alternative_right shares a report from Euronews: France's President Emmanuel Macron discovered news of his own supposed overthrow, after he received a message of concern, along with a link to a Facebook video. "On Sunday (14 December) one of my African counterparts got in touch, writing 'Dear president, what's happening to you? I'm very worried,'" Macron told readers of French local newspaper La Provence on December 16.

Alongside the message, a compelling video showcasing a swirling helicopter, military personnel, crowds and -- what appears to be -- a news anchor delivering a piece to camera. "Unofficial reports suggest that there has been a coup in France, led by a colonel whose identity has not been revealed, along with the possible fall of Emmanuel Macron. However, the authorities have not issued a clear statement," she says.

Except, nothing about this video is authentic: it was created with AI. After discovering the video, Macron asked Pharos -- France's official portal for signaling online illicit content -- to call Facebook's parent company Meta, to get the fake video removed. But that request was turned down, as the platform claimed it did not violate its "rules of use." [...] The original video ... racked up more than 12 million views [...].The teenager running the account is based in Burkina Faso and makes money running courses focusing on how to monetize AI. He eventually took the video down more than a week after its initial publication, due to political -- and public -- controversy. "I tend to think that I have more power to apply pressure than other people," Macron said. "Or rather, that it's easier to say something is serious if I am the one calling, but it doesn't work."

"These people are mocking us," he added. "They don't care about the serenity of public debates, they don't care about democracy, and therefore they are putting us in danger."

Minnesota Governor Tim Walz has activated the National Guard to assist the City of Saint Paul after a cyberattack crippled the city's digital services on Friday. "The city is currently working with local, state, and federal partners to investigate the attack and restore full functionality, and says that emergency services have been unaffected," reports BleepingComputer. "However, online payments are currently unavailable, and some services in libraries and recreation centers are temporarily unavailable." From the report: The attack has persisted through the weekend, causing widespread disruptions across the city after affecting St. Paul's digital services and critical systems. "St. Paul officials have been working around the clock since discovering the cyberattack, closely coordinating with Minnesota Information Technology Services and an external cybersecurity vendor. Unfortunately, the scale and complexity of this incident exceeded both internal and commercial response capabilities," reads an emergency executive order (PDF) signed on Tuesday.

"As a result, St. Paul has requested cyber protection support from the Minnesota National Guard to help address this incident and make sure that vital municipal services continue without interruption." "The decision to deploy cyber protection support from the Minnesota National Guard comes at the city's request, after the cyberattack's impact exceeded St. Paul's incident response capacity. This will ensure the continuity of vital services for Saint Paul residents, as well as their security and safety while ongoing disruptions are being mitigated. "We are committed to working alongside the City of Saint Paul to restore cybersecurity as quickly as possible," Governor Walz said on Tuesday. "The Minnesota National Guard's cyber forces will collaborate with city, state, and federal officials to resolve the situation and mitigate lasting impacts."

In April researchers responsibly disclosed two security flaws found in Sudo "that could enable local attackers to escalate their privileges to root on susceptible machines," reports The Hacker News. "The vulnerabilities have been addressed in Sudo version 1.9.17p1 released late last month." Stratascale researcher Rich Mirch, who is credited with discovering and reporting the flaws, said CVE-2025-32462 has managed to slip through the cracks for over 12 years. It is rooted in the Sudo's "-h" (host) option that makes it possible to list a user's sudo privileges for a different host. The feature was enabled in September 2013. However, the identified bug made it possible to execute any command allowed by the remote host to be run on the local machine as well when running the Sudo command with the host option referencing an unrelated remote host. "This primarily affects sites that use a common sudoers file that is distributed to multiple machines," Sudo project maintainer Todd C. Miller said in an advisory. "Sites that use LDAP-based sudoers (including SSSD) are similarly impacted."

CVE-2025-32463, on the other hand, leverages Sudo's "-R" (chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file. It's also a critical-severity flaw. "The default Sudo configuration is vulnerable," Mirch said. "Although the vulnerability involves the Sudo chroot feature, it does not require any Sudo rules to be defined for the user. As a result, any local unprivileged user could potentially escalate privileges to root if a vulnerable version is installed...."

Miller said the chroot option will be removed completely from a future release of Sudo and that supporting a user-specified root directory is "error-prone."

The Register's Jessica Lyons reports: Chinese state-sponsored spies have been spotted inside a global engineering firm's network, having gained initial entry using an admin portal's default credentials on an IBM AIX server. In an exclusive interview with The Register, Binary Defense's Director of Security Research John Dwyer said the cyber snoops first compromised one of the victim's three unmanaged AIX servers in March, and remained inside the US-headquartered manufacturer's IT environment for four months while poking around for more boxes to commandeer. It's a tale that should be a warning to those with long- or almost-forgotten machines connected to their networks; those with shadow IT deployments; and those with unmanaged equipment. While the rest of your environment is protected by whatever threat detection you have in place, these legacy services are perfect starting points for miscreants.

This particular company, which Dwyer declined to name, makes components for public and private aerospace organizations and other critical sectors, including oil and gas. The intrusion has been attributed to an unnamed People's Republic of China team, whose motivation appears to be espionage and blueprint theft. It's worth noting the Feds have issued multiple security alerts this year about Beijing's spy crews including APT40 and Volt Typhoon, which has been accused of burrowing into American networks in preparation for destructive cyberattacks.

After discovering China's agents within its network in August, the manufacturer alerted local and federal law enforcement agencies and worked with government cybersecurity officials on attribution and mitigation, we're told. Binary Defense was also called in to investigate. Before being caught and subsequently booted off the network, the Chinese intruders uploaded a web shell and established persistent access, thus giving them full, remote access to the IT network -- putting the spies in a prime position for potential intellectual property theft and supply-chain manipulation. If a compromised component makes it out of the supply chain and into machinery in production, whoever is using that equipment or vehicle will end up feeling the brunt when that component fails, goes rogue, or goes awry.

"The scary side of it is: With our supply chain, we have an assumed risk chain, where whoever is consuming the final product -- whether it is the government, the US Department of the Defense, school systems â" assumes all of the risks of all the interconnected pieces of the supply chain," Dwyer told The Register. Plus, he added, adversarial nations are well aware of this, "and the attacks continually seem to be shifting left." That is to say, attempts to meddle with products are happening earlier and earlier in the supply-chain pipeline, thus affecting more and more victims and being more deep-rooted in systems. Breaking into a classified network to steal designs or cause trouble is not super easy. "But can I get into a piece of the supply chain at a manufacturing center that isn't beholden to the same standards and accomplish my goals and objectives?" Dwyer asked. The answer, of course, is yes. [...]

Dan Goodin reports via Ars Technica: Three years ago, Apple introduced a privacy-enhancing feature that hid the Wi-Fi address of iPhones and iPads when they joined a network. On Wednesday, the world learned that the feature has never worked as advertised. Despite promises that this never-changing address would be hidden and replaced with a private one that was unique to each SSID, Apple devices have continued to display the real one, which in turn got broadcast to every other connected device on the network. [...]

In 2020, Apple released iOS 14 with a feature that, by default, hid Wi-Fi MACs when devices connected to a network. Instead, the device displayed what Apple called a "private Wi-Fi address" that was different for each SSID. Over time, Apple has enhanced the feature, for instance, by allowing users to assign a new private Wi-Fi address for a given SSID. On Wednesday, Apple released iOS 17.1. Among the various fixes was a patch for a vulnerability, tracked as CVE-2023-42846, which prevented the privacy feature from working. Tommy Mysk, one of the two security researchers Apple credited with discovering and reporting the vulnerability (Talal Haj Bakry was the other), told Ars that he tested all recent iOS releases and found the flaw dates back to version 14, released in September 2020. "From the get-go, this feature was useless because of this bug," he said. "We couldn't stop the devices from sending these discovery requests, even with a VPN. Even in the Lockdown Mode."

When an iPhone or any other device joins a network, it triggers a multicast message that is sent to all other devices on the network. By necessity, this message must include a MAC. Beginning with iOS 14, this value was, by default, different for each SSID. To the casual observer, the feature appeared to work as advertised. The "source" listed in the request was the private Wi-Fi address. Digging in a little further, however, it became clear that the real, permanent MAC was still broadcast to all other connected devices, just in a different field of the request. Mysk published a short video showing a Mac using the Wireshark packet sniffer to monitor traffic on the local network the Mac is connected to. When an iPhone running iOS prior to version 17.1 joins, it shares its real Wi-Fi MAC on port 5353/UDP.

An anonymous reader quotes a report from The Guardian: Australian user data is accessible to TikTok employees based in China on a "very strict basis," the company's head of data security, Will Farrell, has said. In their first public appearance before Australian members of parliament since the government joined Canada, the US and the UK in banning TikTok from government-owned devices amid concerns about the company's connections to China, TikTok executives were questioned at length by a parliamentary committee examining foreign interference on social media. Liberal senator and chair of the committee James Paterson, who has led the opposition's push against the app, questioned how many times Australian user data had been accessed by TikTok staff based within China. Farrell could not provide the number immediately, but admitted it did happen.

Farrell said there were "a number of protections in place", including that employees only get the minimum amount of access to data to do their job, and when they access that data they need to provide a business justification that needs to be approved by their manager and the database owner within TikTok. If the data is being accessed across a national border, it has to be approved by the global security team based in the US, which also monitors all data access. "Employees can't get access without a clear justification and levels of approval," Farrell said. A similar security review would apply if an employee based in China tried to change the recommendations algorithm, he said.

The company's local head of public policy, Ella Woods-Joyce, said China's 2017 national security law -- which requires companies to give the government any personal data relevant to national security -- would apply to any company that had operations and staff in China. When asked on what ground TikTok would refuse to comply with the law, Woods-Joyce said TikTok had never been asked for personal data by the Chinese government and would refuse if asked. [...] It was revealed in December that employees had used the app to attempt to identify the source of a leak to journalists. Hunter told the committee that he stood by the sentiments expressed in his original article, and blamed "rogue employees" who had since been fired from the company for accessing the data. He said "serious misconduct from these rogue employees" had taken place. He said GPS location information was not collected in Australia.

Lenovo has released security updates for more than 100 laptop models to fix critical vulnerabilities that make it possible for advanced hackers to surreptitiously install malicious firmware that can be next to impossible to remove or, in some cases, to detect. Ars Technica reports: Three vulnerabilities affecting more than 1 million laptops can give hackers the ability to modify a computer's UEFI. Short for Unified Extensible Firmware Interface, the UEFI is the software that bridges a computer's device firmware with its operating system. As the first piece of software to run when virtually any modern machine is turned on, it's the initial link in the security chain. Because the UEFI resides in a flash chip on the motherboard, infections are difficult to detect and even harder to remove.

Two of the vulnerabilities -- tracked as CVE-2021-3971 and CVE-2021-3972 -- reside in UEFI firmware drivers intended for use only during the manufacturing process of Lenovo consumer notebooks. Lenovo engineers inadvertently included the drivers in the production BIOS images without being properly deactivated. Hackers can exploit these buggy drivers to disable protections, including UEFI secure boot, BIOS control register bits, and protected range register, which are baked into the serial peripheral interface (SPI) and designed to prevent unauthorized changes to the firmware it runs. After discovering and analyzing the vulnerabilities, researchers from security firm ESET found a third vulnerability, CVE-2021-3970. It allows hackers to run malicious firmware when a machine is put into system management mode, a high-privilege operating mode typically used by hardware manufacturers for low-level system management. "All three of the Lenovo vulnerabilities discovered by ESET require local access, meaning that the attacker must already have control over the vulnerable machine with unfettered privileges," notes Ars Technica's Dan Goodin. "The bar for that kind of access is high and would likely require exploiting one or more critical other vulnerabilities elsewhere that would already put a user at considerable risk."

Still, it's worth looking to see if you have an affected model and, if so, patch your computer as soon as possible.

An anonymous reader quotes NBC News: Police officers around the country, in departments large and small, working for federal, state and local agencies, use undercover Facebook accounts to watch protesters, track gang members, lure child predators and snare thieves, according to court records, police trainers and officers themselves. Some maintain several of these accounts at a time. The tactic violates Facebook's terms of use, and the company says it disables fake accounts whenever it discovers them. But that is about all it can do: Fake accounts are not against the law, and the information gleaned by the police can be used as evidence in criminal and civil cases. Investigators know this, which is why the accounts continue to flourish.

"Every high-tech crime unit has one," said an officer who uses an undercover account to monitor gang members and drug dealers in New Jersey and who spoke on the condition of anonymity to avoid having the account exposed or shut down. "It's not uncommon, but we don't like to talk about it too much." The proliferation of fake Facebook accounts and other means of social media monitoring -- including the use of software to crunch data about people's online activity -- illustrates a policing "revolution" that has allowed authorities to not only track people but also map out their networks, said Rachel Levinson-Waldman, senior counsel at New York University School of Law's Brennan Center for Justice....

Judges in New Jersey and Delaware have upheld investigators' use of fake social media profiles. U.S. Immigration and Customs Enforcement, the Cincinnati Police Department and the Chicago Police Department have publicly boasted of using undercover Facebook accounts in cases against accused child predators, gangs and gun traffickers. Following an outcry after a Drug Enforcement Administration agent created a fake Facebook account in a suspect's name to catch members of a drug ring, the Department of Justice promised in 2014 to review the agency's policies -- but the department did not respond to multiple requests to say what has changed. Several law enforcement agencies, including the New York Police Department, the Georgia Bureau of Investigation and the Indiana Intelligence Fusion Center, have policies that explicitly allow the creation of fake profiles, with some conditions -- including obtaining prior approval from a superior and limiting interactions with targets.... [P]olice agencies have been able to keep undercover accounts for years without Facebook discovering them.
After one successful ACLU lawsuit this August, a Memphis activist discovered that his local police department had assembled 22,000 pages about him and his friends.

Police in Concord, California arrested a teenager earlier this week and charged him 14 felony counts after discovering the high schooler launched a phishing campaign directed at teachers in order to steal their passwords and change grades. From a report: The 16-year-old student, whose name was not released because he's a minor, was arrested Wednesday following an investigation launched by local law enforcement, with assistance from a Contra Costa County task force and the US Secret Service, KTVU reported. Reports of the hack first started to trickle into police two weeks ago, when teachers in the Mount Diablo Unified School District started receiving suspicious emails in their inbox. As it turns out, they were part of a phishing attempt launched by the student. The email messages contained a link that sent the recipients to a fake website constructed by the student to look like the school's portal. If a teacher clicked on the link, they were directed to the site that would prompt them to enter their username and password. The site would record any information entered, allowing the student to hijack the teacher's account.

An anonymous reader writes: "A Dutch cyber-security firm has discovered that in-vehicle infotainment (IVI) systems deployed with some car models from the Volkswagen Group are vulnerable to remote hacking," reports Bleeping Computer. The vulnerabilities have been successfully tested and verified on Volkswagen Golf GTE and Audi A3 Sportback e-tron models. Researchers say they were able to hack the cars via both WiFi (remote vector) and USB (local vector) connections. Researchers hinted they could have also went after the cars' braking and acceleration system, but stopped due to fear of breaking VW's intellectual property on those systems.

"Under certain conditions attackers could listen in to conversations the driver is conducting via a car kit, turn the microphone on and off, as well as gaining access to the complete address book and the conversation history," Computest researchers said in their paper. "Furthermore, due to the vulnerability, there is the possibility of discovering through the navigation system precisely where the driver has been, and to follow the car live wherever it is at any given time," researchers added. VW deployed patches.

A while ago you had a chance to ask Andrew "bunnie" Huang about hardware, hacking and his open source hardware laptop Novena. Below you'll find his answers to those questions.

Bennettt Haselton has a gift idea for this year that needn't necessarily cost you any money (if you have a color printer available), though as he points out there are ways to invest in a higher-quality result. The gift? A unique picture created with a few pieces of free software and a bit of your time. Bennett writes: "You can use these little-known free programs to create a photomosaic of a friend's wedding photo or other favorite photograph, for a uniquely personal gift that doesn't cost much but can still delight. Follow these steps to use the programs most effectively and get the best results." Read on for the rest.

A while ago you had the chance to ask mathematician and theoretical physicist Freeman Dyson about his work in quantum electrodynamics, nuclear propulsion, and his thoughts on the past, present, and future of science. Below you'll find his answers to your questions.

An anonymous reader writes "Recently, I had found out (through my log files) that my wireless router was subject to a Wi-Fi Protected Setup (WPS) brute force PIN attack. After looking on the Internet and discovering that there are indeed many vulnerabilities to WPS, I disabled it. After a few days, I noticed that I kept intermittently getting disconnected at around the same time every day (indicative of a WPA deauthentication handshake capture attempt). I also noticed that an evil twin has been set up in an effort to get me to connect to it. Through Wi-Fi monitoring software, I have noticed that certain MAC addresses are connected to multiple WEP and WPA2 access points in my neighborhood. I believe that I (and my neighbors) may be dealing with an advanced Wi-Fi leech. What can I do in this situation? Should I bother purchasing a directional antenna, figuring out exactly where the clients are situated, and knocking on their door? Is this something the local police can help me with?"

eldavojohn writes "The third edition of Hello, Android brings the book up to date on Android versions from 1.5 to 2.2 (FroYo). The book is predominantly tied to the Eclipse editing environment with several pages devoted to screen shots of the IDE. As the title suggests, this book aims to give the user the equivalent of a "Hello, world!" application in Android and succeeds in doing that but doesn't take the reader much further. From creating a sudoku application with increasing support to dabbling in OpenGL ES, the book's prime audience are people who know a little Java (with no aversion to Eclipse) and XML but absolutely no Android. You can find the source for all the examples." Keep reading for the rest of eldavojohn's review.

bluefoxlucid asks: "Lately I've been looking into technical books, and have come to the conclusion that there are a lot of useful books out there containing information that could be useful to me. To my alarm, I've found that many of these titles are not in my local public library! This requires action; I must build my own library, and actually use that bookshelf in my room! But, without a way to sample the books, how should I know which to buy? What (mainly non-fiction) recommendations would you make for anyone who would fall into the Slashdot audience to read?"

prostoalex writes "When you read a news item about a company buyout or a two-person research project hitting big, how many times have you thought "I wonder if I could run a software company." Apparently, quite a few of software developers are discovering the entrepreneur within, which explains the ever-increasing number of threads on the Business of Software, Software CEO and other similar forums. However, most of the software entrepreneurs are coders, and not business majors. For them the business side of running a company constitutes that grey area that people with suits, expensive glasses and knowledge of word "synergy" learn in business schools. What will be the market for your product? What should you charge for a software app? Should you go freeware, ad-ware, shareware, trialware or open source? How will you accept payments? What are the laws for incorporating a company in the state of Nebraska, and will the IRS go after you, if you don't hire an accountant, and incorporate in Moms basement, which is zoned for residential area? How about marketing - will you be able to reach all the left-handed accountants in the Eastern United States, or should you buy a highway billboard advertising your image editing application?" Read the rest of Alex's review.

nazarijo writes "Plenty of people are curious as to how to become an information security professional. It's a profession that has a bit of an establishment atmosphere to it where entry to various levels is granted in secret. And it's often hard to understand where to start. Infosec Career Hacking attempts to demystify this process and show you not only generic strategies for employment, but ones specific to the information security field." Read on for the rest of Nazario's review.

norburym (Mary Norbury-Glaser )writes "Carla Schroder's Linux Cookbook (O'Reilly) is an extremely dense volume packed with valuable information. The author writes with precision and detail and with a conversational style that handles the topic with a wry humor making this book a pleasure to read. The Linux Cookbook is command-line based so some familiarity with a Linux system, the inherent power of using the command-line and the dangers of using root are necessary." Read on for the rest of Norbury-Glaser's review.

Slashback this evening with another batch of updates and responses to previous Slashdot posts, including: how Firefox users can avoid post-cookie Web tracking (for now), more on open-source graphics drivers, and an alarm clock that sounds perfect for annoying a spouse. Read on for the details.