Critics fume after Github removes exploit code for Exchange vulnerabilities
Microsoft-owned Github pulls down proof-of-concept code posted by researcher. Enlarge (credit: Github) Github has ignited a firestorm after the Microsoft-owned code-sharing repository removed a proof-of-concept exploit for critical vulnerabili.....»»
Adaptiva improves collaboration between IT and security teams with vulnerability dashboards
Adaptiva announces the latest feature release for OneSite Patch: vulnerability dashboards. These new dashboards provide real-time visibility into Common Vulnerabilities and Exposures (CVEs) in the environment and patches that can remediate them–emp.....»»
Passbook lets you create an Apple Wallet pass from any QR code
I’m a big fan of the Wallet app as a single place to store all my tickets and passes for everything from travel to theater, but not every company directly supports the app. Passbook is one of a number of apps which allow you to take any existing.....»»
Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409)
If you run a self-managed GitLab installation with configured SAML-based authentication and you haven’t upgraded it since mid-September, do it now, because security researchers have published an analysis of CVE-2024-45409 and an exploit script.....»»
How Chlamydia pneumoniae bacteria use molecular mimicry to manipulate the host cell
Bacteria that cause diseases, so-called pathogens, develop various strategies to exploit human cells as hosts to their own advantage. A team of biologists from Heinrich Heine University Düsseldorf (HHU), together with medical professionals and exper.....»»
The Tech industry"s vulnerabilities exposed by CrowdStrike outage
The Tech industry"s vulnerabilities exposed by CrowdStrike outage.....»»
Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572)
For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug affecting the Windows MSHTML Platform, and CVE-2024-43572, a remote code execution.....»»
BreachLock Attack Surface Analytics strengthens enterprise CTEM capabilities
BreachLock strengthens continuous threat exposure management (CTEM) capabilities for enterprise customers with its new Attack Surface Analytics feature. Time is of the essence when Fortune 500 security teams find themselves waking up to a Code Red vu.....»»
Qualcomm zero-day under targeted exploitation (CVE-2024-43047)
An actively exploited zero-day vulnerability (CVE-2024-43047) affecting dozens of Qualcomm’s chipsets has been patched by the American semiconductor giant. About CVE-2024-43047 On Monday, Qualcomm has confirmed patches for 20 vulnerabilities af.....»»
OTAVA S.E.C.U.R.E. Score simplifies cybersecurity strategy for businesses
OTAVA introduced the OTAVA S.E.C.U.R.E. Score to help businesses further improve their security posture. The S.E.C.U.R.E. Score is a dynamic metric that assesses vulnerabilities, and makes recommendations on how to close security gaps and minimize ri.....»»
Data Theorem Code Secure helps security and DevOps teams secure their software
Data Theorem launched Code Secure, the latest evolution in application security designed to protect the software supply chain from code to deployment. Code Secure uniquely integrates Static Application Security Testing (SAST), Software Composition An.....»»
OpenAI’s Canvas can translate code between languages with a click
New side-by-side document and code-editing feature catches up with Anthropic's Artifacts. On Thursday, OpenAI unveiled Canvas, a new interface for ChatGPT designed to enhance coll.....»»
ChatGPT"s new "Canvas" is the AI collaborator you didn"t know you needed
OpenAI releases new ChatGPT Canvas feature for editing text and code......»»
CUPS vulnerabilities could be abused for DDoS attacks
While the Common UNIX Printing System (CUPS) vulnerabilities recently disclosed by researcher Simone “evilsocket” Margaritelli are not easily exploited for remote command execution on vulnerable systems, they could offer more opportunity.....»»
Attackers exploit critical Zimbra vulnerability using cc’d email addresses
When successful, attacks install a backdoor. Getting it to work reliably is another matter. Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimb.....»»
The Android 16 code name has leaked, and it’s not what we expected
A key Android 16 detail has leaked: its dessert-themed code name......»»
Switch emulator Ryujinx shuts down development after “contact by Nintendo”
GitHub removal comes months after a Nintendo lawsuit took down the Yuzu emulator. Popular open source Nintendo Switch emulator Ryujinx has been removed from GitHub, and the team b.....»»
One-minute phone breaks could help keep students more focused in class and better in tests
Phones can be useful tools in classrooms to remind students of deadlines or encourage more exchange between students and teachers. At the same time, they can be distracting. Students report using their phones for non-academic purposes as often as 10.....»»
Switch emulator Ryujinx shuts down development after “contact by Nintendo”
GitHub removal comes months after a Nintendo lawsuit took down the Yuzu emulator. Enlarge / These copyrighted Switch games shown on Ryujinx's former GitHub page probably didn't curry any favor with Nintendo. (credit: Ryujinx / In.....»»
Apple silently removes Beddit apps from iOS App Store
It’s been seven years since Apple acquired Beddit, a platform specializing in sleep monitoring. In 2022, the company began phasing out Beddit products by removing them from retail stores. Now Apple has also removed Beddit apps from the iOS App Stor.....»»
QR Code phishing is advancing to a new level, so be on your guard
New phishing campaigns employ two QR codes - a 'clean' one, and a malicious one......»»