Creating a formula for effective vulnerability prioritization
In this Help Net Security interview, Michael Gorelik, CTO and Head of Malware Research at Morphisec, provides insights into the business impact of vulnerabilities. Gorelik discusses challenges posed by regulatory frameworks, incomplete asset inventor.....»»
AI is creating a new generation of cyberattacks
Most businesses see offensive AI fast becoming a standard tool for cybercriminals, with 93% of security leaders expecting to face daily AI-driven attacks, according to Netacea. Offensive AI in cyberattacks The research, “Cyber security in the age o.....»»
Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets
WP Automatic plugin patched, but release notes don't mention the critical fix. Enlarge (credit: Getty Images) Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-.....»»
First-of-its-kind study shows that conservation actions are effective at halting and reversing biodiversity loss
A study published April 25, in the journal Science provides the strongest evidence to date that not only is nature conservation successful, but that scaling conservation interventions up would be transformational for halting and reversing biodiversit.....»»
Freeze casting—a guide to creating hierarchically structured materials
Freeze casting is an elegant, cost-effective manufacturing technique to produce highly porous materials with custom-designed hierarchical architectures, well-defined pore orientation, and multifunctional surface structures. Freeze-cast materials are.....»»
Cows" milk particles used for effective oral delivery of drugs
Researchers have found that tiny particles present in cows' milk could offer, for the first time, an effective method for the oral delivery of RNA drugs......»»
Secureworks enables users to view known vulnerabilities in the context of threat data
Secureworks announced the ability to integrate vulnerability risk context with threat detection to prevent attackers from exploiting known vulnerabilities and expedite response times, improving an organization’s security posture. The integration be.....»»
PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)
More details of and a proof-of-concept exploit for an unauthenticated OS command injection vulnerability (CVE-2024-2389) in Flowmon, Progress Software’s network monitoring/analysis and security solution, have been published. The critical vulner.....»»
Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)
For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service (CVE-2022-38028). Dubbed GooseEgg, the tool is a launcher.....»»
A global plastics treaty is being negotiated in Ottawa this week—here"s the latest
Plastic pollution spans the globe, yet national policies are generally not effective enough, and have so far focused primarily on waste management rather than targeting the root cause. To make matters worse, the global trade in plastic waste tends to.....»»
How creating less-gassy cows could help fight climate change
A Curtin University study has revealed breeding less-flatulent cows and restoring agricultural land could significantly reduce rising methane emission levels, which play a considerable role in climate change......»»
Trellix Email Security for Microsoft Office 365 improves email defense
Trellix announced Trellix Email Security for Microsoft Office 365. Combining threat detection, threat intelligence, and security expertise, Trellix offers Microsoft Office 365 customers more cost-effective alternative to Microsoft Defender for Office.....»»
CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)
A vulnerability (CVE-2024-4040) in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. The vulnerability allows attackers to escape their virtual file system and download system.....»»
Windows vulnerability reported by the NSA exploited to install Russian malware
Microsoft didn't disclose the in-the-wild exploits by Kremlin-backed group until now. Enlarge (credit: Getty Images) Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years in attack.....»»
Windows vulnerability reported by the NSA exploited to install Russian backdoor
Microsoft didn't disclose the in-the-wild exploits by Kremlin-backed group until now. Enlarge (credit: Getty Images) Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years in attack.....»»
An Apple insider just revealed how iOS 18’s AI features will work
Apple is reportedly trying to emulate the same formula that Google deployed for putting Gemini AI on Pixel phones. But Apple's approach might be more practical......»»
Diamond-based quantum sensing microscope offers effective approach for quantifying cellular forces
Cells rely on constant interplay and information exchange with their micro-environment to ensure their survival and perform biological functions. Hence, precise quantification of tiny cellular adhesion forces, spanning from piconewtons to a few nanon.....»»
Fuxnet malware: Growing threat to industrial sensors
In this Help Net Security video, Sonu Shankar, Chief Strategy Officer at Phosphorus, discusses how Blackjack’s Fuxnet malware should be a wakeup call to industrial operators about the vulnerability of sensor networks and the outsized impact these a.....»»
How to optimize your bug bounty programs
In this Help Net Security interview, Roy Davis, Manager – Vulnerability Management & Bug Bounty at Zoom, discusses the role bug bounty programs play in identifying security vulnerabilities and facilitating collaboration with researchers. He off.....»»
Cost-effective nanorod electrodes for molecular hydrogen production
SUNY Polytechnic Institute (SUNY Poly) Associate Professor of Electrical and Computer Engineering Technology Dr. Iulian Gherasoiu and peers have published research in the Journal of Applied Electrochemistry titled "MoVN-coated MoNi4-MoO2 nanorods as.....»»
The importance of the Vulnerability Operations Centre for cybersecurity
The importance of the Vulnerability Operations Centre for cybersecurity.....»»