Messenger billed as better than Signal is riddled with vulnerabilities
Threema comes with unusually strong claims. They crumble under new research findings. Enlarge (credit: Getty Images) Academic researchers have discovered serious vulnerabilities in the core of Threema, an instant messeng.....»»
Only 13% of medical devices support endpoint protection agents
63% of CISA-tracked Known Exploited Vulnerabilities (KEVs) can be found on healthcare networks, while 23% of medical devices—including imaging devices, clinical IoT devices, and surgery devices—have at least one known exploited vulnerability, acc.....»»
New Relic empowers IT and engineering teams to focus on real application security problems
New Relic launched new capabilities for New Relic IAST (Interactive Application Security Testing), including proof-of-exploit reporting for application security testing. New Relic customers can now identify exploitable vulnerabilities with an ability.....»»
3 great reasons to watch the recent Netflix hit sci-fi series The Signal
The sci-fi miniseries The Signal is a hit on Netflix, and we're sharing three great reasons why you should watch it!.....»»
IceCube identifies seven astrophysical tau neutrino candidates
The IceCube Neutrino Observatory, a cubic-kilometer-sized neutrino telescope at the South Pole, has observed a new kind of astrophysical messenger. In a new study recently accepted for publication as an Editors' Suggestion by the journal Physical Rev.....»»
BSAM: Open-source methodology for Bluetooth security assessment
Many wireless headsets using Bluetooth technology have vulnerabilities that may allow malicious individuals to covertly listen in on private conversations, Tarlogic Security researchers have demonstrated last week at RootedCON in Madrid. “Many.....»»
March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V
On this March 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, but – welcome news! – none of them are currently publicly known or actively exploited. Last month, though, several days after Patch Tuesda.....»»
Hackers leverage 1-day vulnerabilities to deliver custom Linux malware
A financially motivated threat actor is using known vulnerabilities to target public-facing services and deliver custom malware to unpatched Windows and Linux systems. Among the exploited vulnerabilities are also two recently discovered Ivanti Connec.....»»
How cells manage their mRNA stockpile and its output
In a typical cell, genes encoded in DNA are used to make messenger RNA (mRNA), which is used to make proteins, and this process of gene expression keeps the cell running. Gene expression is regulated in each cell such that specific genes are turned o.....»»
A trip to the coast, a dip in the pool, and a snow-chilled drink: How ancient Romans kept cool in summer
The dog days of summer are upon us. Or so the ancient Romans named the dies caniculares that followed the rise of the "dog star" Sirius which the ancients believed to signal the oncoming sweltering heat and drought of summer......»»
Security Bite: Hackers breach CISA, forcing the agency to take some systems offline
The Cybersecurity and Infrastructure Security Agency (CISA) says two systems were hacked in February through vulnerabilities in Ivanti products. In response, the agency had to shut down both systems, which reportedly had critical ties to U.S. infrast.....»»
macOS 14.4 brings 50+ security fixes, iOS 17.4 patch list expands to over 40
We learned with the public launch of iOS 17.4 that Apple included fixes for two exploited vulnerabilities and two other security issues. Now with the arrival of macOS 14.4, there are over 50 security patches and the list of security fixes for iOS 17......»»
Cisco patches Secure Client VPN flaw that could reveal authentication tokens (CVE-2024-20337)
Cisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which (CVE-2024-20337) could be exploited by unauthenticated, remote attackers to grab users’ valid SAML a.....»»
Sharks, turtles and other sea creatures face greater risk from industrial fishing than previously thought
My colleagues and I mapped activity in the northeast Pacific of "dark" fishing vessels—boats that turn off their location devices or lose signal for technical reasons. In our new study published in Science Advances, we found that highly mobile mari.....»»
Deadly earthquakes trigger hunt for speedier alerts
Researchers in Europe have identified an underground signal that may be a precursor to strong quakes......»»
Skybox 13.2 empowers organizations to identify and remediate vulnerabilities
Skybox Security announced Skybox 13.2, introducing enhancements to its Vulnerability and Threat Management solution. These updates mark a significant milestone in vulnerability prioritization and attack surface management, empowering organizations wi.....»»
VMware patches critical flaws in ESXi, Workstation, Fusion and Cloud Foundation
VMware has fixed four vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255) in ESXi, Workstation, Fusion and Cloud Foundation, some of which could allow attackers to escape the sandbox and execute code on the host machine......»»
VMware sandbox escape bugs are so critical, patches are released for end-of-life products
VMware ESXi, Workstation, Fusion, and Cloud Foundation all affected. Enlarge (credit: Getty Images) VMware is urging customers to patch critical vulnerabilities that make it possible for hackers to break out of sandbox a.....»»
IONIX Exposure Validation identifies and prioritizes exploitable vulnerabilities
IONIX announced a significant extension to its Attack Surface Management (ASM) platform, Automated Exposure Validation. Customers of IONIX can now benefit from Exposure Validation capabilities for continuous exploitability testing on production envir.....»»
Global meta outage: What do we know, and what was the likely cause?
Yesterday’s global meta outage seemingly took out the company’s entire network, with users unable to access Facebook, Messenger, Instagram, Threads, and Quest headsets. The outage lasted between one and two hours for most users, and while ever.....»»
Apple fixes two actively exploited iOS zero-days (CVE-2024-23225, CVE-2024-23296)
Apple has fixed two iOS zero-day vulnerabilities (CVE-2024-23225, CVE-2024-23296) exploited by attackers in the wild. CVE-2024-23225 and CVE-2024-23296 On Tuesday, Apple released security updates for all three supported branches of iOS and iPadOS. iO.....»»