What you need before the next vulnerability hits
Cyberattacks tend to come from two angles: criminals take advantage of employees with privileged access or of security weaknesses in your hardware/software infrastructure. These broad categories encompass attack vectors such as phishing, man-in-the-m.....»»
Apache HugeGraph-Server flaw actively exploited, CISA warns
The vulnerability has been patched months ago, but now federal agencies have a deadline to patch......»»
Huawei "super fans" annoyed at lack of supply as $2,800 phone hits China stores
Huawei "super fans" annoyed at lack of supply as $2,800 phone hits China stores.....»»
Nintendo Switch 2 mania hits fever pitch with the internet dissecting allegedly "leaked" images of the new console
Nintendo Switch 2 mania hits fever pitch with the internet dissecting allegedly "leaked" images of the new console.....»»
Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488)
Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity’s Safeguard for Privileged Passwords (SPP), which could allow attackers to gain full administrative access t.....»»
Hawaii hikers report exploding guts as norovirus outbreak hits famous trail
First the Grand Canyon, now an eruption around the Grand Canyon of the Pacific. Enlarge / The Kalalau Valley between sheer cliffs in the Na Pali Coast State Park on the western shore of the island of Kauai in Hawaii, United State.....»»
China hits 9 US firms with property freeze over weapons sales to Taiwan
China hits 9 US firms with property freeze over weapons sales to Taiwan.....»»
Brazil"s farmers fret over fires and drought
Sugarcane farmer Marcos Meloni is still haunted by his battle last month to fight the flames on his land, as the double-edged disaster of fires and drought hits Brazil's agricultural sector hard......»»
Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)
CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering render web pages on Windows – “was exploited as a part of an attack chain relating to CVE-2024-38112, prior.....»»
Week in review: Veeam Backup & Replication RCE could soon be exploited, Microsoft fixes 4 0-days
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711) CVE-2024-40711, a critical vulnerability affecting Ve.....»»
Hanoi river level hits 20-year high as SE Asia typhoon toll nears 200
Residents of Vietnam's capital waded through waist-deep water Wednesday as river levels hit a 20-year high and the toll from the area's strongest typhoon in decades rose to at least 179, with neighboring nations also enduring deadly flooding and land.....»»
The best Apple iPhone 16 Pro cases for 2024
The Apple iPhone 16 Pro hits the shelves later this week. If you're planning on buying one right away, you should consider one of these cases......»»
AirPods Pro hearing aid upgrade hits stocks of major brands
Apple’s announcement of the new AirPods Pro hearing aid feature has triggered a fall in the stock value of major standalone hearing aid brands. The Cupertino company had long been expected to add hearing aid features to AirPods, and Monday’s e.....»»
Tenable AI Aware provides exposure insight into AI applications, libraries and plugins
Tenable released AI Aware, advanced detection capabilities designed to surface artificial intelligence solutions, vulnerabilities and weaknesses available in Tenable Vulnerability Management. Tenable AI Aware provides exposure insight into AI applica.....»»
CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766)
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-40766 – a recently fixed improper access control vulnerability affecting SonicWall’s firewalls – to its Known Exploited Vulnerabilities catalog, thus.....»»
Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342)
Users of Zyxel network-attached storage (NAS) devices are urged to implement hotfixes addressing a critical and easily exploited command injection vulnerability (CVE-2024-6342). About CVE-2024-6342 Zyxel NAS devices are generally used by small to med.....»»
Tech stack uniformity has become a systemic vulnerability
Crashes due to faulty updates are nothing new; in fact, one reason IT teams often delay updates is their unreliability and tendency to disrupt the organization’s day-to-day operations. Zero-days are also an old phenomenon. In the past, due to a lac.....»»
Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711)
CVE-2024-40711, a critical vulnerability affecting Veeam Backup & Replication (VBR), could soon be exploited by attackers to steal enterprise data. Discovered and reported by Code WHite researcher Florian Hauser, the vulnerability can be leveraged fo.....»»
Week in review: Vulnerability allows Yubico security keys cloning, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Vulnerability allows Yubico security keys to be cloned Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware se.....»»
Deadly Super Typhoon Yagi hits Vietnam
Super Typhoon Yagi uprooted thousands of trees and swept ships and boats out to sea, killing one person, as it made landfall in northern Vietnam Saturday, after blowing past southern China where it left two dead......»»
ChemCam hits 1 million laser shots on Mars since 2012
The ChemCam instrument, developed at Los Alamos National Laboratory, recently zapped its laser for the 1 millionth time on Mars. Sitting on top of NASA's Curiosity rover, ChemCam has been helping make groundbreaking discoveries since 2012......»»