Apache Flink flaw is back, and being actively exploited
An improper access control flaw is being actively exploited, CISA is warning......»»
Multi-state Apple fraud ring exposed by DHS after routine traffic stop
The Department of Homeland Security busted a sophisticated counterfeiting operation where fraudsters exploited retail return policies to swap genuine Apple products with counterfeit devices nationwide.The Department of Homeland SecurityChalvin Tan wa.....»»
VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085)
Ransomware operators have been leveraging CVE-2024-37085, an authentication bypass vulnerability affecting Active Directory domain-joined VMware ESXi hypervisors, to gain full administrative access to them and encrypt their file system. VMware owner.....»»
Critical Acronis Cyber Infrastructure vulnerability exploited in the wild (CVE-2023-45249)
CVE-2023-45249, a critical vulnerability affecting older versions of Acronis Cyber Infrastructure, is being exploited by attackers. About Acronis Cyber Infrastructure Acronis is a privately held Swiss cybersecurity and data protection technology comp.....»»
Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
Progress Software has fixed a critical vulnerability (CVE-2024-6327) in its Telerik Report Server solution and is urging users to upgrade as soon as possible. About CVE-2024-6327 (and CVE-2024-6096) Telerik Report Server is an enterprise solution for.....»»
Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
A critical-severity Docker Engine vulnerability (CVE-2024-41110) may be exploited by attackers to bypass authorization plugins (AuthZ) via specially crafted API request, allowing them to perform unauthorized actions, including privilege escalation. A.....»»
From Hungary to Maker Faire Rome: AKG Robotics + Piezo Young Makers
In the heart of Budapest, Hungary, innovation and education converge at the AKG School's robotics club, AKG Robotics. Here, students are not only learning about technology but are actively creating it. The post From Hungary to Maker Faire Rome:.....»»
AKG Robotics: Smart Pot and Smart Table
In the heart of Budapest, Hungary, innovation and education converge at the AKG School's robotics club, AKG Robotics. Here, students are not only learning about technology but are actively creating it. The post AKG Robotics: Smart Pot and Smart.....»»
Week in review: CrowdStrike update causes widespread IT outage, critical Splunk Enterprise flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Faulty CrowdStrike update takes out Windows machines worldwide Thousands and possibly millions of Windows computers and servers worldwide have been.....»»
CrowdStrike explained: How one faulty update killed half the world’s IT systems
The sheer scale of the global IT outage caused by a faulty software update has left many wondering how one update to one company’s security software could have such massive impact. Ironically, the effect of the CrowdStrike flaw has been almost i.....»»
Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)
A recently fixed vulnerability (CVE-2024-36991) affecting Splunk Enterprise on Windows “is more severe than it initially appeared,” according to SonicWall’s threat researchers. Several PoC exploits have been published, including one.....»»
Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
The zero-day exploit used to leverage CVE-2024-38112, a recently patched Windows MSHTML vulnerability, was wielded by an APT group dubbed Void Banshee to deliver malware to targets in North America, Europe, and Southeast Asia, threat hunters with Tre.....»»
Week in review: RADIUS protocol critical vuln, Microsoft 0-day exploited for a year, AT&T breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Hackers stole call, text records of “nearly all” of AT&T’s cellular customers Hackers leveraging stolen Snowflake account credentials have sto.....»»
Threat actors exploited Windows 0-day for more than a year before Microsoft fixed it
The goal of the exploits was to open Explorer and trick targets into running malicious code. Enlarge (credit: Getty Images) Threat actors carried out zero-day attacks that targeted Windows users with malware for more tha.....»»
Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)
CVE-2024-38112, a spoofing vulnerability in Windows MSHTML Platform for which Microsoft has released a fix on Tuesday, has likely been exploited by attackers in the wild for over a year, Check Point researcher Haifei Li has revealed. “Check Poi.....»»
Researchers uncover key mechanisms in chromosome structure development
Researchers at Rice University are making strides in understanding how chromosome structures change throughout the cell's life cycle. Their study on motorized processes that actively influence the organization of chromosomes appears in the Proceeding.....»»
“RegreSSHion” vulnerability in OpenSSH gives attackers root on Linux
Full system compromise possible by peppering servers with thousands of connection requests. Enlarge Researchers have warned of a critical vulnerability affecting the OpenSSH networking utility that can be exploited to g.....»»
Federal agency warns critical Linux vulnerability being actively exploited
Cybersecurity and Infrastructure Security Agency urges affected users to update ASAP. Enlarge (credit: Getty Images) The US Cybersecurity and Infrastructure Security Agency has added a critical security bug in Linux to i.....»»
Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919)
Attackers have been exploiting CVE-2024-24919, a zero-day vulnerability in Check Point Security Gateways, to pinpoint and extract password hashes for local accounts, which they then used to move laterally in the target organizations’ network. &.....»»
Ford recalls nearly 110,000 Lincoln Aviators for rearview camera flaw
Ford Motor Co. is recalling 109,283 Lincoln Aviators because of faulty rearview cameras that flicker and shake from customer mobile phone electromagnetic frequency waves......»»
Researchers crack 11-year-old password, recover $3 million in bitcoin
A flaw with the digital wallet and a bit of luck did the trick. Enlarge (credit: Flavio Coelho/Getty Images) Two years ago when “Michael,” an owner of cryptocurrency, contacted Joe Grand to help recover access to abo.....»»