336,000 servers remain unpatched against critical Fortigate vulnerability
69 percent of devices have yet to receive patch for flaw allowing remote code execution. Enlarge Researchers say that nearly 336,000 devices exposed to the Internet remain vulnerable to a critical vulnerability in firew.....»»
Study identifies keys to success of evidence-based decision making
Evidence-based decision making (EBDM)—using the best available evidence from multiple sources to make informed decisions—is critical to the success of any organization. In a new study, researchers have explored what makes EBDM work. They found th.....»»
Simulations identify how critical elements distribute in abundant mineral ores
Nickel (Ni) and cobalt (Co) are critical elements for modern technologies, with high-grade Ni and Co ores becoming increasingly scarce. Mafic and ultramafic deposits are low-grade, abundant alternatives to traditional Ni and Co ores. However, new met.....»»
Are Earth"s missing millions of undescribed insect species extinction-prone?
In new research, Griffith ecologists have highlighted the millions of insects that remain undiscovered and unnamed by scientists were likely to be more vulnerable to extinction than named species......»»
GenAI buzz fading among senior executives
GenAI adoption has reached a critical phase, with 67% of respondents reporting their organization is increasing its investment in GenAI due to strong value to date, according to Deloitte. “The State of Generative AI in the Enterprise: Now decid.....»»
Nuclei: Open-source vulnerability scanner
Nuclei is a fast and customizable open-source vulnerability scanner powered by YAML-based templates. With its flexible templating system, Nuclei can be adapted to perform various security checks. It can send requests to multiple targets using customi.....»»
Bird species are disappearing at an alarming rate in Kenya, study finds
Sub-Saharan Africa has a vast amount of uncultivated, arable land—about 2 million km2, accounting for about 50% of the global total. This land is a critical habitat for many animal species, including birds......»»
From sun to Earth: A new network for comprehensive space weather monitoring
There's a lot going on between Earth's atmosphere and the sun. Accurately forecasting conditions in this area of space is challenging but critical to the safety of astronauts, satellites, and even ground-based systems such as power grids. Doing so re.....»»
Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987)
A week after SolarWinds released a fix for a critical code-injection-to-RCE vulnerability (CVE-2024-28986) in Web Help Desk (WHD), another patch for another critical flaw (CVE-2024-28987) in the company’s IT help desk solution has been pushed o.....»»
Vulnerability prioritization is only the beginning
To date, most technology solutions focused on vulnerability management have focused on the prioritization of risks. That usually took the shape of some risk-ranking structure displayed in a table with links out to the CVEs and other advisory or threa.....»»
GitHub Enterprise Server has a critical security flaw, so patch now
A newly discovered security flaw allows hackers to elevate their privileges and thus take over vulnerable endpoints......»»
Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800)
A critical vulnerability (CVE-2024-6800) affecting all currently supported versions of GitHub Enterprise Server (GHES) may allow attackers to gain unrestricted access to the instance’s contents. The issue, reported via the GitHub Bug Bounty pro.....»»
New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971)
A new Chrome zero-day vulnerability (CVE-2024-7971) exploited by attackers in the wild has been fixed by Google. About CVE-2024-7971 CVE-2024-7971 is a high-severity vulnerability caused by a type confusion weakness in V8, the open-source JavaScript.....»»
Self-driving industry could soon flourish, but roadblocks still remain
Fifteen years into the modern-day push to develop self-driving vehicles, standards and best practices are still under development, regulations are fuzzy and incomplete, and safety benchmarks don't exist......»»
From genome to grocer"s aisle: Decoding the Chinese cherry for firmer fruits
A significant milestone in horticultural genomics has been reached with the successful decoding of the tetraploid Chinese cherry genome. A recent study provides essential insights into the genetic factors that influence fruit firmness, a critical tra.....»»
Food security: Accelerating national protections around critical infrastructure
In this Help Net Security video, Mike Lexa, CISO and Global VP of IT Infrastructure and Operations at CNH, discusses how the federal government is taking food security more seriously and what steps must be taken to prioritize security measures. What.....»»
Experts study immigration in relation to jobs, crime and disease
According to the U.S. Census Bureau, immigrants made up 13.9% of the total population in 2022. Among them are highly skilled workers who fill critical gaps in high-tech industries as well as those who construct the buildings in which we live and who.....»»
Novel ratchet mechanism uses a geometrically symmetric gear driven by asymmetric surface wettability
The ratchet mechanism is a fascinating energy-conversion system that converts disorderly or random motion into orderly, directed movement through a process known as spontaneous rectification. It is a critical component of mechanical systems, typicall.....»»
Vulnerability in Microsoft apps allowed hackers to spy on Mac users
A vulnerability found in Microsoft apps for macOS allowed hackers to spy on users. Security researchers from Cisco Talos reported in a blog post how the vulnerability could be exploited by attackers and what Microsoft has been doing to fix the explo.....»»
Windows 0-day was exploited by North Korea to install advanced rootkit
FudModule rootkit burrows deep into Windows, where it can bypass key security defenses. Enlarge (credit: Getty Images) A Windows zero-day vulnerability recently patched by Microsoft was exploited by hackers working on be.....»»
Week in review: MS Office flaw may leak NTLM hashes, malicious Chrome, Edge browser extensions
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited.....»»