Mastodon fixes critical “TootRoot” vulnerability allowing node hijacking
Most critical of the bugs allowed attackers to root federated instances. Enlarge The maintainers of the open-source software that powers the Mastodon social network published a security update on Thursday that patches a.....»»
Arcserve UDP 10 accelerates disaster recovery processes
Arcserve launched Arcserve UDP 10, providing customers with an intuitive, flexible, and affordable way to address their critical data security and business continuity challenges. Arcserve UDP 10 is a unified data protection solution that offers backu.....»»
Scientists discover "selfish DNA" crucial for early human development
A critical transition in early human development is regulated not by our own genes, but by DNA elements called transposons that can move around the genome, Sinai Health researchers have found......»»
Rangers lead effort to monitor Uganda"s lion population in critical stronghold
In a new study, wildlife rangers from the Uganda Wildlife Authority have demonstrated their ability to generate precise and reliable data on lion populations in Uganda's Nile Delta, a critical stronghold for African lions......»»
87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113)
Last week, CISA added CVE-2024-23113 – a critical vulnerability that allows unauthenticated remote code/command execution on unpatched Fortinet FortiGate firewalls – to its Known Exploited Vulnerabilities catalog, thus confirming that it&.....»»
Glowing proteins enable real-time, 3-D study of essential enzymes
Working in organoid models, researchers at University of California San Diego School of Medicine have developed a new tool to study protein-kinase C (PKC) enzymes, which play a critical role in cell growth, differentiation and survival. Malfunction o.....»»
Ridge Security delivers enhanced capabilities for web application security
Ridge Security released RidgeBot 5.0, a substantial upgrade to its automated penetration testing platform. This release introduces AI-driven Web API testing, expanded vulnerability management integrations, and an upgraded operating system. RidgeBot 5.....»»
Quantum computing and photonics discovery potentially shrinks critical parts by 1,000 times
Researchers have made a discovery that could make quantum computing more compact, potentially shrinking essential components 1,000 times while also requiring less equipment. The research is published in Nature Photonics......»»
Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) For October 2024 Patch Tuesday, Microsoft has released fixes.....»»
Apple now allowing users to change their iCloud email address starting with iOS 18.1
For the first time, starting in iOS 18.1, Apple will allow users to change their iCloud email address entirely. Previously, users could set an alias to send emails from, but there was no way to outright change or remove whatever you first set your iC.....»»
Metaphor: ReFantazio fixes my one big Persona pet peeve
Metaphor: ReFanazio is full of great quality of life considerations, but one feature fixes an annoying Persona quirk that's always bugged me......»»
Qualcomm Chip Vulnerability Leads to Several Android Devices at Risk of Hacking
Qualcomm listed over 64 different chipsets affected by the vulnerability. The post Qualcomm Chip Vulnerability Leads to Several Android Devices at Risk of Hacking appeared first on Phandroid. While modern smartphone chips usually have some.....»»
Astronomers find Webb data conflict with reionization models
Reionization is a critical period when the first stars and galaxies changed the physical structure of their surroundings, and eventually the entire universe. Established theories state that this epoch ended around 1 billion years after the Big Bang......»»
Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680)
Mozilla has pushed out an emergency update for its Firefox and Firefox ESR browsers to fix a vulnerability (CVE-2024-9680) that is being exploited in the wild. About CVE-2024-9680 Reported by ESET malware researcher Damien Schaeffer, CVE-2024-9680 is.....»»
ESET updates Vulnerability and Patch Management module
ESET released its updated ESET Vulnerability and Patch Management module. With the new update, ESET V&PM has expanded to support Linux1 (desktops and servers), as well as macOS2 devices, covering broader parts of a business’ ecosystem. The V&PM.....»»
Adaptiva improves collaboration between IT and security teams with vulnerability dashboards
Adaptiva announces the latest feature release for OneSite Patch: vulnerability dashboards. These new dashboards provide real-time visibility into Common Vulnerabilities and Exposures (CVEs) in the environment and patches that can remediate them–emp.....»»
New tool provides knowledge on heat stress vulnerability in cities for more targeted adaptation
Heat-related deaths and diseases are a major concern in Europe amid increasing extended periods of extreme heat. A recent study proposes a novel way of quantifying and projecting future vulnerability to heat stress in different areas of a city, provi.....»»
Hubble and New Horizons offer dual perspectives on Uranus to inform exoplanet research
NASA's Hubble Space Telescope and New Horizons spacecraft simultaneously set their sights on Uranus recently, allowing scientists to make a direct comparison of the planet from two very different viewpoints. The results inform future plans to study l.....»»
X reinstated in Brazil after Musk pays fines, agrees to follow local laws
X blocked accounts and paid $5 million in fines to get back online in Brazil. Brazil's Supreme Court is allowing Elon Musk's X to resume operations, apparently ending a months-lon.....»»
Guide for selecting the right GRC framework, EU edition
Governance, risk, and compliance frameworks are critical. They enable cybersecurity professionals to accurately identify an organization’s risk posture, align business and strategic objectives with technology, and meet compliance responsibilities......»»
Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409)
If you run a self-managed GitLab installation with configured SAML-based authentication and you haven’t upgraded it since mid-September, do it now, because security researchers have published an analysis of CVE-2024-45409 and an exploit script.....»»