Serious vulnerabilities in Matrix’s end-to-end encryption are being patched
Previously overlooked flaws allow malicious homeservers to decrypt and spoof messages. Enlarge (credit: matrix.org) Developers of the open source Matrix messenger protocol are releasing an update on Thursday to fix critical en.....»»
Security Bite: Hackers breach CISA, forcing the agency to take some systems offline
The Cybersecurity and Infrastructure Security Agency (CISA) says two systems were hacked in February through vulnerabilities in Ivanti products. In response, the agency had to shut down both systems, which reportedly had critical ties to U.S. infrast.....»»
Matrix multiplication breakthrough could lead to faster, more efficient AI models
At the heart of AI, matrix math has just seen its biggest boost "in more than a decade.” Enlarge / When you do math on a computer, you fly through a numerical tunnel like this—figuratively, of course. (credit: Getty Images).....»»
macOS 14.4 brings 50+ security fixes, iOS 17.4 patch list expands to over 40
We learned with the public launch of iOS 17.4 that Apple included fixes for two exploited vulnerabilities and two other security issues. Now with the arrival of macOS 14.4, there are over 50 security patches and the list of security fixes for iOS 17......»»
Cisco patches Secure Client VPN flaw that could reveal authentication tokens (CVE-2024-20337)
Cisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which (CVE-2024-20337) could be exploited by unauthenticated, remote attackers to grab users’ valid SAML a.....»»
Skybox 13.2 empowers organizations to identify and remediate vulnerabilities
Skybox Security announced Skybox 13.2, introducing enhancements to its Vulnerability and Threat Management solution. These updates mark a significant milestone in vulnerability prioritization and attack surface management, empowering organizations wi.....»»
VMware patches critical flaws in ESXi, Workstation, Fusion and Cloud Foundation
VMware has fixed four vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255) in ESXi, Workstation, Fusion and Cloud Foundation, some of which could allow attackers to escape the sandbox and execute code on the host machine......»»
VMware sandbox escape bugs are so critical, patches are released for end-of-life products
VMware ESXi, Workstation, Fusion, and Cloud Foundation all affected. Enlarge (credit: Getty Images) VMware is urging customers to patch critical vulnerabilities that make it possible for hackers to break out of sandbox a.....»»
IONIX Exposure Validation identifies and prioritizes exploitable vulnerabilities
IONIX announced a significant extension to its Attack Surface Management (ASM) platform, Automated Exposure Validation. Customers of IONIX can now benefit from Exposure Validation capabilities for continuous exploitability testing on production envir.....»»
Apple fixes two actively exploited iOS zero-days (CVE-2024-23225, CVE-2024-23296)
Apple has fixed two iOS zero-day vulnerabilities (CVE-2024-23225, CVE-2024-23296) exploited by attackers in the wild. CVE-2024-23225 and CVE-2024-23296 On Tuesday, Apple released security updates for all three supported branches of iOS and iPadOS. iO.....»»
PSA: X audio and video calls probably don’t use strong encryption
Why is the image above blurred? Regain clarity with CleanMyPhone by MacPaw — the new AI-powered cleaning app that quickly identifies and removes blurred images, screenshots, and other clutter from your device. Download it now with a free trial......»»
Secure your hybrid workforce: The advantages of encrypted storage
In this Help Net Security video, Ryan Amparo, Field Application Engineer at Kingston Technology, discusses the benefits of encrypted external SSDs and USBs for hybrid workforces. He talks about the differences between software and hardware encryption.....»»
Organizations are knowingly releasing vulnerable applications
92% of companies had experienced a breach in the prior year due to vulnerabilities of applications developed in-house, according to Checkmarx. AppSec managers and developers share application security duties In recent years the responsibility for app.....»»
Hackers exploited Windows 0-day for 6 months after Microsoft knew of it
Technically, Microsoft doesn't consider such bugs as vulnerabilities. It patched it anyway. Enlarge (credit: Getty Images) Hackers backed by the North Korean government gained a major win when Microsoft left a Windows ze.....»»
Silobreaker enhances threat intelligence platform with MITRE ATT&CK TTP detection capabilities
Silobreaker announced an integration with MITRE ATT&CK Matrix for Enterprise, Industrial Control Systems (ICS) and Mobile, to help organizations better understand threats associated with malware, threat actors and industries. This latest enhancement.....»»
Bitwarden Secrets Manager integrates with Ansible Playbook
Bitwarden enhanced Bitwarden Secrets Manager by integrating with Ansible Playbook. This out-of-the-box integration enables developers and DevOps teams to securely streamline their server deployment processes using zero knowledge end-to-end encryption.....»»
White House: Use memory-safe programming languages to protect the nation
The White House is asking the technical community to switch to using memory-safe programming languages – such as Rust, Python, Swift, C#, Java, and Go – to prevent memory corruption vulnerabilities from entering the digital ecosystem. Acc.....»»
Ends tonight: This Shark self-emptying robot vacuum is $200 off
The Shark Matrix RV2320S, a self-emptying robot vacuum that will keep your floors clean, is available from Best Buy with a $200 discount, but not for long......»»
ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708)
The recently patched vulnerabilities (CVE-2024-1709, CVE-2024-1708) in ConnectWise ScreenConnect software are being exploited by numerous attackers to deliver a variety of malicious payloads. About ConnectWise ScreenConnect ConnectWise ScreenConnect.....»»
CVE count set to rise by 25% in 2024
The report from Coalition indicates an anticipated 25% rise in the total count of published common vulnerabilities and exposures (CVEs) for 2024, reaching 34,888 vulnerabilities, equivalent to approximately 2,900 per month. Sharp CVE increase heighte.....»»
Squishy Circuits: The Soft Matrix
Make soft touch pads and panels in conductive fabric to control wearables, LEDs, and more The post Squishy Circuits: The Soft Matrix appeared first on Make: DIY Projects and Ideas for Makers......»»