How EU lawmakers can make mandatory vulnerability disclosure responsible
There is a standard playbook and best practice for when an organization discovers or is notified about a software vulnerability: The organization works quickly to fix the problem and, once a fix is available, discloses that vulnerability for the bene.....»»
5 free vulnerability scanners you should check out
Vulnerability scanners delve into systems to uncover security gaps. The primary mission? To fortify organizations against breaches and shield sensitive data from exposure. Beyond merely pinpointing weaknesses, vulnerability scanning is a proactive me.....»»
The arrival of mandatory corporate sustainability reporting
To paraphrase the management icon Peter Drucker, you can't manage something unless you measure it. Without measurement, you can't tell if management's actions are making things better or worse. The importance and seriousness of sustainability managem.....»»
GitLab fixes critical vulnerability, patch now! (CVE-2023-5009)
GitLab has fixed a critical vulnerability (CVE-2023-5009) in the Enterprise Edition (EE) and Community Edition (CE) of its widely used DevOps platform. The flaw may allow a threat actor to abuse scan execution policies to run pipelines as another use.....»»
Week in review: 18 free Microsoft Azure cybersecurity resources, K8 vulnerability allows RCE
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: LLM Guard: Open-source toolkit for securing Large Language Models LLM Guard is a toolkit designed to fortify the security of Large Language Models (.....»»
Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179)
Trend Micro has fixed a critical zero-day vulnerability (CVE-2023-41179) in several of its endpoint security products for enterprises that has been spotted being exploited in the wild. About CVE-2023-41179 The nature of the flaw hasn’t been rev.....»»
Fake WinRAR PoC spread VenomRAT malware
An unknown threat actor has released a fake proof of concept (PoC) exploit for CVE-2023-4047, a recently fixed remote code execution (RCE) vulnerability in WinRAR, to spread the VenomRAT malware. The fake WinRAR PoC On August 17, 2023, Trend Micro.....»»
Socially vulnerable populations are disproportionately exposed to wildfires in the West, study finds
People experiencing a high degree of social vulnerability are also more exposed to wildfires in Oregon and Washington as wildfire risk increases, a new study shows......»»
Australia gives up fight to eradicate bee-killing parasite
Australia on Wednesday abandoned its fight to eradicate the destructive Varroa mite, an invasive parasite responsible for the collapse of honeybee populations across the planet......»»
Apple device management software Jamf Pro 11 unveiled at JNUC 2023
Popular Apple device management platform Jamf kicked off its annual conference in Austin, Texas today. Highlights include Jamf Pro 11 which comes with a new, modern UI with seamless onboarding, improved compliance and vulnerability workflows, an AI-p.....»»
Kubernetes vulnerability allows RCE on Windows endpoints (CVE-2023-3676)
Three high-severity Kubernetes vulnerabilities (CVE-2023-3676, CVE-2023-3893, CVE-2023-3955) could allow attackers to execute code remotely and gain control over all Windows nodes in the Kubernetes cluster. About the vulnerabilities CVE-2023-3676, di.....»»
Scientists probe the source of key hydrocarbons on Earth—and in space
Polycyclic aromatic hydrocarbons (PAHs) are a type of organic molecule that carry fused rings made of the chemical benzene. Scientists believe that PAHs are responsible for chemical processes that eventually lead to soot and other carbonaceous nanopa.....»»
Claroty’s VRM enhancements empower security teams to quantify CPS risk posture
Claroty announced enhancements to its SaaS platforms’ vulnerability and risk management (VRM) capabilities, further empowering security teams to evaluate and strengthen their organization’s CPS risk posture. The enhancements comprise a un.....»»
Dual Trojan Horse strategy to combat superbugs
In the relentless battle against antibiotic-resistant superbugs, science continues to unveil ingenious strategies to address their vulnerability. Like other bacteria, superbugs have a unique weakness—their dependence on iron for growth and survival.....»»
Carvana adopts Texas DMV"s electronic odometer, sales disclosure tool
Carvana said adopting the feature allows it to eliminate unnecessary paperwork and streamline the car-buying process for Texas shoppers......»»
Study suggests negative actions cascade to third parties
When individuals suffer a loss of resources due to the actions of others, they often aim to recoup these resources directly from those responsible......»»
Chuck Schumer convenes tech titans to discuss future AI regulations
Some of the most influential voices in the tech industry are set to meet with federal lawmakers Wednesday morning as the US Senate prepares to draw up legislation regulating the fast-moving artificial intelligence industry......»»
Autonomous driving legal landscape "a hot mess," panel says
Numerous challenges remain in defining who is responsible for collisions when they inevitably occur, said a panel on the legal landscape of driver assistance and autonomous driving technologies at the Automotive News Congress......»»
Autonomous driving legal landscape "a hot mess": panel
Numerous challenges remain in defining who is responsible for collisions when they inevitably occur, said a panel on the legal landscape of driver assistance and autonomous driving technologies at the Automotive News Congress......»»
Chinese financial reporting prioritizes communicating stability, strong connections to stakeholders vs. shareholders
It's commonly accepted that U.S. and Chinese companies treat financial reporting and disclosure differently......»»
Chrome zero-day exploited in the wild, patch now! (CVE-2023-4863)
Google has rolled out a security update for a critical Chrome zero-day vulnerability (CVE-2023-4863) exploited in the wild. About the vulnerability (CVE-2023-4863) CVE-2023-4863 is a critical heap buffer overflow vulnerability in the component that h.....»»