How EU lawmakers can make mandatory vulnerability disclosure responsible
There is a standard playbook and best practice for when an organization discovers or is notified about a software vulnerability: The organization works quickly to fix the problem and, once a fix is available, discloses that vulnerability for the bene.....»»
“Cisco buried the lede.” >10,000 network devices backdoored through unpatched 0-day
An unknown threat actor is exploiting the vulnerability to create admin accounts. Enlarge / Cables run into a Cisco data switch. (credit: Getty Images) On Monday, Cisco reported that a critical zero-day vulnerability in.....»»
Cisco IOS XE zero-day exploited by attackers to deliver implant (CVE-2023-20198)
A previously unknown vulnerability (CVE-2023-20198) affecting networking devices running Cisco IOS XE software is being exploited by a threat actor to take control of the devices and install an implant, Cisco Talos researchers have warned today. Abou.....»»
Actively exploited Cisco 0-day with maximum 10 severity gives full network control
An unknown threat actor is exploiting the vulnerability to create admin accounts. Enlarge / Cables run into a Cisco data switch. (credit: Getty Images) Cisco is urging customers to protect their devices following the dis.....»»
Google Pixel 8 Pro user claims brother can "face unlock" phone. No, they"re not twins.
Google says its Pixel 8 face unlock system is more secure than ever, but one Redditor claims otherwise. Google Pixel 8's face unlock may have an odd security vulnerability, according to Reddit.A user with the moniker MotorTransportation8 (h/t A.....»»
Week in review: Patched curl and libcurl vulnerability, 15 free M365 security training modules
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Turning military veterans into cybersecurity experts In this Help Net Security interview, James Murphy, the Director of the TechVets Programme at th.....»»
Climate Misinformation Persists in New Middle School Textbooks
Students could be taught for the next decade that humans are only partly responsible for climate change.....»»
DigiCert helps companies improve vulnerability management and cryptoagility strategies
DigiCert announced its next generation Discovery, a set of key capabilities in DigiCert Trust Lifecycle Manager that enable customers to build a centralized book of record of their cryptographic keys and certificates. This centralized view, when coup.....»»
New map shows how climate change affects your community and its vulnerability to weather
Across the globe, the past few years have been characterized by scorching summers that endanger the health of outdoor workers and biting winters that often freeze pipes and other critical infrastructure......»»
Federal judge rips into Montana"s statewide TikTok ban in preliminary injunction hearing
A Montana federal judge on Thursday tore into a contested state law that bans TikTok from all personal devices, saying in a hearing that the legislation appears driven by "paternalistic" views of social media users and suggesting lawmakers could have.....»»
NuEnergy.ai secures a patent on its framework for responsible AI governance
Ottawa, Canada-based AI governance firm NuEnergy.ai has secured a U.S. patent on its Machine Trust Index (MTI) methodology. Ottawa, Canada-based AI governance firm NuEnergy.ai has secured a U.S. patent on its Machine Trust Index (MTI) methodology.....»»
Q&A: The new landscape of corporate climate disclosure
Is corporate sustainability an oxymoron? California Gov. Gavin Newsom's recent signing of a law that requires large companies to disclose their greenhouse gas emissions has refocused attention on the role of business in combatting climate change. In.....»»
Be prepared to patch high-severity vulnerability in curl and libcurl
Details about two vulnerabilities (CVE-2023-38545, CVE-2023-38546) in curl, a foundational and widely used open-source software for data transfer via URLs, are to be released on Wednesday, October 11. Daniel Stenberg, the original author and lead dev.....»»
GNOME users at risk of RCE attack (CVE-2023-43641)
If you’re running GNOME on you Linux system(s), you are probably open to remote code execution attacks via a booby-trapped file, thanks to a memory corruption vulnerability (CVE-2023-43641) in the libcue library. About CVE-2023-43641 Discovered.....»»
Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)
Cloudflare, Google, and Amazon AWS revealed that a zero-day vulnerability in the HTTP/2 protocol has been used to mount massive, high-volume DDoS attacks, which they dubbed HTTP/2 Rapid Reset. Decoding HTTP/2 Rapid Reset (CVE-2023-44487) In late Augu.....»»
Thousands of WordPress sites have been hacked through tagDiv plugin vulnerability
If a site is redirecting visitors to scam sites, it was likely hacked by Balada. Enlarge (credit: Getty Images) Thousands of sites running the WordPress content management system have been hacked by a prolific threat act.....»»
Scientists clone novel gene responsible for glufosinate resistance in rice
Researchers have cloned a novel gene responsible for glufosinate resistance in rice and conducted in-depth analysis of its functional characteristics. The team was led by Prof. Wu Yuejin from Hefei Institutes of Physical Science (HFIPS) of the Chines.....»»
Disclosure of Pirates’ Identities “Compatible With EU Privacy Laws”
The top legal advisor to Europe's highest court says that the retention and disclosure of suspected pirates' identifying information is compatible with EU privacy laws. Advocate General Szpunar's opinion is presented as a legal solution to a long-run.....»»
Russia Prepares RuStore VPN Ban After Declaring RuStore Installation Mandatory
Russia's incremental moves to eliminate online privacy regularly target VPNs. To 'free' itself from Google and Apple, in 2022 Russia launched its very own app store, which ironically offers dozens of VPNs. After the government recently announced the.....»»
Remnant of cell division could be responsible for spreading cancer
Once thought to be the trash can of the cell, a little bubble of cellular stuff called the midbody remnant is actually packing working genetic material with the power to change the fate of other cells—including turning them into cancer......»»
Getty Images built a “socially responsible” AI tool that rewards artists
Getty Images CEO: AI makers that don’t pay artists create “a sad world.” Enlarge / Craig Peters, CEO of Getty Images, speaks onstage during Vox Media's 2023 Code Conference. (credit: Jerod Harris / Stringer | Getty Images N.....»»