post exploitation and rely on a target already being compromised," Microsoft told Rauch in an email shared with BleepingComputer.
"No security boundary appears to be bypassed. The product team will review the issue for potential future design changes, but this would not be tracked by the security team."
I won’t spoil it because the last 9 words alone are worth zooming in to read this. pic.twitter.com/mSeGw1x7bb
— At Angry Skycrane (@AngrySkycrane) September 12, 2022
In cases where Chrome Enhanced Spellcheck or Edge's Microsoft Editor (spellchecker) were enabled, "basically anything" entered in form fields of these browsers was transmitted to Google and Microsoft.
"Furthermore, if you click on 'show password,' the enhanced spellcheck even sends your password, essentially Spell-Jacking your data," explains otto-js in a blog post.
NVIDIA GeForce RTX 40 Series PCIe Gen 5 Power Adapters Have a Limited Connect & Disconnect Life of 30 CyclesBon, c'est pas le genre de trucs qu'on branche/débranche tous les jours, mais 30 cycles c'est vraiment peu.
Wccftech
The new information comes from ZOTAC who has listed over their site the service life of a single PCIe Gen 5 adapter cable. According to the manufacturer, the company has suggested that the PCIe gen 5 adapter that comprises 4x 8-Pin to 1x 16-Pin connector be replaced after 30 connects and disconnects. This means that the user can, at maximum, connect and disconnect the cable for just 30 times before its "Limited" service life would end.