Serious vulnerabilities in Matrix’s end-to-end encryption are being patched
Previously overlooked flaws allow malicious homeservers to decrypt and spoof messages. Enlarge (credit: matrix.org) Developers of the open source Matrix messenger protocol are releasing an update on Thursday to fix critical en.....»»
Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802)
September 2023 Patch Tuesday is here, with fixes for actively exploited vulnerabilities in Adobe Acrobat and Reader (CVE-2023-26369), Microsoft Word (CVE-2023-36761), and Microsoft Streaming Service Proxy (CVE-2023-36802). Microsoft vulnerabilities o.....»»
Swissbit introduces iShield Archive memory card that protects sensitive information
With ‘iShield Archive’, Swissbit introduces a new microSD card designed for encryption and access protection of video and image records, expanding the Swissbit iShield product line for plug-and-play security solutions. The card is intended partic.....»»
New quantum random number generator could revolutionize encryption
Digital information exchange can be safer, cheaper and more environmentally friendly with the help of a new type of random number generator for encryption developed at Linköping University. Experimental setup of the quantum random number generator......»»
Apple patches two zero-days under attack (CVE-2023-41064, CVE-2023-41061)
Apple has patched two zero-day vulnerabilities (CVE-2023-41064, CVE-2023-41061) exploited to deliver NSO Group’s Pegasus spyware. “The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any inte.....»»
PallyCon DRM License Cipher protects users against software-level DRM vulnerabilities
PallyCon has introduced a new feature called PallyCon DRM License Cipher, designed to address vulnerabilities in software-level DRM solutions. In today’s digital era, the protection of digital content is more crucial than ever. Digital Rights M.....»»
Exploit that delivered Pegasus spyware patched in iOS 16.6.1 update
Apple's operating system updates on Thursday patched an exploit chain capable of compromising iOS 16.6 devices with the Pegasus spyware without any interaction from the victim.The exploit was discovered on an iPhone owned by an individual employed by.....»»
Exploit patched in iOS 16.6.1 update delivered Pegasus spyware
Apple's operating system updates on Thursday patched an exploit chain capable of compromising iOS 16.6 devices with the Pegasus spyware without any interaction from the victim.The exploit was discovered on an iPhone owned by an individual employed by.....»»
UK tries to claim it hasn"t backed down on encryption at all
Despite introducing a clause that means its Online Safety Bill is no longer a concern for Apple, Whatsapp, or users, the UK government is insisting with a straight face that it's still exactly as tough on Big Tech as before.UK Houses of ParliamentOn.....»»
How China gets free intel on tech companies’ vulnerabilities
If your company operates in China, it must reveal all hackable bugs to government. Enlarge (credit: Wired staff; Getty Images) For state-sponsored hacking operations, unpatched vulnerabilities are valuable ammunition. In.....»»
Why end-to-end encryption matters
In this Help Net Security video, Kayne McGladrey, IEEE Senior Member and Field CISO at Hyperproof, discusses end-to-end encryption (E2EE). E2EE ensures that only two parties – a sender and a receiver – can access data, and helps to protect consum.....»»
Apple offers security researchers specialized iPhones to tinker with
Apple is inviting security researchers to apply for the Apple Security Research Device Program (SRDP) again, to discover vulnerabilities and earn bug bounties. Apple started the Apple SRDP in 2019. In the intervening years, participating researchers.....»»
Ransomware hackers target major Citrix NetScaler flaw
Flaw was patched a month ago, but there are still vulnerable endpoints that can be targeted......»»
Apple invites researchers to apply to the 2024 iPhone Security Research Device Program
The iPhone Security Research Device Program allows researchers to work with Apple directly in discovering vulnerabilities while still receiving bounty payments. Sign-ups are open through October 31.Security Research DeviceApple launched the iPhone Se.....»»
VMware fixes critical vulnerability in Aria Operations for Networks (CVE-2023-34039)
VMware has patched one critical (CVE-2023-34039) and one high-severity vulnerability (CVE-2023-20890) in Aria Operations for Networks, its popular enterprise network monitoring tool. About the vulnerabilities (CVE-2023-34039, CVE-2023-20890) CVE-2023.....»»
Tanium Vulnerability Risk and Compliance for ServiceNow accelerates security investigations
Tanium announced Tanium Vulnerability Risk and Compliance for ServiceNow – a new solution enabling ServiceNow customers to identify security risks from vulnerabilities and non-compliant configurations and remediate all from within the ServiceNow pl.....»»
A dynamic matrix with DNA-encoded viscoelasticity to support the development of organoids and other biological tissues
Over the past few decades, material scientists and chemists have been working on designing increasingly sophisticated materials for a wide range of technological and scientific applications. These materials include synthetic polymers and hydrogels th.....»»
The new spreadsheet? OpenAI introduces ChatGPT Enterprise for businesses
Unlimited GPT-4, encryption, 32K context, and more. Will it become an essential tool? Enlarge (credit: Getty Images) On Monday, OpenAI introduced ChatGPT Enterprise, an AI assistant aimed at businesses that offers unlimi.....»»
PoC for no-auth RCE on Juniper firewalls released
Researchers have released additional details about the recently patched four vulnerabilities affecting Juniper Networks’ SRX firewalls and EX switches that could allow remote code execution (RCE), as well as a proof-of-concept (PoC) exploit. Ju.....»»
Researchers find worrying vulnerabilities in key 6G technology
Metasurface-based attacks could let hackers intercept wireless interactions......»»
3 Reasons Why Linux is the Best Choice to Achieve Optimal System Security
With technological advancements, hackers are becoming increasingly adept at identifying vulnerabilities and gaps in security systems. This makes unauthorized access to secure data and files prevalent, underscoring the critical importance of robust ap.....»»