Cacti servers under attack by attackers exploiting CVE-2022-46169
If you’re running the Cacti network monitoring solution and you haven’t updated it since early December, now is the time to do it to foil attackers exploiting a critical command injection flaw (CVE-2022-46169). About Cacti and CVE-2022-46.....»»
Hackers infect ISPs with malware that steals customers’ credentials
Zero-day that was exploited since June to infect ISPs finally gets fixed. Enlarge (credit: Getty Images) Malicious hackers likely working on behalf of the Chinese government have been exploiting a high-severity zero-day.....»»
Lateral movement: Clearest sign of unfolding ransomware attack
44% of unfolding ransomware attacks were spotted during lateral movement, according to Barracuda Networks. 25% of incidents were detected when the attackers started writing or editing files, and 14% were unmasked by behavior that didn’t fit with kn.....»»
Record-breaking drought in southern China linked to Eurasian warming and tropical sea surface temperature
Southern China experienced an extreme drought that persisted from summer to autumn in 2022, ranking as the most severe drought since 1980. The reason for the occurrence of this extreme drought event was investigated. It shows that both the Eurasian w.....»»
SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766)
SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific conditions, to crash the appliances. About CVE-2024-40766 CVE-2024-40766 is.....»»
After wildfires, mudslides come: Fighting the impact of climate change on rural communities
It took more than 25 years for Rhonda MacDonald and her family to transform their 41-hectare property on the Shackan Indian Band Lands, south of Merritt, BC, into a vibrant business and homestead—but a massive 2022 debris flow changed everything in.....»»
Model highlights three roots of online toxicity
In 2022, Professor of Cognitive Neuroscience Dean Mobbs began to investigate the relationship between social media use and mental health and well-being. As his research program ramps up to test brain activity and physiological markers of stress durin.....»»
Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PostgreSQL databases under attack Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers......»»
NASA’s Starliner decision was the right one, but it’s a crushing blow for Boeing
It's unlikely Boeing can fly all six of its Starliner missions before retirement of the ISS in 2030. Enlarge / A Starliner spacecraft mounted on top of an Atlas V rocket before an unpiloted test flight in 2022. (credit: Boeing).....»»
NASA"s DART impact permanently changed the shape and orbit of asteroid moon, new study shows
When NASA's Double Asteroid Redirection Test (DART) spacecraft collided with an asteroid moon called Dimorphos in 2022, the moon was significantly deformed—creating a large crater and reshaping it so dramatically that the moon derailed from its ori.....»»
This new Android malware can steal your card details via the NFC chip
Security researchers spot a sophisticated attack that steals people's NFC data and can be used to steal money, and more......»»
Researcher: Young Black people are disproportionately strip-searched—ways the justice system treats them as a threat
A new report from the Children's Commissioner for England has found that 457 strip searches of children by police took place between July 2022 and June 2023. The report shows that Black children were four times more likely, when compared to national.....»»
This underrated mystery series is climbing the Netflix charts. Is it worth watching?
Emily in Paris, watch out! This underrated mystery series from 2022 is one of Netflix's most popular shows right now. Here's why it's worth a binge......»»
Wallarm API Attack Surface Management mitigates API leaks
Wallarm announced its latest innovation: API Attack Surface Management (AASM). This agentless technology transforms how organizations identify, analyze, and secure their entire API attack surface. Designed for effortless deployment, Wallarm AASM empo.....»»
Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800)
A critical vulnerability (CVE-2024-6800) affecting all currently supported versions of GitHub Enterprise Server (GHES) may allow attackers to gain unrestricted access to the instance’s contents. The issue, reported via the GitHub Bug Bounty pro.....»»
New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971)
A new Chrome zero-day vulnerability (CVE-2024-7971) exploited by attackers in the wild has been fixed by Google. About CVE-2024-7971 CVE-2024-7971 is a high-severity vulnerability caused by a type confusion weakness in V8, the open-source JavaScript.....»»
Android malware uses NFC to steal money at ATMs
ESET researchers uncovered NGate malware, which can relay data from victims’ payment cards via a malicious app installed on their Android devices to the attacker’s rooted Android phone. Attack overview (Source: ESET) Unauthorized ATM withdrawals.....»»
GenAI models are easily compromised
95% of cybersecurity experts express low confidence in GenAI security measures while red team data shows anyone can easily hack GenAI models, according to Lakera. Attack methods specific to GenAI, or prompt attacks, are easily used by anyone to manip.....»»
Top architectural firm reveals it was hit by major ransomware attack
CannonDesign starts notifying people a year and a half after the incident......»»
PostgreSQL databases under attack
Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. The attack – observed by Aqua Security researchers on a honeypot system – starts with the threat actors brute-forcing access.....»»
Netflix’s best TV show right now is this riveting 2020 British crime drama
This 2020-2022 AMC series is one TV's great crime dramas. Now streaming on Netflix, here's why you shouldn't miss out on the next great binge-worthy hit......»»