Apache ActiveMQ bug exploited to deliver Kinsing malware
Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. CVE-2023-46604 exploitation Apache ActiveMQ is a popular Java-based open sourc.....»»
Roundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770)
CVE-2023-43770, a vulnerability in the Roundcube webmail software that has been fixed in September 2023, is being exploited by attackers in the wild, CISA has warned by adding the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. Ab.....»»
Critical Fortinet FortiOS flaw exploited in the wild (CVE-2024-21762)
Fortinet has patched critical remote code execution vulnerabilities in FortiOS (CVE-2024-21762, CVE-2024-23313), one of which is “potentially” being exploited in the wild. The exploitation-in-the-wild has been confirmed by CISA, by adding.....»»
How to watch NASA and SpaceX launch a private lunar lander mission this week
This week, Intuitive Machines will launch its first lunar lander to deliver science payloads to the surface of the moon......»»
Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893)
CVE-2024-21893, a server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure VPN gateways and Policy Secure (a network access control solution), is being exploited by attackers. About CVE-2024-21893 CVE-2024-21893 allows a attac.....»»
The surprising secrets of extreme snowfall events in Utah"s central Wasatch
Major snowstorms in Utah's Wasatch Mountains are both a blessing and a curse. They deliver much-needed moisture that supplies water to the state's biggest metropolitan area and fluffy light snow to support the world's finest powder skiing......»»
Report: Mac security threats on the rise, here’s what to watch out for
Malwarebytes has released its latest report digging into the state of malware to start 2024. The findings include which countries see the most ransomware attacks, the evolution of malware over the last year, how Mac threats are growing, which Mac th.....»»
Daily Telescope: A stunning new image of Io reveals a volcanic plume
Juno continues to deliver in the Jovian system. Enlarge / Behold: Io (credit: Björn Jónsson) Welcome to the Daily Telescope. There is a little too much darkness in this world and not enough light, a little too much.....»»
Who will deliver immersive content for Apple Vision Pro?
Hypothetically thinking about Apple Vision Pro and what it offers for nearly $4000 in hardware might leave you concerned that Apple won't find enough buyers to support the creation of sufficient software and immersive content for it as a platform. Ha.....»»
Week in review: Windows Event Log zero-day, exploited critical Jenkins RCE flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Prioritizing cybercrime intelligence for effective decision-making in cybersecurity In this Help Net Security interview, Alon Gal, CTO at Hudson Roc.....»»
The Apple Vision Pro has already been hacked
Within a day after the release of the Apple Vision Pro, a security researcher claims to have created a kernel exploit for visionOS, opening the way towards a potential jailbreak and malware creation.A forced restart of the Apple Vision Pro [x/0xjprx].....»»
How to remove malware and viruses from an Android phone
Downloaded an infected app? Our guide will show you the steps to take and some recommended security measures......»»
Threat actor used Vimeo, Ars Technica to serve second-stage malware
A financially motivated threat actor tracked as UNC4990 is using booby-trapped USB storage devices and malicious payloads hosted on popular websites such as Ars Technica, Vimeo, GitHub and GitLab to surreptitiously deliver malware. Another interestin.....»»
Chinese malware removed from SOHO routers after FBI issues covert commands
Routers were being used to conceal attacks on critical infrastructure. Enlarge / A Wi-Fi router. (credit: Getty Images | deepblue4you) The US Justice Department said Wednesday that the FBI surreptitiously sent commands t.....»»
Scientists launch ambitious roadmap for circular carbon plastics economy
Researchers from the Oxford Martin Program on the Future of Plastics, University of Oxford, have outlined ambitious targets to help deliver a sustainable and net zero plastic economy. In a paper published in Nature, the authors argue for a rethinking.....»»
Ars Technica used in malware campaign with never-before-seen obfuscation
Vimeo also used by legitimate user who posted booby-trapped content. Enlarge (credit: Getty Images) Ars Technica was recently used to serve second-stage malware in a campaign that used a never-before-seen attack chain to.....»»
New AI model designs proteins to deliver gene therapy
Researchers at the University of Toronto have used an artificial intelligence framework to redesign a crucial protein involved in the delivery of gene therapy......»»
macOS Sonoma 14.4 Release Date: Tips & Tricks
Apple’s confirmed a new macOS Sonoma 14.4 update and Mac users might want to start doing some early prep work ahead of its arrival. macOS Sonoma 14.4 is the fourth milestone upgrade for macOS Sonoma. Milestone upgrades typically deliver a blend.....»»
Researchers develop puffed-up MOFs for improved drug delivery
The spongelike structure of metal-organic frameworks (MOFs) allows these polymers to possibly carry and deliver a range of therapeutic compounds. Now, researchers reporting in ACS Applied Bio Materials have treated a chromium-containing MOF with a do.....»»
Blackwood APT delivers malware by hijacking legitimate software update requests
ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group, which they dubbed Blackwood. Blackwood has carried out cyberespionage operations against individuals and companies from China, Japan, and the Unit.....»»
In 2024, AI and ML shift from flashy to functional
AI and ML deserve the hype they get, but the focus can’t always be on the glitz. As these advances to deliver real benefits, there’s a slew of more mundane actions that have to be taken—and in 2024, this is where we’ll see some of the most ex.....»»