Ransomware gangs are exploiting IBM Aspera Faspex RCE flaw (CVE-2022-47986)
Attackers are exploiting a critical vulnerability (CVE-2022-47986) in the IBM Aspera Faspex centralized file transfer solution to breach organizations. About CVE-2022-47986 IBM Aspera Faspex is used by organizations to allow employees to quickly and.....»»
Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443)
Synology has released fixes for an unauthenticated “zero-click” remote code execution flaw (CVE-2024-10443, aka RISK:STATION) affecting its popular DiskStation and BeeStation network attached storage (NAS) devices. About CVE-2024-10443 CV.....»»
New trigger proposed for record-smashing 2022 Tonga eruption—unstudied data from seismic wave points to early signals
Fifteen minutes before the massive January 2022 eruption of the Hunga Tonga-Hunga Ha'apai volcano, a seismic wave was recorded by two distant seismic stations. Now, researchers argue that similar early signals could be used to warn of other impending.....»»
23 Years of the iPod: How Elite Obsolete Electronics keeps the music playing
There’s probably enough material to produce a book about the importance of the iPod to Apple’s history (and revenue). Yet, the company said goodbye to the brand in 2022 as it finally discontinued the last edition of the iPod Touch. There is a sma.....»»
Amazon Kindle (2024) vs. Kindle (2022): Should you upgrade?
The Kindle is an excellent e-reader, but do you need the new Kindle (2024) if you already have the 2022 model? Let's find out......»»
The new 2024 Mac Mini is Apple’s IBM PC moment and this tiny computer is the final nail in the desktop PC’s coffin: here’s why
The new 2024 Mac Mini is Apple’s IBM PC moment and this tiny computer is the final nail in the desktop PC’s coffin: here’s why.....»»
Apple researchers ran an AI test that exposed a fundamental ‘intelligence’ flaw
Apple just shipped its first Apple Intelligence features and launched new AI-optimized Macs. But for all the AI hype, there are clearly limitations with the technology’s intelligence. And one of those limits was highlighted by Apple’s AI research.....»»
Infosec products of the month: October 2024
Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Balbix, BreachLock, Commvault, Dashlane, Data Theorem, Edgio, ExtraHop, Fastly, Frontegg, GitGuardian, IBM, Ivanti, Jumio, Kusari, Legit Security,.....»»
Don"t wait! The M2 iPad Air just dropped to $498 on Amazon
At $800 off, this is a massive price cut for an M2-powered 2022 2TB Apple iPad Pro — a terrific discount for a tablet with plenty of on-board storage.....»»
North Korean hackers pave the way for Play ransomware
North Korean state-sponsored hackers – Jumpy Pisces, aka Andariel, aka Onyx Sleet – have been spotted burrowing into enterprise systems, then seemingly handing matters over to the Play ransomware group. Timeline of the attack (Source: Pal.....»»
Ransomware hits web hosting servers via vulnerable CyberPanel instances
A threat actor – or possibly several – has hit approximately 22,000 vulnerable instances of CyberPanel and encrypted files on the servers running it with the PSAUX and other ransomware. The PSAUX ransom note (Source: LeakIX) The CyberPane.....»»
Record-breaking Saharan dust events hit Spain between 2020 and 2022, study confirms
A study by the Spanish National Research Council (CSIC), an agency dependent on the Ministry of Science, Innovation and Universities of Spain, concludes that the most intense Saharan dust events ever recorded in the air quality monitoring networks of.....»»
Indonesia study evaluates potential of alternative measures for biodiversity conservation
At COP16 in Calí, Colombia, member states are currently discussing how the global nature agreement adopted in Montreal in 2022 can be implemented. The goals include protecting 30% of the world's land and sea areas by 2030......»»
Tap to Pay on iPhone comes to more European countries
Apple has launched its Tap to Pay on iPhone feature in five more EU countries, the slow rollout that began wit the US in 2022.Tap to Pay on iPhoneIt was in May 2022 that US iPhone users gained the ability to pay other iPhone users without any extra h.....»»
Black Basta operators phish employees via Microsoft Teams
Black Basta ransomware affiliates are still trying to trick enterprise employees into installing remote access tool by posing as help desk workers, now also via Microsoft Teams. Phishing via MS Teams Earlier this year, Rapid7 warned about Black Basta.....»»
High school students present five new ways of proving Pythagoras" Theorem via trigonometry
In 2022, U.S. high school students Calcea Johnson and Ne'Kiya Jackson astonished teachers when they discovered a new way to prove Pythagoras' theorem using trigonometry after entering a competition at their local high school. As a result, both studen.....»»
Entry-level iPad to be updated in early 2025
Following updates to the rest of the iPad lineup during 2024, the lowest-cost model is now expected to see a refresh in spring of 2025.The 10th generation iPad came in multiple colors in 2022The regular iPad was last updated in October 2022, and this.....»»
Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Fortinet releases patches for publicly undisclosed critical FortiManager vulnerability In the last couple of days, Fortinet has released critical se.....»»
More than 100 million Americans had their health data exposed in a UnitedHealth hack
A UnitedHealth hack exposed the personal information and health data of more than 100M Americans – the first time the company has put a specific number on the security breach. A ransomware attack was made on Change Healthcare back in February, b.....»»
iOS 18.2 lets you add the volume slider back to your iPhone’s Lock Screen
With the release of iOS 16 in 2022, Apple removed the volume slider from the iPhone Lock Screen except while using AirPlay. In iOS 18.2, however, Apple has decided to bring back that capability with a new “Always Show Volume Control” option in th.....»»
Exploited: Cisco, SharePoint, Chrome vulnerabilities
Threat actors have been leveraging zero and n-day vulnerabilities in Cisco security appliances (CVE-2024-20481), Microsoft Sharepoint (CVE-2024-38094), and Google’s Chrome browser (CVE-2024-4947). CVE-2024-20481 (Cisco ASA/FTD) In the past few.....»»