How EU lawmakers can make mandatory vulnerability disclosure responsible
There is a standard playbook and best practice for when an organization discovers or is notified about a software vulnerability: The organization works quickly to fix the problem and, once a fix is available, discloses that vulnerability for the bene.....»»
A Summer of Record Heat Deals Costly Damage to Texas Water Systems
As dry soils contract, underground pipes rupture—disrupting cities, frustrating conservation efforts, and highlighting the vulnerability of critical infrastructure to a warming climate......»»
Apple backs California bill that would require stricter emissions reporting
Apple has come out in support of a new bill in California that would require companies to reveal more information about climate emissions from supply chain partners. In a letter penned to California lawmakers, the company said that it is “strongly.....»»
Unpatched Cisco ASA flaw exploited by attackers (CVE-2023-20269)
A vulnerability (CVE-2023-20269) in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) firewalls is being exploited by attackers to gain access to vulnerable internet-exposed devices. “This vulnerability was found.....»»
Apple patches “clickless” 0-day image processing vulnerability in iOS, macOS
"BLASTPASS" bug can install malware without user interaction. Enlarge (credit: Apple) Apple has released security updates for iOS, iPadOS, macOS, and watchOS today to fix actively exploited zero-day security flaws that c.....»»
North Korea-backed hackers target security researchers with 0-day
Google researchers say currently unfixed vulnerability affects a popular software package. Enlarge (credit: Dmitry Nogaev | Getty Images) North Korea-backed hackers are once again targeting security researchers with a ze.....»»
Security or performance? With this AMD vulnerability, you can’t have both
This AMD Zen 2 vulnerability has the potential to steal your passwords, but if you want a fix, you'll need to make a tough decision......»»
China"s top chipmaker may be in hot water as US lawmakers call for further sanctions
Shares in SMIC, China's largest contract chipmaker, plunged on Thursday, after two US congressmen called on the White House to further restrict export sales to the company......»»
Atlas VPN zero-day allows sites to discover users’ IP address
Atlas VPN has confirmed the existence of a zero-day vulnerability that may allow website owners to discover Linux users’ real IP address. Details about this zero-day vulnerability as well as exploit code have been publicly released on Reddit se.....»»
Poor water quality found to disproportionately affect socially vulnerable communities
A new study published in the journal Environmental Research Letters examines the links between drinking water quality violations and social vulnerability in the United States, revealing that these violations disproportionately affect the most vulnera.....»»
China"s app rule changes applied everywhere but the App Store
While other mobile app marketplaces in China have started to enforce new app disclosure laws, Apple has yet to implement rule changes affecting developers operating in the country.China introduced new rules in August requiring mobile app makers to ma.....»»
NYC subway security flaw seemingly exposes ‘impossible’ Apple Pay vulnerability [U]
Update: The MTA flaw has been eliminated, but the Apple Pay question remains. See the end of the piece. An inexcusable NYC subway security flaw has been revealed, allowing anyone with knowledge of a user’s credit card number and expiry date to t.....»»
NYC subway security flaw seemingly exposes ‘impossible’ Apple Pay vulnerability
An inexcusable NYC subway security flaw has been revealed, allowing anyone with knowledge of a user’s credit card number and expiry date to track all journeys made within the past seven days. But what’s far more concerning is that the vulnerab.....»»
Researcher claims MTA subway flaw beats Apple Pay security
A researcher who was able to track people's use of the MTA subway system in New York, says that the same methodology exposes an Apple Pay vulnerability — but it's not clear if it actually does.MTA turnstiles in New YorkNew York City added Apple Pay.....»»
How a mere 12% of Americans eat half the nation"s beef, creating significant health and environmental impacts
A new study has found that 12% of Americans are responsible for eating half of all beef consumed on a given day, a finding that may help consumer groups and government agencies craft educational messaging around the negative health and environmental.....»»
Tenable unveils web application and API scanning capabilities for Nessus Expert
Tenable has unveiled web application and API scanning in Tenable Nessus Expert, new features that provide simple and comprehensive vulnerability scanning for modern web applications and APIs. Web application and API scanning in Nessus Expert are dyna.....»»
VMware fixes critical vulnerability in Aria Operations for Networks (CVE-2023-34039)
VMware has patched one critical (CVE-2023-34039) and one high-severity vulnerability (CVE-2023-20890) in Aria Operations for Networks, its popular enterprise network monitoring tool. About the vulnerabilities (CVE-2023-34039, CVE-2023-20890) CVE-2023.....»»
Tanium Vulnerability Risk and Compliance for ServiceNow accelerates security investigations
Tanium announced Tanium Vulnerability Risk and Compliance for ServiceNow – a new solution enabling ServiceNow customers to identify security risks from vulnerabilities and non-compliant configurations and remediate all from within the ServiceNow pl.....»»
Easy-to-exploit Skype vulnerability reveals users’ IP address
A vulnerability in Skype mobile apps can be exploited by attackers to discover a user’s IP address – a piece of information that may endanger individuals whose physical security depends on their general location remaining secret. The vuln.....»»
Climate-changing human activity could lead to 1 billion deaths over the next century, according to new study
If global warming reaches or exceeds two degrees Celsius by 2100, University of Western Ontario's Joshua Pearce says it is likely that mainly richer humans will be responsible for the death of roughly one billion mainly poorer humans over the next ce.....»»
Rightsholders Urge U.S. Govt to Pave the Way for Pirate Site Blocking
Responding to an inquiry on future anti-piracy strategies, Creative Future CEO Ruth Vitale calls on U.S. lawmakers to consider site blocking as a much-needed solution. Blocking foreign pirate sites could be a "game changer", she argues. The Associati.....»»