X.Org Server Hit By New Local Privilege Escalation, Remote Code Execution Vulnerabilities
Getting things started for this "Patch Tuesday" are the disclosure of two new X.Org Server vulnerabilities. Phoronix reports: These issues affecting out-of-bounds accesses with the X.Org Server can lead to local privilege elevation on systems where t.....»»
Secureworks enables users to view known vulnerabilities in the context of threat data
Secureworks announced the ability to integrate vulnerability risk context with threat detection to prevent attackers from exploiting known vulnerabilities and expedite response times, improving an organization’s security posture. The integration be.....»»
AI set to play key role in future phishing attacks
A staggering increase in QR code phishing (quishing) attacks during 2023 saw them skyrocket up the list of concerns for cyber teams globally, according to Egress. Attacks were both prolific and highly successful, demonstrating how cybercriminals effe.....»»
Apple Silicon might get used for AI chips in server farms
A new rumor claims that Apple will use TSMC's 3nm technology for an AI server processor that it is designing alongside its iPhone and Mac chips.It's already known that TSMC has been developing 3 nanometer processors, and believed that Apple has bough.....»»
Rumored new 4K Chromecast may fix long-standing storage issues
It's still $50, would have a new remote, and will hopefully not have 8GB of storage. Enlarge / The 2020 4K Chromecast with Google TV. It comes in colors. (credit: Google) It sounds like Google is cooking up another Goo.....»»
Understanding the spread of behavior: How long-tie connections accelerate the speed of social contagion
Human beings are likely to adopt the thoughts, beliefs, and behaviors of those around them. Simple decisions like what local store is best to shop at to more complex ones like vaccinating a child are influenced by these behavior patterns and social d.....»»
New evidence found for Planet 9
A small team of planetary scientists from the California Institute of Technology, Université Côte d'Azur and Southwest Research Institute reports possible new evidence of Planet 9. They have published their paper on the arXiv preprint server, and i.....»»
Observations explore globular cluster system in the galaxy NGC 4262
Using the Canada-France-Hawaii Telescope (CFHT), Indian astronomers have performed wide and deep field observations of a polar ring galaxy known as NGC 4262. Results of the observational campaign, published April 15 on the pre-print server arXiv, she.....»»
North Korea is evading sanctions by animating Max and Amazon shows
Thousands of exposed files on North Korean server tell the tale. Enlarge (credit: Aurich Lawson / Getty) For almost a decade, Nick Roy has been scanning North Korea’s tiny Internet presence, spotting new websites comin.....»»
MITRE breached by nation-state threat actor via Ivanti zero-days
MITRE has been breached by attackers via two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Ivanti’s Connect Secure VPN devices. The attackers have also managed to move laterally and compromise the company network’s VMware i.....»»
How to optimize your bug bounty programs
In this Help Net Security interview, Roy Davis, Manager – Vulnerability Management & Bug Bounty at Zoom, discusses the role bug bounty programs play in identifying security vulnerabilities and facilitating collaboration with researchers. He off.....»»
How One Corporation Is Cashing In on America’s Drought
In an unprecedented deal, a private company purchased land in a tiny Arizona town—and sold its water rights to a suburb 200 miles away. Local residents fear the agreement has “opened Pandora’s box.”.....»»
Planned "mass execution" of geese in Conn. city paused after outpouring of passionate input on both sides
Tears, shouts and interruptions marked residents' comments Wednesday night over a proposal to exterminate geese in Bristol, Conn., parks......»»
Seeing is believing: Scientists reveal connectome of the fruit fly visual system
Janelia scientists and collaborators have reached another milestone in connectomics, unveiling a comprehensive wiring diagram of the fruit fly visual system. The work has been released on the pre-print server bioRxiv......»»
Indonesia on alert for more eruptions at remote volcano
Indonesian authorities were on alert Friday for more eruptions from a remote island volcano that forced thousands to evacuate this week, as nearby residents began clearing debris after molten rocks rained down on their villages......»»
Asbestos in playground mulch—how to avoid a repeat of this circular economy scandal
Asbestos has been found in mulch used for playgrounds, schools, parks and gardens across Sydney and Melbourne. Local communities naturally fear for the health of their loved ones. Exposure to asbestos is a serious health risk—depending on its inten.....»»
Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)
The newest version of Ivanti Avalanche – the company’s enterprise mobile device management (MDM) solution – carries fixes for 27 vulnerabilities, two of which (CVE-2024-29204, CVE-2024-24996) are critical and may allow a remote unau.....»»
92% of enterprises unprepared for AI security challenges
Most industries continue to run almost two or more months behind in patching software vulnerabilities, endpoints remain vulnerable to threats, and most enterprise PCs must be replaced to support AI-based technologies, according to the Absolute Securi.....»»
Billions of public Discord messages may be sold through a scraping service
Cross-server tracking suggests a new understanding of "public" chat servers. Enlarge (credit: Getty Images) It's easy to get the impression that Discord chat messages are ephemeral, especially across different public ser.....»»
How to format the microSD card on Tapo security cameras
If you want to use local storage on your Tapo device, you'll need to figure out how to format your microSD card. Here's a look at how the process works......»»
Damn Vulnerable RESTaurant: Open-source API service designed for learning
Damn Vulnerable RESTaurant is an open-source project that allows developers to learn to identify and fix security vulnerabilities in their code through an interactive game. “I wanted to create a generic playground for ethical hackers, developer.....»»