How EU lawmakers can make mandatory vulnerability disclosure responsible
There is a standard playbook and best practice for when an organization discovers or is notified about a software vulnerability: The organization works quickly to fix the problem and, once a fix is available, discloses that vulnerability for the bene.....»»
Facial tumors evolve to coexist with Tasmanian devil populations, shows new study
Research led by the University of Tasmania has found that the deadly devil facial tumor disease (DFTD) responsible for wiping out two-thirds of the species over the last 30 years is evolving to coexist with devil populations......»»
VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887)
CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight), has been spotted being exploited in the wild. There are no workarounds to mitigate the risk of exploitati.....»»
Research examines COVID-19"s ongoing toll on university students" mental health
Even before the pandemic, university students were at high risk of developing mental health problems. Transitioning to adulthood is already a period of heightened vulnerability, and for students, this can be combined with added stressors such as livi.....»»
Zyxel patches critical vulnerability in NAS devices (CVE-2023-27992)
Zyxel has released firmware patches for a critical vulnerability (CVE-2023-27992) in some of its consumer network attached storage (NAS) devices. About CVE-2023-27992 CVE-2023-27992 is an OS command injection flaw that could be triggered remotely by.....»»
U.S. lawmakers will press auto CEOs over China supply-chain links
Four lawmakers are concerned about Ford’s partnership with Chinese auto battery manufacturer Contemporary Amperex Technology Co. Ltd., and auto companies’ dependence on China more broadly......»»
Study suggests warfare was responsible for the boom-bust cycles of Neolithic societies
A new study out of the Complexity Science Hub concludes that social disintegration and violent conflict played a crucial role in shaping the population dynamics of early farming societies in Neolithic Europe.....»»
A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708)
Progress Software has asked customers to update their MOVEit Transfer installations again, to fix a third SQL injection vulnerability (CVE-2023-35708) discovered in the web application in less that a month. Previously, the Cl0p cyber extortion gang e.....»»
Meta lowers the minimum age for its Quest headsets from 13 to 10
Facebook-parent Meta plans to lower the minimum age for its virtual reality headsets from 13 years old to 10 years old, despite pressure from lawmakers not to market its VR services to younger users......»»
Coalition ESS helps enterprises mitigate their most critical risks
Coalition announced the Coalition Exploit Scoring System (Coalition ESS), a vulnerability scoring system that helps risk managers mitigate potential cyber threats. Developed by Coalition Security Labs, the company’s research and innovation center,.....»»
EU votes to ban AI in biometric surveillance, require disclosure from AI systems
Nonbinding EU draft AI law gets tougher, but it's still open to negotiation. Enlarge / The EU flag in front of an AI-generated background. (credit: EU / Stable Diffusion) On Wednesday, European Union officials voted to i.....»»
VMware fixes critical flaws in Aria Operations for Networks (CVE-2023-20887)
VMware has fixed two critical (CVE-2023-20887, CVE-2023-20888) and one important vulnerability (CVE-2023-20889) in Aria Operations for Networks (formerly vRealize Network Insight), its popular enterprise network monitoring tool. About the vulnerabili.....»»
Rezilion releases agentless runtime monitoring solution for vulnerability management
Rezilion released Agentless solution, allowing user connection and access to Rezlion’s full feature functionality across multiple cloud platforms. It enables security teams to monitor exploitable attack surfaces in runtime without using an agen.....»»
Comcast complains to FCC that listing all of its monthly fees is too hard
Comcast blasted for seeking "loopholes" in rule requiring disclosure of all fees. Enlarge (credit: Getty Images | Smith Collection/Gado ) Comcast is not happy about new federal rules that will require it to provide broad.....»»
Meat processing plants: What factors are critical for survival?
Meat processing plants in the U.S. have garnered considerable public attention in recent years, often focusing on production and labor issues. The COVID-19 pandemic underscored the vulnerability of large, concentrated plants, as major shutdowns led t.....»»
PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)
As more victim organizations of Cl0p gang’s MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE vulnerability exploited by the Cl0p cyber extortion group to plunder confidential data......»»
OpenAI sued for defamation after ChatGPT allegedly fabricated fake embezzlement claims
Is OpenAI responsible for what its popular AI chatbot, ChatGPT, says? A new lawsuit against the company filed by a Georgia-based radio host argues that the company is.Armed America Radio host Mark Walters filed against OpenAI for defamation earlier t.....»»
Replace Barracuda ESG appliances, company urges
Barracuda Networks is urging customers running phyisical Email Security Gateway (ESG) appliances to replace them immediately, “regardless of patch version level.” Vulnerability identification and disclosure Barracuda has identified a crit.....»»
Louisiana lawmakers approve parental consent bill for kids" social media use and other online services
Louisiana lawmakers have sent a bill to the state's governor that would require online platforms to obtain a parent's consent before creating an account for users under 18, the latest in a raft of legislation restricting digital services for kids and.....»»
Cl0p announces rules for extortion negotiation after MOVEit hack
The Cl0p cyber extortion crew says that the many organizations whose data they have pilfered by exploiting a vulnerability in the MOVEit Transfer solution have until June 14 to get in contact with them – or they will post their name on their de.....»»
Damning probes find Instagram is key link connecting pedophile rings
Lawmakers, researchers demand Meta do more to stop Instagram pedophile rings. Enlarge (credit: NurPhoto / Contributor | NurPhoto) Instagram has emerged as the most important platform for buyers and sellers of underage se.....»»