As if two Ivanti vulnerabilities under explot wasn’t bad enough, now there are 3
Hackers looking to diversify, began mass exploiting a new vulnerability over the weekend. Enlarge (credit: Getty Images) Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN.....»»
Microsoft patches two zero-days exploited by attackers (CVE-2024-21412, CVE-2024-21351)
On February 2024 Patch Tuesday, Microsoft has delivered fixes for 72 CVE-numbered vulnerabilities, including two zero-days (CVE-2024-21412, CVE-2024-21351) that are being leveraged by attackers in the wild. About CVE-2024-21412 and CVE-2024-21351 CVE.....»»
Roundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770)
CVE-2023-43770, a vulnerability in the Roundcube webmail software that has been fixed in September 2023, is being exploited by attackers in the wild, CISA has warned by adding the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. Ab.....»»
Attackers injected novel DSLog backdoor into 670 vulnerable Ivanti devices (CVE-2024-21893)
Hackers are actively exploiting a vulnerability (CVE-2024-21893) in Ivanti Connect Secure, Policy Secure and Neurons for ZTA to inject a “previously unknown and interesting backdoor” dubbed DSLog. CVE-2024-21893 patches and exploitation I.....»»
Critical Fortinet FortiOS flaw exploited in the wild (CVE-2024-21762)
Fortinet has patched critical remote code execution vulnerabilities in FortiOS (CVE-2024-21762, CVE-2024-23313), one of which is “potentially” being exploited in the wild. The exploitation-in-the-wild has been confirmed by CISA, by adding.....»»
Jon Stewart became a problem for Apple TV+
"The Problem with Jon Stewart" wasn't cancelled because of what the host said, but what he could have said on Apple TV+ in the future, had the show continued.'The Problem with Jon Stewart' [Apple TV+]Apple canceled "The Problem with John Stewart" in.....»»
Before Ingenuity ever landed on Mars, scientists almost managed to kill it
"The Mars 2020 science team wasn't interested in Ingenuity." Enlarge / This is the final photo that Perseverance took of Ingenuity before moving away from its final resting spot. (credit: NASA/Simeon Schmauß) MiMi Aung.....»»
February 2024 Patch Tuesday forecast: Zero days are back and a new server too
January 2024 Patch Tuesday is behind us. A relatively light release from Microsoft with 39 CVEs addressed in Windows 10, 35 in Windows 11, and surprisingly no zero-day vulnerabilities from Microsoft to start the new year. January’s release was a bi.....»»
Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893)
CVE-2024-21893, a server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure VPN gateways and Policy Secure (a network access control solution), is being exploited by attackers. About CVE-2024-21893 CVE-2024-21893 allows a attac.....»»
Adaptiva launches risk-based prioritization capability for OneSite Patch
Adaptiva announced the deployment of its new risk-based prioritization capability for OneSite Patch. The automated risk-based prioritization feature enables IT professionals to prioritize and patch vulnerabilities based on criticality and risk severi.....»»
Tesla driver admits he wasn’t actually arrested for idiotic Vision Pro stunt (sadly)
We’ve seen a lot of idiotic stunts since Vision Pro launched on Friday, perhaps none more viral and stupid than Dante Lentini driving a Tesla while wearing Vision Pro. And while Lentini’s video would lead you to believe he got pulled over by t.....»»
As if 2 Ivanti vulnerabilities under exploit weren’t bad enough, now there are 3
Hackers looking to diversify began mass-exploiting a new vulnerability over the weekend. Enlarge (credit: Getty Images) Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN s.....»»
As if two Ivanti vulnerabilities under exploit weren’t bad enough, now there are 3
Hackers looking to diversify, began mass exploiting a new vulnerability over the weekend. Enlarge (credit: Getty Images) Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN.....»»
As if two Ivanti vulnerabilities under explot wasn’t bad enough, now there are 3
Hackers looking to diversify, began mass exploiting a new vulnerability over the weekend. Enlarge (credit: Getty Images) Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN.....»»
Team of astronomers discovers galaxy that shouldn"t exist
A team of astronomers, led by Arizona State University Assistant Research Scientist Tim Carleton, has discovered a dwarf galaxy that appeared in James Webb Space Telescope imaging that wasn't the primary observation target......»»
Agencies using vulnerable Ivanti products have until Saturday to disconnect them
Things were already bad with two critical zero-days. Then Ivanti disclosed a new one. Enlarge (credit: Getty Images) Federal civilian agencies have until midnight Saturday morning to sever all network connections to Ivan.....»»
FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities
The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) vulnerabilities for lateral movement and privilege escalation. The FritzFro.....»»
CVEMap: Open-source tool to query, browse and search CVEs
CVEMap is an open-source command-line interface (CLI) tool that allows you to explore Common Vulnerabilities and Exposures (CVEs). It’s designed to offer a streamlined and user-friendly interface for navigating vulnerability databases. Although.....»»
OpenAI announces ChatGPT-4 Turbo and ChatGPT 3.5 Turbo model updates
GPT-4 wasn't putting in the work. Also, lower prices for GPT 3.5 Turbo, other model updates. Enlarge (credit: Getty Images) On Thursday, OpenAI announced updates to the AI models that power its ChatGPT assistant. Amid le.....»»
45% of critical CVEs left unpatched in 2023
Global attack attempts more than doubled in 2023, increasing 104%, according to Armis. Blind spots and critical vulnerabilities are worsening, with 45% of critical CVEs remaining unpatched. Utilities (over 200% increase) and manufacturing (165% incre.....»»
Apple Music Classical now available for users in China, Japan and other Asian countries
Apple this week launched the Apple Musical Classical app in some Asian countries, including China and Japan. Although the app was launched last year in dozens of countries, it wasn’t available to users located in Asia until now. more….....»»