How EU lawmakers can make mandatory vulnerability disclosure responsible
There is a standard playbook and best practice for when an organization discovers or is notified about a software vulnerability: The organization works quickly to fix the problem and, once a fix is available, discloses that vulnerability for the bene.....»»
20 cybersecurity projects on GitHub you should check out
Open-source GitHub cybersecurity projects, developed and maintained by dedicated contributors, provide valuable tools, frameworks, and resources to enhance security practices. From vulnerability scanning and network monitoring to encryption and incid.....»»
Senators to get AI lessons ahead of regulation decisions
In a bid to get U.S. senators up to speed with AI ahead of regulating the technology, the lawmakers have been invited to attend a series of briefings......»»
Robocalls claiming voters would get “mandatory vaccines” result in $5M fine
Black people targeted with conspiracy theory about voting and mandatory vaccines. Enlarge (credit: Getty Images | adamkaz) The Federal Communications Commission issued a $5.1 million fine against pro-Trump robocallers wh.....»»
Sentra ChatDLP Anonymizer redacts sensitive information from ChatGPT and Google Bard prompts
Sentra announced Sentra ChatDLP Anonymizer, a new feature that redacts Personal Identifiable Information (PII) from ChatGPT and Google Bard prompts. ChatDLP enhances organizations’ data security by minimizing the vulnerability of critical data,.....»»
Exploited zero-day patched in Chrome (CVE-2023-3079)
Google has fixed a high-severity vulnerability in the Chrome browser (CVE-2023-3079) that is being exploited by attackers. About the vulnerability CVE-2023-3079 is a vulnerability that stems from a type confusion in the V8 JavaScript engine, and has.....»»
Chrome"s third exploited zero-day this year has also been fixed
Google Chrome users are being urged to apply this patch to prevent known exploits from abusing a vulnerability......»»
Mass exploitation of critical MOVEit flaw is ransacking orgs big and small
SQL injection attacks on MOVEit file transfer service likely to get worse. Enlarge (credit: Getty Images) Organizations big and small are falling prey to the mass exploitation of a critical vulnerability in a widely used.....»»
Climate justice: Global North owes $170 trillion for excessive carbon dioxide emissions, says study
Industrialized nations responsible for excessive levels of carbon dioxide emissions could be liable to pay a total of $170 trillion in compensation or reparations by 2050 to ensure climate change targets are met, say researchers......»»
Scientists identify fungal proteins responsible for suppressing host plant immunity from infection
While infectious fungal plant diseases relentlessly wreak havoc on many crops, they are also picky when choosing their hosts. Each fungus generally exhibits a specific host range, but the mechanism of this specificity has not been well understood......»»
MOVEit Transfer zero-day was exploited by Cl0p gang (CVE-2023-34362)
The zero-day vulnerability attackers have exploited to compromise vulnerable Progress Software’s MOVEit Transfer installations finally has an identification number: CVE-2023-34362. Based on information shared by Mandiant, Rapid7 and other security.....»»
GOP lawmakers ramp up calls to counter China over Micron ban
Two key Republican lawmakers are pressing the Biden administration to counter Beijing's ban of US chipmaker Micron Technology Inc. by sanctioning a Chinese semiconductor company and ensuring that Japanese and South Korean firms don't take advantage o.....»»
Week in review: MOVEit Transfer critical zero-day vulnerability, Kali Linux 2023.2 released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: MOVEit Transfer zero-day attacks: The latest info Progress Software has updated the security advisory and confirmed that the vulnerability (still wi.....»»
If you have a Gigabyte motherboard, your PC might stealthily download malware
If you own a Gigabyte motherboard, your system might be at risk. Researchers spotted a dangerous vulnerability in the firmware. Fortunately, there's a fix......»»
Google triples reward for Chrome full chain exploits
Google has tripled the full reward amount for the first security bug report that includes a functional full chain exploit of its popular Chrome browser. Six months of higher rewards for a Chrome full chain exploit The Chrome Vulnerability Rewards Pro.....»»
MOVEit Transfer zero-day attacks: The latest info
There’s new information about the zero-day vulnerability in Progress Software’s MOVEit Transfer solution exploited by attackers and – more importantly – patches and helpful instructions for customers. The MOVEit Transfer zero-day.....»»
These ingenious ideas could help make AI a little less evil
The winners of Mozilla’s Responsible AI Challenge contain a bunch of fantastic ideas that could put AI to good use in making the world a much better place......»»
Critical zero-day vulnerability in MOVEit Transfer exploited by attackers!
A critical zero-day vulnerability in Progress Software’s enterprise managed file transfer solution MOVEit Transfer is being exploited by attackers to grab corporate data. “[The vulnerability] could lead to escalated privileges and potenti.....»»
iTunes on Windows security flaw allows unauthorized access & data manipulation
Researchers have found a vulnerability in iTunes for Windows that lets users escalate system privileges, and Windows users should update the app.iTunes on Windows has a security flawIn late 2022, the Synopsys Cybersecurity Research Center (CyRC) disc.....»»
Zyxel firewalls under attack by Mirai-like botnet
CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. About CVE-2023-28771 CV.....»»
Automatic emergency braking should become mandatory, feds say
The rule would save 360 lives and prevent 24,000 crashes a year, NHTSA says. Enlarge / Emergency braking systems have been on the road for some years, but now the federal government wants them to be mandatory equipment on all new.....»»