How EU lawmakers can make mandatory vulnerability disclosure responsible
There is a standard playbook and best practice for when an organization discovers or is notified about a software vulnerability: The organization works quickly to fix the problem and, once a fix is available, discloses that vulnerability for the bene.....»»
Lazarus exploit Log4Shell vulnerability to deliver novel RAT malware
North Korea-backed group Lazarus has been spotted exploiting the Log4Shell vulnerability (CVE-2021-44228) and novel malware written in DLang (i.e., the memory-safe D programming language). “This campaign consists of continued opportunistic targ.....»»
Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support
With its innovative feature for generating reliable Vulnerability Exploitability eXchange (VEX) documents, Kubescape became the first open-source project to provide this functionality. This advancement offers security practitioners a powerful tool to.....»»
Researchers transform captured greenhouse gases into cyclic carbonates with biomass derivatives
Carbon dioxide is the main contributor to greenhouse gas emissions, which are responsible for global warming and climate change. Direct capture of CO2 in the air is one of the solutions proposed to reduce its concentration in the atmosphere, but comb.....»»
What is carbon capture and why does it keep coming up at COP28?
The future of fossil fuels is at the center of the United Nations climate summit in Dubai, where many activists, experts and nations are calling for an agreement to phase out the oil, gas and coal responsible for warming the planet. On the other side.....»»
New RCE vulnerability in Apache Struts 2 fixed, upgrade ASAP (CVE-2023-50164)
The Apache Struts project has released updates for the popular open-source web application framework, with fixes for a critical vulnerability that could lead to remote code execution (CVE-2023-50164). About CVE-2023-50164 CVE-2023-50164 may allow an.....»»
Navigating regulatory compliance during data disclosure
Ajay Bhatia at Veritas Technologies discusses how businesses can balance transparency with data compliance......»»
Malwarebytes unveils vulnerability assessment module to help users identify critical vulnerabilities
Malwarebytes announced its comprehensive vulnerability assessment module is now included in every ThreatDown bundle at no additional cost via its integrated console. Many IT organizations are struggling with rising cybersecurity costs associated with.....»»
Veteran Apple exec behind iPhone’s multitouch screen, Touch ID, and more departing
A veteran Apple executive responsible for a myriad of features over the years is departing the company. Bloomberg reports that Steve Hotelling, who worked on key technologies like the iPhone’s multitouch screen, Touch ID, and Face ID, is retiring f.....»»
Apple executive behind Touch ID, display multitouch is retiring
Steve Hotelling, A lesser-known Apple executive responsible for innovative technologies used in iPhone, iPad, and even Apple Vision Pro, is retiring from Apple.iPhoneApple has seen a handful of high-profile departures in 2023 with Steve Hotelling bei.....»»
CISA: Adobe ColdFusion flaw leveraged to access government servers (CVE-2023-26360)
Unknown attackers have leveraged a critical vulnerability (CVE-2023-26360) in the Adobe ColdFusion application development platform to access government servers, the Cybersecurity and Infrastructure Security Agency (CISA) has shared. About the exploi.....»»
Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397)
Russian state-backed hacking group Forest Blizzard (aka Fancy Bear, aka APT28) has been using a known Microsoft Outlook vulnerability (CVE-2023-23397) to target public and private entities in Poland, Polish Cyber Command has warned. Compromising emai.....»»
ChatGPT is writing legislation now
A Brazilian city councilman secretly submitted an ordinance written by ChatGPT. Uh oh, Brazilian city lawmakers unknowingly enacted a piece of legislation written by ChatGPT, Associated Press reports.The legislation was passed in October in the.....»»
Automakers’ data privacy practices “are unacceptable,” says US senator
OEMs collect too much personal data and share it too freely, says Senator Markey. Enlarge (credit: Getty Images) US Senator Edward Markey (D-Mass.) is one of the more technologically engaged of our elected lawmakers. And.....»»
Week in review: PoC for Splunk Enterprise RCE flaw released, scope of Okta breach widens
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Vulnerability disclosure: Legal risks and ethical considerations for researchers In this Help Net Security interview, Eddie Zhang, Principal Consult.....»»
Emissions inequality is getting worse—here"s how to end the reign of the ultra-polluters
Climate change is overwhelmingly a problem of wealthy people. The wealthiest 1% of humanity produce over 1,000 times the emissions of the poorest 1%. In fact, these 77 million people are responsible for more climate-changing emissions than the poores.....»»
Meteorites likely source of nitrogen for early Earth, Ryugu samples study finds
Micrometeorites originating from icy celestial bodies in the outer solar system may be responsible for transporting nitrogen to the near-Earth region in the early days of our solar system. That discovery was published in Nature Astronomy by an intern.....»»
Key drivers of software security for financial services
Nearly 72% of applications in the financial services sector contain security flaws, according to Veracode. Despite the alarming figure, this rate of software vulnerability was the lowest of all industries analyzed and has improved since last year. Th.....»»
Engineering non-precious metal electrocatalysts for cost-effective and environmentally responsible water splitting
There is an ever-present struggle to reduce carbon-based energy sources and replace them with low or no-carbon alternatives. The process of splitting water could be the resolution......»»
Some states act to protect residents from extreme heat, with a new focus on young people
After two years of record-breaking heat that brought a surge of deaths and health emergencies, several states have enacted or are considering measures designed to protect residents—with a new focus on younger people whose vulnerability is rising wi.....»»
Study highlights vulnerability of England"s only resident bottlenose dolphins
England's only resident population of bottlenose dolphins is under serious threat from a combination of human activity, environmental pollution and difficulties in rearing young that survive into adulthood, according to new research......»»