Exploited 0-days, an incomplete fix, and a botched disclosure: Infosec snafu reigns
The exploited code-execution flaws are the kind coveted by ransomware and nation-state hackers. Enlarge (credit: Getty Images) Organizations big and small are once again scrambling to patch critical vulnerabilities that.....»»
Five-day work week builds work–life balance in construction
Construction workers typically work six days a week but research tracking a five-day work week in the industry shows flexibility is key to improving worker well-being, with minimal perceived impact on productivity......»»
New infosec products of the week: May 3, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Appdome, Cybersixgill, Proofpoint, Secure Code Warrior, Snyk, and Synopsys. Cybersixgill Third-Party Intelligence module identifies potential supply chain ri.....»»
Scientists" new approach in fight against counterfeit alcohol spirits
In the shadowy world of counterfeit alcoholic spirit production, where profits soar and brands are exploited, the true extent of this illegal market remains shrouded......»»
Cell contraction drives the initial shaping of human embryos, study finds
Human embryo compaction, an essential step in the first days of an embryo's development, is driven by the contractility of its cells. This is the finding of a team of scientists from CNRS, Institut Curie, Inserm, AP-HP and the Collège de France. Pub.....»»
Infosec products of the month: April 2024
Here’s a look at the most interesting products from the past month, featuring releases from: Akamai, Bitdefender, CyberInt, Fastly, Forcepoint, IDnow, Immuta, Index Engines, Invicti Security, LogRhythm, Netwrix, Owl Cyber Defense Solutions, Privace.....»»
Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades
There are proof-of-concept techniques allowing attackers to achieve persistence on Palo Alto Networks firewalls after CVE-2024-3400 has been exploited, the company has confirmed on Monday, but they are “not aware at this time of any malicious a.....»»
Researchers unveil novel attack methods targeting Intel’s conditional branch predictor
Researchers have found two novel types of attacks that target the conditional branch predictor found in high-end Intel processors, which could be exploited to compromise billions of processors currently in use. The multi-university and industry resea.....»»
UK enacts IoT cybersecurity law
The Product Security and Telecommunications Infrastructure (PSTI) Act has come into effect today, requiring manufacturers of consumer-grade IoT products sold in the UK to stop using guessable default passwords and have a vulnerability disclosure poli.....»»
I spent four days with the AI gadget of the future, and it was a mess
The Rabbit R1 is an AI-powered gadget that can help you get things done quicker than you're able to with your phone. At least, that's what it's supposed to do......»»
1 in 3 Americans Live in Areas With Dangerous Air Pollution
Climate change is increasing the number of days people are exposed to hazardous pollution, affecting already disadvantaged communities the most......»»
Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 2024
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) A state-sponsored threat actor has managed to compromise Cis.....»»
The Galaxy Z Fold 6 and Flip 6 release date just leaked
Samsung may launch the Galaxy Ring, Z Fold 6, Z Flip 6, and the Galaxy Watch 7 series in the days leading up to the Paris Olympics......»»
New infosec products of the week: April 26, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Cyberint, Forcepoint, Invicti Security, Netwrix, Trend Micro, Zero Networks, and WhyLabs. Trend Micro launches AI-driven cyber risk management capabilities T.....»»
Tech brands are forcing AI into your gadgets—whether you asked for it or not
The "AI mouse" is just the start. Enlarge / Tech brands love hollering about the purported thrills of AI these days. (credit: Getty) Logitech announced a new mouse last week. A company rep reached out to inform Ars of.....»»
Review: Satechi launches two new 15W Qi2 charging stands with folding designs
Satechi, today, is launching its first-ever Qi2 chargers for iPhone 15. I’ve been using them over the past few days and am already in love with the premium folding designs, 15W charging speeds, and the option to add in Apple Watch fast-charging for.....»»
Hands-on: The best iOS features to upgrade your travel experience [Video]
I was recently lucky enough to go on a great vacation where we spent eight days traveling across Europe. One of the things I noticed was just how helpful my iPhone was throughout this experience. Yes, we all know that we can use maps to help us navig.....»»
Dead Boy Detectives review: a Sandman spinoff that stands on its own
Longing for the monster-of-the-week days of Buffy the Vampire Slayer and Supernatural? Then Dead Boy Detectives, Netflix's new fantasy show, is just the ticket......»»
Congo accuses Apple of using illegal conflict minerals in its supply chain
The Democratic Republic of Congo is accusing Apple of using illegally exploited minerals sourced in the eastern regions, involving violence, child labor and other human rights violations. This allegation disagrees with Apple’s published Conflic.....»»
Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)
A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on government networks across the globe and use two zero-day vulnerabilities (CVE-2024-20353, CVE-2024-20359) to install backdoors on them, Cisco T.....»»
Nation-state hackers exploit Cisco firewall 0-days to backdoor government networks
Perimeter devices ought to prevent network hacks. Why are so many devices allowing attacks? Enlarge (credit: Getty Images) Hackers backed by a powerful nation-state have been exploiting two zero-day vulnerabilities in Ci.....»»