CISA starts CVE “vulnrichment” program
The US Cybersecurity and Infrastructure Agency (CISA) has announced the creation of “Vulnrichment,” a new project that aims to fill the CVE enrichment gap created by NIST National Vulnerability Database’s recent slowdown. NVD is fai.....»»
Using DNA to identify seabird bycatch
Australian Antarctic Program scientists have used DNA technology to help identify threatened albatross, petrel and shearwater species caught unintentionally (as 'bycatch') during longline fishing operations in Australian waters......»»
Inside the 2024 CWE Top 25: Trends, surprises, and persistent challenges
In this Help Net Security interview, Alec Summers, Project Leader for the CVE Program at MITRE, shares his insights on the 2024 CWE top 25 most dangerous software weaknesses. He discusses the impact of the new methodology that involves the CNA commun.....»»
"Marching orders haven"t changed": New Artemis mobile launcher takes shape amid uncertain future
Months after an alarmist review from NASA's Office of the Inspector General, hundreds of construction workers seem out to prove their critics wrong as progress picks up steam on the Artemis program's mobile launcher 2, the platform atop which future.....»»
Best Black Friday Amazon deals: $150 off M4 iMac, $250 off MacBook, $169 Apple Watch
Amazon's official Black Friday Deals Week event starts now and we have live coverage of today's best Apple deals, including new low prices on M4 Macs, the 2024 iPad mini 7, current Apple Watch models and more.Amazon's Black Friday deals on Apple star.....»»
New AI features are now available for select Motorola phones
If you have one of these Motorola devices, you can now enroll in Motorola's open beta program for the latest AI features......»»
Conservation program prepares captive parrots for life in the wild
Researchers at the Texas A&M College of Veterinary Medicine and Biomedical Sciences (VMBS) are working with parrot free-flight experts and partners in Brazil in an effort to increase the success rate of releasing captive parrots into the wild......»»
OpenAI’s Sora was leaked in protest over allegations of ‘art washing’
A group calling itself Sora PR Puppets briefly leaked access to OpenAI's unreleased video generator in protest of the company's alleged exploitation of artists through its early access program......»»
Researchers reveal exploitable flaws in corporate VPN clients
Researchers have discovered vulnerabilities in the update process of Palo Alto Networks (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients that could be exploited to remotely execute code on users’ devices. CVE-2024-5921 CVE-2.....»»
You can now get an Apple Watch Series 10 (mostly) free as a reward for exercise
Many Apple Watch buyers have aspirations of improving their health with the new device. But John Hancock offers a program that provides a much bigger incentive to do so. With its Vitality Plus life insurance program, you can now get an (almost) free.....»»
RomCom hackers chained Firefox and Windows zero-days to deliver backdoor
Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege vulnerability in Windows Task Scheduler, as zero-days earlier this year. “Ch.....»»
Xbox is shuttering its Avatars, but you still have time to customize yours
Xbox is shutting down its avatar program in January 2025, but there's still time to customize it......»»
Supreme Court to review 5th Circuit ruling that upends Universal Service Fund
5th Circuit ruling threatens $8 billion program that expands broadband access. The US Supreme Court will hear appeals of a 5th Circuit ruling that called Universal Service fees on.....»»
The Chesapeake Bay"s "dead zone" stays at long-term average: It"s a "good sign"
The dead zone in the Chesapeake Bay, where there's low oxygen for underwater life, was near its average size in 2024, according to new data from the Chesapeake Bay Program......»»
Ted Cruz wants to overhaul $42B broadband program, nix low-cost requirement
Cruz claims grant program is "boondoggle," urges Biden admin to halt activities. Emboldened by Donald Trump's election win, Republicans are seeking big changes to a $42.45 billion.....»»
2,000 Palo Alto Networks devices compromised in latest attacks
Attackers have compromised around 2,000 Palo Alto Networks firewalls by leveraging the two recently patched zero-days (CVE-2024-0012 and CVE-2024-9474), Shadowserver Foundation’s internet-wide scanning has revealed. Compromised devices are pred.....»»
Best Black Friday Amazon deals: $100 off M4 Mac mini, $250 off MacBook, $189 Apple Watch
Amazon's official Black Friday Deals Week event starts now and we have live coverage of today's best Apple deals, including new low prices on M4 Macs, the 2024 iPad mini 7, current Apple Watch models and more.Amazon's Black Friday deals on Apple star.....»»
GitHub Secure Open Source Fund: Project maintainers, apply now!
GitHub is calling on maintainers of open source projects to apply for the newly opened Secure Open Source Fund, to get funding and knowledge to improve the security and sustainability of their software. The program is funded by companies (AmEx Chaing.....»»
Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308)
Apple has released emergency security updates for macOS Sequoia that fix two zero-day vulnerabilities (CVE-2024-44309, CVE-2024-44308) that “may have been actively exploited on Intel-based Mac systems”. About CVE-2024-44309 and CVE-2024-4.....»»
Apple has officially ended its butterfly keyboard repair program for MacBooks
Apple no longer offers free repairs for MacBook models with the infamous "butterfly" keyboard, as the repair program for these machines has officially ended.Apple no longer offers repairs for the butterfly keyboard.The program was available for a wid.....»»
Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287)
Oracle has released a security patch for CVE-2024-21287, a remotely exploitable vulnerability in the Oracle Agile PLM Framework that is, according to Tenable researchers, being actively exploited by attackers. About CVE-2024-21287 Oracle Agile PLM Fr.....»»