Feb 01, 2024NewsroomVulnerability / Software Update The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and watchOS to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2022-48618 (CVSS score: 7.8), concerns a bug in the kernel component. […]
Last updated 31 January, 2024 There are certain “thresholds” in DJing – skills that once you cross the boundary, there’s no going back. Beatmixing, scratching, keymixing – and we can definitely add “DJing with acapellas” to that list. There is literally nothing like fitting an acapella perfectly over an instrumental, especially when the acapella is […]
Jan 31, 2024NewsroomSoftware Security / Linux Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage follow-on attacks. The vulnerabilities, tracked as CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653, have been collectively dubbed Leaky Vessels by cybersecurity vendor Snyk. […]
Astera Labs is sampling a new cable to expand GPU clustering for AI workloads, linking multiple racks together and spreading out heat output and energy usage. The Aries PCIe and Compute Express Link (CXL) Smart Cable Modules (SCMs) use copper cabling to more than double the PCIe 5.0 signal reach from 3 meters to 7 […]
Jan 31, 2024NewsroomCryptocurrency / Cybersecurity A financially motivated threat actor known as UNC4990 is leveraging weaponized USB devices as an initial infection vector to target organizations in Italy. Google-owned Mandiant said the attacks single out multiple industries, including health, transportation, construction, and logistics. “UNC4990 operations generally involve widespread USB infection followed by the deployment of […]
This post is also available in: 日本語 (Japanese) Executive Summary Unit 42 researchers discovered a large-scale campaign we call ApateWeb that uses a network of over 130,000 domains to deliver scareware, potentially unwanted programs (PUPs) and other scam pages. Among these PUPs, we have identified several adware programs including a rogue browser and different browser […]
Data leak at fintech giant Direct Trading Technologies Pierluigi Paganini January 31, 2024 Sensitive data and trading activity of over 300K traders leaked online by international fintech firm Direct Trading Technologies. Direct Trading Technologies, an international fintech company, jeopardized over 300K traders by leaking their sensitive data and trading activity, thereby putting them at risk […]
The Bristol legend takes us on a tour of the Wonder Palace For the 18th century poet and visionary William Blake, the road of excess led to the palace of wisdom. In the case of 21st century jungle/d&b producer Krust, it took him all the way to Zanzibar, and the palace of wonder. In our […]
Jan 31, 2024NewsroomVulnerability / Zero Day Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild. The list of vulnerabilities is as follows – CVE-2024-21888 (CVSS score: 8.8) – A privilege escalation vulnerability in the […]