Log4Shell Exploited To Infect VMware Horizon Servers With Backdoors, Crypto Miners
An anonymous reader quotes a report from ZDNet: The Log4Shell vulnerability is being actively exploited to deliver backdoors and cryptocurrency miners to vulnerable VMware Horizon servers. On Tuesday, Sophos cybersecurity researchers said the attacks.....»»
China cyber pros say Intel is installing CPU backdoors on behalf of NSA
China says the NSA has been installing backdoors in Intel CPUs for over a decade......»»
Identifying the genes that viruses "steal" from ocean microbes
The microbes that cycle nutrients in the ocean don't do the work on their own—the viruses that infect them also influence the process. It's a vital job for the rest of the planet, enabling oceans to absorb half of the human-generated carbon in the.....»»
Fake Google Meet pages deliver infostealers
Users of the Google Meet video communication service have been targeted by cyber crooks using the ClickFix tactic to infect them with information-stealing malware. Fake Google Meet video conference page with malicious ClickFix pop-up (Source: Sekoia).....»»
Tesla moves $765 million in Bitcoin to unknown wallets, putting Musk’s crypto plans in the spotlight
Tesla moves $765 million in Bitcoin to unknown wallets, putting Musk’s crypto plans in the spotlight.....»»
Coastal cities have a hidden vulnerability to storm-surge and tidal flooding that"s entirely caused by humans
Centuries ago, estuaries around the world were teeming with birds and turbulent with schools of fish, their marshlands and endless tracts of channels melting into the gray-blue horizon......»»
Targeting bacteria: Auxiliary metabolic genes expand understanding of phages and their reprogramming strategy
Viruses that infect bacteria—known as bacteriophages—could be used in a targeted manner to combat bacterial diseases. They also play an important ecological role in global biogeochemical cycles. Recent research by researchers at the University of.....»»
87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113)
Last week, CISA added CVE-2024-23113 – a critical vulnerability that allows unauthenticated remote code/command execution on unpatched Fortinet FortiGate firewalls – to its Known Exploited Vulnerabilities catalog, thus confirming that it&.....»»
Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) For October 2024 Patch Tuesday, Microsoft has released fixes.....»»
Event horizon: After photographing black holes, scientists are now making a movie
The first moving images of a black hole could reveal swirls of plasma and collapsing stars, deepening our understanding of the universe......»»
North Carolina quartz mine crucial for microchip production restarts after Hurricane Helene
One of the miners of high-purity quartz crucial for microchip production resumed operations in North Carolina after having been shuttered since Sept. 26 because of Hurricane Helene......»»
Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680)
Mozilla has pushed out an emergency update for its Firefox and Firefox ESR browsers to fix a vulnerability (CVE-2024-9680) that is being exploited in the wild. About CVE-2024-9680 Reported by ESET malware researcher Damien Schaeffer, CVE-2024-9680 is.....»»
ESET updates Vulnerability and Patch Management module
ESET released its updated ESET Vulnerability and Patch Management module. With the new update, ESET V&PM has expanded to support Linux1 (desktops and servers), as well as macOS2 devices, covering broader parts of a business’ ecosystem. The V&PM.....»»
Genetic mechanism unlocks a key secret behind disease infection in crops
Researchers have unraveled a key genetic mechanism behind the way pathogens infect crops, leading to new strategies for breeding resistant crop varieties against other pathogens carrying the same genetic mechanism......»»
Two never-before-seen tools, from same group, infect air-gapped devices
It's hard enough creating one air-gap-jumping tool. GoldenJackal did it 2x in 5 years. Researchers have unearthed two sophisticated toolsets that a nation-state hacking group—po.....»»
Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572)
For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug affecting the Windows MSHTML Platform, and CVE-2024-43572, a remote code execution.....»»
Ivanti fixes three CSA zero-days exploited in the wild (CVE-2024-9379, CVE-2024-9380, CVE-2024-9381)
Ivanti has patched three additional Cloud Service Appliance (CSA) zero-day flaws, which have been exploited by attackers in conjuction with a zero-day bug the company accidentally fixed in September. The fixed zero-days “We are aware of a limit.....»»
Chinese hack of US ISPs shows why Apple is right about backdoors for law enforcement
It was revealed this weekend that Chinese hackers managed to access systems run by three of the largest internet service providers (ISPs) in the US. What’s notable about the attack is that it compromised security backdoors deliberately created t.....»»
Qualcomm zero-day under targeted exploitation (CVE-2024-43047)
An actively exploited zero-day vulnerability (CVE-2024-43047) affecting dozens of Qualcomm’s chipsets has been patched by the American semiconductor giant. About CVE-2024-43047 On Monday, Qualcomm has confirmed patches for 20 vulnerabilities af.....»»
Can’t get into Throne and Liberty? New server cap limits may help
As it turns out, the servers were overencumbered. Amazon Games has given them a strength boost......»»
Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: October 2024 Patch Tuesday forecast: Recall can be recalled October arrived, and Microsoft started the month by announcing the release of Windows 11.....»»