Hackers leverage 1-day vulnerabilities to deliver custom Linux malware
A financially motivated threat actor is using known vulnerabilities to target public-facing services and deliver custom malware to unpatched Windows and Linux systems. Among the exploited vulnerabilities are also two recently discovered Ivanti Connec.....»»
Mitsubishi aims at adventure set with sporty passenger van, lifted Outlander
Mitsubishi plans to plug major holes in its U.S. lineup and deliver a passenger van and an entry-level electrified crossover in the second half of the decade......»»
Ebury botnet compromises 400,000+ Linux servers
ESET researchers released its deep-dive investigation into one of the most advanced server-side malware campaigns. It is still growing and has seen hundreds of thousands of compromised servers in its at least 15-year-long operation. The Ebury group a.....»»
OWASP dep-scan: Open-source security and risk audit tool
OWASP dep-scan is an open-source security and risk assessment tool that leverages information on vulnerabilities, advisories, and licensing restrictions for project dependencies. It supports local repositories and container images as input sources, m.....»»
Palo Alto Networks partners with IBM to deliver AI-powered security offerings
Palo Alto Networks and IBM announced a broad-reaching partnership to deliver AI-powered security outcomes for customers. The announcement is a testament to Palo Alto Networks’ and IBM’s commitment to each other’s platforms and innov.....»»
iOS 18 will let you set custom voice phrases to trigger actions, no ‘Siri’ necessary
Today amid a wealth of accessibility announcements, including hands-free CarPlay and the futuristic Live Captions on Vision Pro, Apple announced that iOS 18 would be introducing a powerful new voice feature. Vocal Shortcuts will enable system-wide ac.....»»
Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach
Ebury backdoors SSH servers in hosting providers, giving the malware extraordinary reach. Enlarge (credit: BeeBright / Getty Images / iStockphoto) Infrastructure used to maintain and distribute the Linux operating syste.....»»
VMware patches serious security flaws in some of its top products
Fixes for Workstation and Fusion look to prevent hackers from mounting denial-of-service attacks......»»
How attackers deliver malware to Foxit PDF Reader users
Threat actors are taking advantage of the flawed design of Foxit PDF Reader’s alerts to deliver malware via booby-trapped PDF documents, Check Point researchers have warned. Exploiting the issue The researchers have analyzed several campaigns u.....»»
May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040)
For May 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, including two zero-days (CVE-2024-30051, CVE-2024-30040) actively exploited by attackers. CVE-2024-30051 and CVE-2024-30040 CVE-2024-30051 is a heap-based b.....»»
An easy pill to swallow—new 3D printing research paves way for personalized medication
A new technique for 3D printing medication has enabled the printing of multiple drugs in a single tablet, paving the way for personalized pills that can deliver timed doses......»»
Critical vulnerabilities take 4.5 months on average to remediate
Over a third of organizations had at least one known vulnerability in 2023, with nearly a quarter of those facing five or more, and 60% of vulnerabilities remained unaddressed past CISA’s deadlines, according to Bitsight. Organizations struggle.....»»
How AI affects vulnerability management in open-source software
In this Help Net Security video, Itamar Sher, CEO of Seal Security, discusses how AI affects the risk and operational aspects of managing vulnerabilities in open-source software. One of the core issues around open-source vulnerability patch managemen.....»»
Cybercriminals are getting faster at exploiting vulnerabilities
Cybercriminals are targeting the ever-increasing number of new vulnerabilities resulting from the exponential growth in the number and variety of connected devices and an explosion in new applications and online services, according to Fortinet. It’.....»»
Apple set to deliver AI assistant for transcribing, summarizing meetings and lectures
Apple later this year hopes to make real-time audio transcription and summarization available system-wide on many of its devices, as the iPhone maker looks to harness the power of AI in delivering efficiency boosts to several of its core applications.....»»
New Fallout 4 Update Coming Monday, Will Fix Issues With Next-Gen Update
Bethesda’s announced plans to deliver a new Fallout 4 update for all platforms on Monday and the firmware should correct some of the problems caused by the game’s next-gen upgrade. In late April, Bethesda rolled out the long-awaited Fallo.....»»
F5 fixes BIG-IP Next Central Manager flaws with public PoCs (CVE-2024-21793, CVE-2024-26026)
Eclypsium researchers have published details and PoC exploits for two remotely exploitable injection vulnerabilities (CVE-2024-21793, CVE-2024-26026) affecting F5’s BIG-IP Next Central Manager. About the vulnerabilities BIG-IP Next is “a comp.....»»
Ransomware attacks impact 20% of sensitive data in healthcare orgs
Recent cyber incidents demonstrate the healthcare industry continues to be a prime target for ransomware hackers, according to Rubrik. New research by Rubrik Zero Labs reveals that ransomware attacks produce larger impacts against these healthcare ta.....»»
Critical vulnerabilities in BIG-IP appliances leave big networks open to intrusion
Hackers can exploit them to gain full administrative control of internal devices. Enlarge (credit: Getty Images) Researchers on Wednesday reported critical vulnerabilities in a widely used networking appliance that leave.....»»
I want to love Asus’ gaming earbuds, but there are problems
Asus' Cetra SpeedNova earbuds deliver what gamers are looking for thanks to ANC and a low latency connection. But there are a couple of big issues......»»
Red Hat launches RHEL AI for streamlined GenAI model testing and deployment
Red Hat has launched Red Hat Enterprise Linux AI (RHEL AI), a foundation model platform that enables users to more seamlessly develop, test and deploy generative AI (GenAI) models. RHEL AI brings together the open source-licensed Granite large langua.....»»