New UEFI firmware vulnerabilities affect several PC vendors
Researchers at enterprise security firm Binarly have discovered no less than 23 high-impact vulnerabilities in the BIOS/UEFI firmware used by several computer vendors like Intel, AMD, Lenovo, Dell, HP, Asus, Microsoft, Fujitsu, Juniper Networks, Acer.....»»
“Perfect” Windows downgrade attack turns fixed vulnerabilities into zero-days
A researcher has developed a downgrade attack that can make Windows machines covertly, persistently and irreversibly vulnerable, even if they were fully patched before that. A downgrade attack exploiting the Windows Update process The direction of Sa.....»»
Photos: Black Hat USA 2024 Startup City
Here’s a look inside Startup City at Black Hat USA 2024. The featured vendors are: BackBox, Cybral, DryRun Security, HackNotice, Heeler Security, Hushmesh, MobileHop, Nagomi Security, Ox Security, Plainsea, Raven, Scribe Security, Spyderbat, an.....»»
AI security 2024: Key insights for staying ahead of threats
In this Help Net Security interview, Kojin Oshiba, co-founder of Robust Intelligence, discusses his journey from academic research to addressing AI security challenges in the industry. Oshiba highlights vulnerabilities in technology systems and the p.....»»
Statistical models show individuals vary in how air pollution impacts their mood
Affective sensitivity to air pollution (ASAP) describes the extent to which affect, or mood, fluctuates in accordance with daily changes in air pollution, which can vary between individuals, according to a study published August 7, 2024 in the open-a.....»»
Disaster plant pathology: Solutions to combat agricultural threats from disasters
An often-overlooked component of natural and human-driven disasters is their potential to affect plant health and thus food security at domestic and international scales. Most disasters have indirect effects on plant health through factors such as di.....»»
Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008)
Two cross-site scripting vulnerabilities (CVE-2024-42009, CVE-2024-42008) affecting Roundcube could be exploited by attackers to steal users’ emails and contacts, email password, and send emails from their account. About the vulnerabilities Rou.....»»
OpenWrt dominates, but vulnerabilities persist in OT/IoT router firmware
Forescout has published a new report examining the current state of the software supply chain in OT/IoT routers. The study uncovered that OT and IoT cellular routers and those used in small offices and homes contain outdated software components assoc.....»»
Contrast Security ADR enables teams to identify vulnerabilities, detect threats, and stop attacks
Contrast Security introduced Application Detection and Response (ADR), which empowers security teams to identify vulnerabilities, detect threats, and stop attacks that target custom applications and APIs. Today’s layered “detection and respon.....»»
Sports venues must vet their vendors to maintain security
Sporting events generate a lot of consumer activity, from hotels and restaurants to retail. Large sporting events are held together by webs of connectivity that include vendors, sponsors, employees, and consumers. These networks connect ticketing, me.....»»
Number of incidents affecting GitHub, Bitbucket, GitLab, and Jira continues to rise
Outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities, and, as a result, data loss are the reality that DevSecOps teams have to face every few days, according to GitProtect.io. DevSecOps The possibility to integrate.....»»
Rapid7 releases Command Platform, unified attack defense and response
Rapid7 launched its Command Platform, a unified threat exposure, detection, and response platform. It allows customers to integrate their critical security data to provide a unified view of vulnerabilities, exposures, and threats from endpoint to clo.....»»
Rape myths can affect jurors" perceptions of sexual assault, and that needs to change
In Canada, more than 34,000 cases of sexual assault were reported to police in 2022, representing a 38% increase from 2017......»»
New research sheds light on relationships between plants and insects in forest ecosystems
U.S. Forest Service researchers and partners published new findings on how leaf-eating insects affect forest ecosystems worldwide......»»
A nose for earthy notes: Human odorant receptor for geosmin identified for the first time
Geosmin is a volatile compound of microbial origin with a distinct "earthy" to "musty" odor that can affect the quality of water and food. It is responsible for the typical odor that occurs when rain falls on dry soil. This odorant is produced by mic.....»»
Securing remote access to mission-critical OT assets
In this Help Net Security interview, Grant Geyer, Chief Strategy Officer at Claroty, discusses the prevalent vulnerabilities in Windows-based engineering workstations (EWS) and human-machine interfaces (HMI) within OT environments. Geyer also address.....»»
Coding practices: The role of secure programming languages
Safety and quality are not features that can be added through testing — they must be integral to the design. Opting for a safer or more secure language or language subset during implementation can eliminate entire categories of vulnerabilities. The.....»»
The hidden drivers of evolution: Transposable elements in Rosaceae genomes
Transposable elements are mobile DNA sequences that play a crucial role in plant genome architecture and gene regulation. They drive genome size variation and affect gene expression by altering regulatory networks. Despite their significance, the div.....»»
eBook: 20 tips for secure cloud migration
More organizations rely on cloud platforms to reap the benefits of scalability, flexibility, availability, and reduced costs. However, cloud environments come with security challenges and vulnerabilities. The Thales 2020 Data Threat Report indicates.....»»
Automotive tech company CDK must face antitrust class action, judge says
Software vendors can band together as a class to sue automotive technology giant CDK Global for allegedly restricting access to data and causing them to pay hundreds of millions of dollars in overcharges, a federal judge in Chicago has ruled. .....»»
iPhone market share declines in China, but these two things could reverse the trend
Apple’s iPhone market in China continues to be a struggle, according to a new research report. The company has lost market share and fallen out of the top five vendors. But there are two things analysts believe could reverse the trend and lead.....»»