How EU lawmakers can make mandatory vulnerability disclosure responsible
There is a standard playbook and best practice for when an organization discovers or is notified about a software vulnerability: The organization works quickly to fix the problem and, once a fix is available, discloses that vulnerability for the bene.....»»
Decarbonizing Australia"s transport system could solve significant public health challenge
The road transport system is responsible for almost 20% of Australia's fossil fuel emissions. Transport emissions have increased nearly 60% since 1990 and Australia's per capita road transport emissions are 45% higher than the OECD average......»»
YouTube cracks down on synthetic media with AI disclosure requirement
Several new policies aim to tackle realistic synthetic media head-on. Enlarge (credit: Getty Images) On Tuesday, YouTube announced it will soon implement stricter measures on realistic AI-generated content hosted by the.....»»
App downloads by teenagers should be Apple’s responsibility, says Meta
Apple and Google should be held legally responsible for gatekeeping app downloads by teenagers, suggests Facebook and Instagram developer Meta. The proposal to shift legal responsibility comes as social media platforms face increasing legal battle.....»»
EU negotiators reach deal on methane emission curbs
Negotiators for the EU's member states and lawmakers on Wednesday reached a deal on new rules to curb methane emissions which would put new reporting requirements on the coal, gas and oil industry......»»
Japanese sales tax on foreign apps will have to be paid by Apple and Google
Apple and Google will be made responsible for paying Japanese sales tax on apps and in-app content sold by developers based outside the country, the government has said. There are two different routes the companies could take to comply with the ne.....»»
Zelle scams: App now starting limited refunds, under pressure from lawmakers
Growing concern about Zelle scams has seen parent company Early Warning Services (EWS) begin to refund some people duped into sending money to criminals. The U-turn on its previous stance that customers are responsible for their own transactions is b.....»»
6clicks helps organizations manage and report on material cybersecurity events
6clicks announced that it has added SEC Form 8-K content required for event tracking to its incident management module in its GRC platform to help organizations meet new SEC disclosure requirements for qualified cybersecurity events. The new content.....»»
Faster Arctic warming hastens 2-degree-Celsius rise by eight years, finds modeling study
Faster warming in the Arctic will be responsible for a global 2 C temperature rise being reached eight years earlier than if the region were warming at the average global rate, according to a new modeling study led by UCL researchers......»»
CPU owners are suing Intel. Here’s the surprising reason why
A class action lawsuit has just been filed against Intel as a result of the ongoing Downfall vulnerability. Here's what's happening......»»
"Bluewashing": How ecotourism can be used against Indigenous communities
When the notion of "ecotourism" was introduced in the late 1970s, it was intended to be ecologically responsible, promote conservation, benefit local populations and help travelers foster a "reconnection with biocultural diversity." It's now more of.....»»
MOVEit hackers leverage new zero-day bug to breach organizations (CVE-2023-47246)
A critical zero-day vulnerability (CVE-2023-47246) in the SysAid IT support and management software solution is being exploited by Lace Tempest, a ransomware affiliate known for deploying Cl0p ransomware. Lace Tempest has previously exploited zero-da.....»»
YesWeHack unveils Attack Surface Management product that unifies offensive security testing
YesWeHack has unveiled an Attack Surface Management (ASM) product that enables clients to orchestrate their offensive security and vulnerability remediation strategy through a risk-based approach. The new product continuously maps an organisation’s.....»»
Russia Blocks 167 VPNs, Steps Up OpenVPN & WireGuard Disruption
The head of the Russian department responsible for identifying threats to the "stability, security and integrity" of the internet, has revealed the extent of the Kremlin's VPN crackdown. Former FSO officer Sergei Khutortsev, a central figure in Russi.....»»
Open-source vulnerability disclosure: Exploitable weak spots
Flaws in the vulnerability disclosure process of open-source projects could be exploited by attackers to harvest the information needed to launch attacks before patches are made available, Aqua Security researchers worry. The risk arises from “.....»»
Ivanti and Securin join forces to protect customers against cyber threats
Ivanti announced its partnership with a provider of tech-enabled cybersecurity solutions, Securin. Fueled by data from Securin’s Vulnerability Intelligence (VI), Ivanti Neurons for Vulnerability Knowledge Base provides authoritative, near-real-time.....»»
Aqua Trivy open-source security scanner now finds Kubernetes security risks
The Aqua Trivy open-source scanner now supports vulnerability scanning for Kubernetes components and Kubernetes Bill of Materials (KBOM) generation. Now, companies can better understand the components within their Kubernetes environment and how secur.....»»
Researchers discover new method to inhibit cholera infection
Recent research investigates a novel strategy for inhibiting the spread and infection of Vibrio cholerae, the bacteria responsible for the disease, cholera......»»
Looney Tunables bug exploited for cryptojacking
Kinsing threat actors have been spotted exploiting the recently disclosed Looney Tunables (CVE-2023-4911) vulnerability to covertly install cryptomining software into cloud-native environments. Kinsing (aka Money Libra) is a threat actor group that h.....»»
Kubescape 3.0 elevates open-source Kubernetes security
Targeted at the DevSecOps practitioner or platform engineer, Kubescape, the open-source Kubernetes security platform has reached version 3.0. Vulnerability scan results Kubescape 3.0 features Kubescape 3.0 adds new features that make it easier for or.....»»
Critical vulnerability in Atlassian Confluence server is under “mass exploitation”
Atlassian's senior management is all but begging customers to take immediate action. Enlarge A critical vulnerability in Atlassian’s Confluence enterprise server app that allows for malicious commands and reset server.....»»