Linux devs fix nasty vulnerability dating back half a decade
Researcher uncovers stack buffer overflow in the kernel networking module for the Transparent Inter-Process Communication protocol......»»
Researcher: I"ve visited the same Rocky Mountain subalpine meadow weekly for a decade. Here"s what I learned
Imagine a bee crawling into a bright yellow flower......»»
CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766)
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-40766 – a recently fixed improper access control vulnerability affecting SonicWall’s firewalls – to its Known Exploited Vulnerabilities catalog, thus.....»»
Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342)
Users of Zyxel network-attached storage (NAS) devices are urged to implement hotfixes addressing a critical and easily exploited command injection vulnerability (CVE-2024-6342). About CVE-2024-6342 Zyxel NAS devices are generally used by small to med.....»»
Methane emissions are rising faster than ever, research shows
The world has not hit the brakes on methane emissions, a powerful driver of climate change. More than 150 nations have pledged to slash by 30% this decade under a global methane pledge, but new research shows global methane emissions over the past fi.....»»
Tech stack uniformity has become a systemic vulnerability
Crashes due to faulty updates are nothing new; in fact, one reason IT teams often delay updates is their unreliability and tendency to disrupt the organization’s day-to-day operations. Zero-days are also an old phenomenon. In the past, due to a lac.....»»
Pausing biological clock could give boost to lab-produced blood stem cells
A decade ago, Raquel Espin Palazon discovered that inflammatory signaling pathways must switch on for embryos to produce blood stem cells. The latest work from her lab shows the potential value of keeping those same signals switched off after their i.....»»
Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711)
CVE-2024-40711, a critical vulnerability affecting Veeam Backup & Replication (VBR), could soon be exploited by attackers to steal enterprise data. Discovered and reported by Code WHite researcher Florian Hauser, the vulnerability can be leveraged fo.....»»
Large theropod dinosaurs thrived near South Pole, Australian tracks show
A discovery of dinosaur tracks on Australia's southern coast—dating back to the Early Cretaceous when Australia was still connected to Antarctica—indicates that large theropod dinosaurs thrived in this polar environment, prowling the river floodp.....»»
If you have to watch one Netflix movie in September, stream this one
This acclaimed 2022 movie is one of the best dramas of the decade. It's now on Netflix, and here's why you should stream it in September......»»
Exploring how income, race and design affect pedestrian casualties
Pedestrian fatalities in the United States have increased more than 50% over the last decade, with 1 in 6 traffic deaths involving pedestrians. Programs like Vision Zero and Safe Systems focus on making transportation safe for vulnerable users, prima.....»»
Red Hat Enterprise Linux AI extends innovation across the hybrid cloud
Red Hat Enterprise Linux (RHEL) AI is Red Hat’s foundation model platform, enabling users to develop, test, and run GenAI models to power enterprise applications. The platform brings together the open source-licensed Granite LLM family and Instruct.....»»
Week in review: Vulnerability allows Yubico security keys cloning, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Vulnerability allows Yubico security keys to be cloned Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware se.....»»
How did volcanism trigger climate change before the eruptions started?
New dating of a major ancient warming shows warming started before major eruptions. Enlarge / Loads of lava: Kasbohm with a few solidified lava flows of the Columbia River Basalts. (credit: Joshua Murray) As our climate.....»»
Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)
For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to unauthenticated remote code execution. About CVE-2024-45195 Apache OFBiz is an.....»»
Binarly Transparency Platform 2.5 identifies critical vulnerabilities before they can be exploited
Binarly announced Binarly Transparency Platform 2.5 with several features designed to enhance software vulnerability management and improve security posture across enterprise environments. The key highlight of this release is the innovative Reachabil.....»»
Study finds when self-determination model provided to schools with support, teachers and all students benefit
For more than a decade, University of Kansas researchers have shown that giving students, especially those with disabilities, ownership of their education improves their outcomes. The Kansas University Center on Developmental Disabilities' team recen.....»»
trackd AutoPilot leverages historical patch disruption data
trackd has released a powerful rules engine that uses its patch disruption data to enable auto-patching with confidence, and based on actual data. “There’s only one reason that vulnerability management exists as a discipline in cyber secu.....»»
Business routers vulnerable to OS command injection attack
Zyxel fixes a 9.8-severity vulnerability in multiple endpoints......»»
Vulnerability allows Yubico security keys to be cloned
Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware security keys and modules that may allow attackers to clone the devices. But the news is not as catastrophic as it may seem at first glance. “The attacke.....»»
Samba 4.21 comes with upgraded security features
Samba is the standard suite of programs that enables seamless interoperability between Linux/Unix and Windows systems. Version 4.21 has been officially released. Hardening In previous versions of Samba, if a user or group name in either option could.....»»