SSH vulnerability exploitable in Terrapin attacks (CVE-2023-48795)
Security researchers have discovered a vulnerability (CVE-2023-48795) in the SSH cryptographic network protocol that could allow an attacker to downgrade the connection’s security by truncating the extension negotiation message. The Terrapin at.....»»
5 best Hulu movies to stream on Labor Day
From an overlooked 2023 thriller to a now-classic 2017 film, these five Hulu movies are the best options to watch on Labor Day......»»
We gave this TV a 10 out of 10, and it’s on sale today
Own one of the best Sony TVs of 2023 for $200 less. Take home the Sony 65-inch A95L for $3,300 when you purchase through Best Buy......»»
NASA makes a very tough decision in setting final Crew-9 assignments
"I am deeply proud of our entire crew." Enlarge / Nick Hague, left, and Zena Cardman train inside a Crew Dragon spacecraft mock-up in November 2023. (credit: NASA) On Friday NASA publicly announced a decision that has r.....»»
Study reveals key strategies to combat urban heat vulnerability
A QUT study analyzing five decades of research and thousands of studies has identified five critical areas needed to tackle urban heat vulnerability (UHV), a growing issue impacting millions in increasingly heat-prone cities......»»
Toyota recalls over 45,000 vehicles due to risk of tow hitch detachment
Increased warranty claims alerted Toyota of potential issues with their 2023-24 Sequoia Hybrids......»»
A macro look at the most pressing cybersecurity risks
Forescout’s 2024H1 Threat Review is a new report that reviews the current state of vulnerabilities, threat actors, and ransomware attacks in the first half of 2024 and compares them to H1 2023. “Attackers are looking for any weak point to bre.....»»
Scientists discover how starfish get "legless"
Researchers at Queen Mary University of London have made a discovery about how starfish manage to survive predatory attacks by shedding their own limbs. The team has identified a neurohormone responsible for triggering this remarkable feat of self-pr.....»»
Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites
Suspected Russian hackers have been hitting iPhone and Android users visiting government websites with exploits first leveraged by commercial surveillance vendors, Google TAG researchers shared. The watering hole campaigns Between November 2023 and J.....»»
RISCPoint RADAR provides real-time vulnerability detection across multiple attack surfaces
RISCPoint Advisory Group launched RADAR, an all-in-one cybersecurity platform. Combining continuous threat discovery with expert-led Penetration Testing as a Service (PTaaS), RADAR represents a significant leap forward in proactive security and risk.....»»
Third-party risk management is under the spotlight
In the aftermath of the CrowdStrike IT outage, new research has uncovered a critical vulnerability within financial institutions regarding supply chain resilience. The outage has demonstrated the need for greater digital supply chain resilience, part.....»»
Why ransomware attackers target Active Directory
Ransomware attacks have surged 78% year-over-year, affecting various sectors and organizations and significantly impacting supply chains. In this Help, Net Security video, Craig Birch, Technology Evangelist, and Principal Security Engineer at Cayosof.....»»
This is the best cheap tablet deal this back to school season
The 2023 release of the Amazon Fire HD 10, a cheap but dependable tablet for students, is on sale for $90 after a $50 discount from both Amazon and Target......»»
Unpatchable 0-day in surveillance cam is being exploited to install Mirai
Vulnerability is easy to exploit and allows attackers to remotely execute commands. Enlarge (credit: Getty Images) Malicious hackers are exploiting a critical vulnerability in a widely used security camera to spread Mira.....»»
NASA study tallies carbon emissions from massive Canadian fires
Stoked by Canada's warmest and driest conditions in decades, extreme forest fires in 2023 released about 640 million metric tons of carbon, NASA scientists have found. That's comparable in magnitude to the annual fossil fuel emissions of a large indu.....»»
AuthenticID enhances Smart ReAuth to combat AI-based attacks and account takeovers
AuthenticID announced the newest release of Smart ReAuth. Smart ReAuth is a reauthentication solution that leverages a selfie to re-confirm an identity. First released in 2021, this enhanced version offers verifications in less than one second, with.....»»
Dragos Platform updates streamline OT threat and vulnerability workflows
Dragos announced the latest release of the Dragos Platform, an OT network visibility and cybersecurity platform. The updates provide industrial and critical infrastructure organizations with even deeper and enriched visibility into all assets in thei.....»»
AT&T 911 outage sees company fined $950k; yesterday’s outage now fixed
An AT&T 911 outage back in 2023 has seen the company fined almost a million dollars. The Federal Communications Commission (FCC) says that the carrier not only failed to provide adequate backup coverage, but also didn’t let 911 centers know what h.....»»
Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633)
Organizations using Fortra’s FileCatalyst Workflow are urged to upgrade their instances, so that attackers can’t access an internal HSQL database by exploiting known static credentials (CVE-2024-6633). “Once logged in to the HSQLDB,.....»»
APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)
ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was exploiting it to target East Asian countries. When examining the root cause, ESET d.....»»
BlackByte affiliates use new encryptor and new TTPs
BlackByte, the ransomware-as-a-service gang believed to be one of Conti’s splinter groups, has (once again) created a new iteration of its encryptor. “Talos observed some differences in the recent BlackByte attacks. Most notably, encrypte.....»»