Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397)
Russian state-backed hacking group Forest Blizzard (aka Fancy Bear, aka APT28) has been using a known Microsoft Outlook vulnerability (CVE-2023-23397) to target public and private entities in Poland, Polish Cyber Command has warned. Compromising emai.....»»
Apple pulls US-funded Radio Free Europe app from Russia
The Radio Free Europe/Radio Liberty news app has been removed from the App Store in Russia, in another case of the state mandating what apps are allowed.The App Store is a powerful digital ecosystem.The move comes less than a month after the Russian.....»»
Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465)
Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks’ Expedition firewall configuration migration tool, CISA has confirmed on Thursday. About the vulnerabilities (CVE-2024-94.....»»
Microsoft brought back this feature to the new version of Outlook
Microsoft aims to revamp the new Outlook with a pair of Narrator features that make checking your emails easier......»»
We Need Scientific Brainstorming about Shared Global Dangers
It is difficult to disentangle Russian and Chinese scientists from international science cooperation. That is a good thing.....»»
NIST is chipping away at NVD backlog
The National Institute of Standards and Technology (NIST) is clearing the backlog of unprocessed CVE-numbered vulnerabilities in the National Vulnerability Database (NVD), but has admitted that their initial estimate of when they would finish the job.....»»
Study finds private equity targets firms with earnings myopia
What makes private equity firms target a publicly traded company for takeover? A new study from the University of Iowa published in the journal Review of Accounting Studies finds that private equity is often likely to target firms that more aggressiv.....»»
How a Windows zero-day was exploited in the wild for months (CVE-2024-43451)
CVE-2024-43451, a Windows zero-day vulnerability for which Microsoft released a fix on November 2024 Patch Tuesday, has been exploited since at least April 2024, ClearSky researchers have revealed. About the vulnerability CVE-2024-43451 affects all s.....»»
Zero-days dominate top frequently exploited vulnerabilities
A joint report by leading cybersecurity agencies from the U.S., UK, Canada, Australia, and New Zealand has identified the most commonly exploited vulnerabilities of 2023. Zero-day vulnerabilities on the rise The advisory highlights that malicious cyb.....»»
Researchers use high-resolution images to create model that predicts landslide risk in coastal areas
São Sebastião, a municipality on the coast of São Paulo state in Brazil that was partially cut off from the rest of the country in February 2023 after a period of torrential rain, had more than 1,000 landslide points, according to an inventory pro.....»»
If you use one of these passwords, hackers will love you
Password manager NordPass released its annual list of the most popular passwords, and the results are nothing short of shocking......»»
Is a Xumo TV worth it?
Last week, Xumo announced that it’s bringing a 55- and 65-inch TV to Target for $250 and $360, respectively, both from manufacturer Hisense. While neither of these TVs are new to the world (Hisense Xumo TVs have been exclusively available at Best B.....»»
Trump says Elon Musk will lead “DOGE,” a new Department of Government Efficiency
Musk's Department of Government Efficiency to target "massive waste and fraud." President-elect Donald Trump today announced that a new Department of Government Efficiency—or "D.....»»
AirPods Pro crackling issue target of new class-action lawsuit
A class-action lawsuit is accusing Apple of false advertising, claiming the crackling issue of the first-gen AirPods Pro go against Apple's marketing promises.AirPods ProFiled on November 1 in the United States District Court for the Northern Distric.....»»
Aerospace employees targeted with malicious “dream job” offers
It’s not just North Korean hackers who reach out to targets via LinkedIn: since at least September 2023, Iranian threat actor TA455 has been trying to compromise workers in the aerospace industry by impersonating job recruiters on the popular e.....»»
Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)
November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 – are actively exploited by attackers. The exploited vulnerabilities.....»»
Most US book bans target children"s literature featuring diverse characters and authors of color
Book bans in U.S. schools and libraries during the 2021-22 school year disproportionately targeted children's books written by people of color—especially women of color—according to a peer-reviewed study we published. They also tended to feature.....»»
More evidence that Europe"s ancient landscapes were open woodlands: Study finds oak, hazel and yew were abundant
In 2023 a research group from Aarhus University in Denmark found that light woodland and open vegetation dominated Europe's temperate forests before Homo sapiens. In a new study, recently published in the Journal of Ecology, they take a closer look a.....»»
From pets to pests: Researchers explore new tool to fight disease-carrying insects
Arkansas researchers are testing a product commonly used to treat ticks and fleas on pets to target fly and mosquito larvae with the goal of helping reduce the spread of diseases carried by these insects......»»
EU sustainable finance framework must go further to meet Paris Climate Goals—research shows how
New research shows that the EU's sustainable finance framework urgently needs to expand and that, in its current form, the taxonomy will not meet the Paris Climate Agreement target of limiting global temperature rise to 1.5°C......»»
What can we expect at the COP29 Climate Conference?
With a climate-denialist re-elected as US president and another petrostate host (following Dubai in 2023)—hopes for ambitious outcomes at the 29th UN Climate Change "Conference of the Parties" (COP29) in Baku, Azerbaijan are not high......»»