Apache Flink flaw is back, and being actively exploited
An improper access control flaw is being actively exploited, CISA is warning......»»
Voltron Data Theseus helps organizations solve data processing challenges
Voltron Data introduced Theseus, a distributed execution engine built to solve today’s data processing challenges at a scale beyond the capabilities of CPU-based analytics systems like Apache Spark. Theseus is available to enterprises and governmen.....»»
Apple patches two zero-days used to target iOS users (CVE-2023-42916 CVE-2023-42917)
With the latest round of security updates, Apple has fixed two zero-day WebKit vulnerabilities (CVE-2023-42916, CVE-2023-42917) that “may have been exploited against versions of iOS before iOS 16.7.1.” About the vulnerabilities (CVE-2023-.....»»
iOS 17.1.2 and macOS Sonoma 14.1.2 patch 2 actively exploited vulnerabilities
Apple released an important security update today for iPhone, iPad, and Mac. The list of fixes is short, but iOS 17.1.2 and macOS Sonoma 14.1.2 patch two web-based security flaws that have been actively exploited. more….....»»
iOS 17.1.2 & Sonoma 14.1.2 updates stop browsers from leaking personal data
Apple has updated iOS, iPadOS, and macOS Sonoma with new updates that fix two actively exploited WebKit bugs that could leak personal data to attackers.Apple patches flaws in WebKit in latest OS updatesThe company released the newest versions of its.....»»
PSA: Update Chrome on Mac, as security flaw is being actively exploited
If you use Chrome on Mac, it’s strongly recommended to update it immediately, as a security flaw discovered by Google is being actively exploited by attackers. It could potentially allow personal data to be extracted from your Mac (the same issue a.....»»
Dremio introduces GenAI-powered data documentation and labeling to reduce manual work
Dremio has unveiled AI-powered data discovery capabilities that accelerate and simplify data contextualization and description for analytics, along with improved capabilities that extend its leadership as the analytics engine for Apache Iceberg. Expa.....»»
Nanodiamonds can block tumor metastasis in mice, study shows
Nanodiamonds are 2–8 nm carbon nanoparticles, which can be easily functionalized with various chemical groups like carboxylic groups or drugs. Previous research has shown that actively dividing cells are more likely to absorb nanodiamonds and that.....»»
Google fixes Chrome zero day exploited in the wild (CVE-2023-6345)
Google has released an urgent security update to fix a number of vulnerabilities in Chrome browser, including a zero-day vulnerability (CVE-2023-6345) that is being actively exploited in the wild. About CVE-2023-6345 CVE-2023-6345, reported by Benoî.....»»
ownCloud vulnerability with maximum 10 severity score comes under “mass” exploitation
Easy-to-exploit flaw can give hackers passwords and cryptographic keys to vulnerable servers. Enlarge (credit: Getty Images) Security researchers are tracking what they say is the “mass exploitation” of a security vu.....»»
Design flaw leaves Google Workspace vulnerable for takeover
A design flaw in Google Workspace’s domain-wide delegation feature, discovered by Hunters’ Team Axon, can allow attackers to misuse existing delegations, enabling privilege escalation and unauthorized access to Workspace APIs without Super Admin.....»»
Microsoft’s ugly sweater for 2023 is Windows XP’s iconic default wallpaper
The world's most-recognizable default wallpaper is back, in sweater form. Enlarge (credit: Microsoft) Windows XP was an actively supported Microsoft product for 13 years, including five years where it was the newest vers.....»»
PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214)
A proof-of-concept (PoC) exploit for a high-severity flaw in Splunk Enterprise (CVE-2023-46214) that can lead to remote code execution has been made public. Users are advised to implement the provided patches or workarounds quickly. About CVE-2023-46.....»»
Week in review: LockBit exploits Citrix Bleed, Apache ActiveMQ bug exploited for cryptojacking
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PolarDNS: Open-source DNS server tailored for security evaluations PolarDNS is a specialized authoritative DNS server that allows the operator to pr.....»»
Thousands of routers and cameras vulnerable to new 0-day attacks by hostile botnet
Internet scans show 7,000 devices may be vulnerable. The true number could be higher. Enlarge (credit: Aurich Lawson / Ars Technica) Miscreants are actively exploiting two new zero-day vulnerabilities to wrangle routers.....»»
How LockBit used Citrix Bleed to breach Boeing and other targets
CVE-2023-4966, aka “Citrix Bleed”, has been exploited by LockBit 3.0 affiliates to breach Boeing’s parts and distribution business, and “other trusted third parties have observed similar activity impacting their organization,&.....»»
Apache ActiveMQ bug exploited to deliver Kinsing malware
Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. CVE-2023-46604 exploitation Apache ActiveMQ is a popular Java-based open sourc.....»»
Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671)
CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been patched by the company in April 2023. About CVE-2023-1671 CVE-2023-1671 is.....»»
Tim Cook defends Apple Watch privacy focus in mental health talk
Tim Cook had to defend Apple's privacy policies during a meeting with Jill Biden and political spouses, after an accusation that Apple Watch users are being actively "watched."Apple CEO Tim CookApple CEO Tim Cook welcomed the spouses of political lea.....»»
Tim Cook defends privacy focus in APEC discussion group
Tim Cook had to defend Apple's privacy policies during a meeting with Jill Biden and political spouses, after an accusation that Apple Watch users are being actively "watched."Apple CEO Tim CookApple CEO Tim Cook welcomed the spouses of political lea.....»»
Amazon Drive is shutting down, but user files are now in Amazon Photos
Customers still actively using Amazon Drive need to start using Amazon Photos by December 31, 2023.Amazon DriveThe Amazon Drive service is ending, but customers don't need to take any action beyond moving to Amazon Photos. Access to all the files in.....»»