MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799)
A privilege escalation vulnerability (CVE-2023-30799) could allow attackers to commandeer up to 900,000 MikroTik routers, says VulnCheck researcher Jacob Baines. While exploting it does require authentication, acquiring credentials to access the rout.....»»
The Samsung S90C is the best OLED for the price right now
At only $1,000 for the 65-inch model, the Samsung S90C is an incredible deal worth capitalizing on before its gone......»»
One or many? Exploring the population groups of the Antarctic blue whale using historical mark-recovery data
Hunted nearly to extinction during 20th century whaling, the Antarctic blue whale, the world's largest animal, went from a population size of roughly 200,000 to little more than 300. The most recent estimate in 2004 put Antarctic blue whales at less.....»»
Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465)
Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks’ Expedition firewall configuration migration tool, CISA has confirmed on Thursday. About the vulnerabilities (CVE-2024-94.....»»
Cybercriminals hijack DNS to build stealth attack networks
Hijacking domains using a ‘Sitting Ducks attack’ remains an underrecognized topic in the cybersecurity community. Few threat researchers are familiar with this attack vector, and knowledge is scarce. However, the prevalence of these attacks and t.....»»
BMW recalls almost 700,000 cars in China on fire safety risk
BMW AG is recalling nearly 700,000 vehicles in China due to coolant pump defects......»»
Critical vulnerabilities persist in high-risk sectors
Finance and insurance sectors found to have the highest number of critical vulnerabilities, according to Black Duck. Finance and insurance industry faces highest vulnerabilities The report, which analyzes data from over 200,000 dynamic application se.....»»
44,000 deaths and $10 billion: Study quantifies annual cost of child marriage in Nigeria
A study authored by Xiangming Fang, a research associate professor in the Georgia State University School of Public Health, provides the first estimates of the significant economic burden that child marriage imposes on the people and economy of Niger.....»»
NIST is chipping away at NVD backlog
The National Institute of Standards and Technology (NIST) is clearing the backlog of unprocessed CVE-numbered vulnerabilities in the National Vulnerability Database (NVD), but has admitted that their initial estimate of when they would finish the job.....»»
How a Windows zero-day was exploited in the wild for months (CVE-2024-43451)
CVE-2024-43451, a Windows zero-day vulnerability for which Microsoft released a fix on November 2024 Patch Tuesday, has been exploited since at least April 2024, ClearSky researchers have revealed. About the vulnerability CVE-2024-43451 affects all s.....»»
Zero-days dominate top frequently exploited vulnerabilities
A joint report by leading cybersecurity agencies from the U.S., UK, Canada, Australia, and New Zealand has identified the most commonly exploited vulnerabilities of 2023. Zero-day vulnerabilities on the rise The advisory highlights that malicious cyb.....»»
Pakistan employs new measures to deal with nearly 70,000 people affected daily by hazardous smog
Pakistani authorities introduced mobile clinics and added more beds in hospitals to treat the nearly 70,000 patients received daily with respiratory-related diseases as hazardous smog continued to shroud the country's east, officials said Wednesday......»»
Researchers use high-resolution images to create model that predicts landslide risk in coastal areas
São Sebastião, a municipality on the coast of São Paulo state in Brazil that was partially cut off from the rest of the country in February 2023 after a period of torrential rain, had more than 1,000 landslide points, according to an inventory pro.....»»
Aerospace employees targeted with malicious “dream job” offers
It’s not just North Korean hackers who reach out to targets via LinkedIn: since at least September 2023, Iranian threat actor TA455 has been trying to compromise workers in the aerospace industry by impersonating job recruiters on the popular e.....»»
Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)
November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 – are actively exploited by attackers. The exploited vulnerabilities.....»»
More evidence that Europe"s ancient landscapes were open woodlands: Study finds oak, hazel and yew were abundant
In 2023 a research group from Aarhus University in Denmark found that light woodland and open vegetation dominated Europe's temperate forests before Homo sapiens. In a new study, recently published in the Journal of Ecology, they take a closer look a.....»»
What can we expect at the COP29 Climate Conference?
With a climate-denialist re-elected as US president and another petrostate host (following Dubai in 2023)—hopes for ambitious outcomes at the 29th UN Climate Change "Conference of the Parties" (COP29) in Baku, Azerbaijan are not high......»»
Ars Live: Our first encounter with manipulative AI
On Nov. 19, join Benj Edwards and Simon Willison's live YouTube chat about the "Great Bing Chat Fiasco of 2023." In the short-term, the most dangerous thing about AI language mode.....»»
I reviewed Garmin’s $1,000 Apple Watch Ultra competitor. It’s an odd one
The Garmin Fenix 8 is a $1,000 smartwatch trying to go toe-to-toe with the Apple Watch Ultra and Galaxy Watch Ultra. But is it any good?.....»»
Massive troves of Amazon, HSBC employee data leaked
A threat actor who goes by the online moniker “Nam3L3ss” has leaked employee data belonging to a number of corporations – including Amazon, 3M, HSBC and HP – ostensibly compromised during the May 2023 MOVEit hack by the Cl0p r.....»»
App Store faces Epic Games-style antitrust lawsuit from Chinese developer
The developer of an app dropped from the App Store in China has filed a lawsuit that challenges Apple's overall practices, as well as damages of $420,000.China and the App StoreApple has consistently been bowing to pressures from China and dropping a.....»»