In 2017, Hulu made television history by becoming the first streaming network to win the Emmy Award for Outstanding Drama Series, thanks to the phenomenon that was The Handmaid’s Tale. While Netflix has largely cornered the streaming market on original movies—and even managed to persuade A-listers like Guillermo del Toro, Alfonso Cuarón, and Martin Scorsese to come aboard—Hulu is starting to […]
“Test files” associated with the XZ Utils backdoor have made their way to a Rust crate known as liblzma-sys, new findings from Phylum reveal. liblzma-sys, which has been downloaded over 21,000 times to date, provides Rust developers with bindings to the liblzma implementation, an underlying library that is part of the XZ Utils data compression […]
Mar 14, 2024NewsroomContainer Security / Vulnerability Details have been made public about a now-patched high-severity flaw in Kubernetes that could allow a malicious attacker to achieve remote code execution with elevated privileges under specific circumstances. “The vulnerability allows remote code execution with SYSTEM privileges on all Windows endpoints within a Kubernetes cluster,” Akamai security researcher […]
New information made public by the state of California shows that a significant portion of data brokers collect and sell sensitive information on topics like reproductive health, as well as data belonging to children. Out of 480 data brokers registered with the California Privacy Protection Agency (CPPA), 24 indicated they sell data belonging to minors. […]
Mar 11, 2024NewsroomNetwork Security / Vulnerability Technical specifics and a proof-of-concept (PoC) exploit have been made available for a recently disclosed critical security flaw in Progress Software OpenEdge Authentication Gateway and AdminServer, which could be potentially exploited to bypass authentication protections. Tracked as CVE-2024-1403, the vulnerability has a maximum severity rating of 10.0 on the […]
The company attributed the infection to software adjustments made by developers to reduce boot times, which inadvertently affected network settings and omitted digital signatures.
The FCC has revealed the unanimous adoption of a Declaratory Ruling that recognizes calls made with AI-generated voices are “artificial” under the Telephone Consumer Protection Act (TCPA). The ruling, which takes effect immediately, makes voice cloning technology used in common robocall scams targeting consumers illegal. This would give State Attorneys General across the country new […]
The threat actors behind the KV-botnet made “behavioral changes” to the malicious network as U.S. law enforcement began issuing commands to neutralize the activity. KV-botnet is the name given to a network of compromised small office and home office (SOHO) routers and firewall devices across the world, with one specific cluster acting as a covert […]
Jan 11, 2024NewsroomCybersecurity / Software Security The ubiquity of GitHub in information technology (IT) environments has made it a lucrative choice for threat actors to host and deliver malicious payloads and act as dead drop resolvers, command-and-control, and data exfiltration points. “Using GitHub services for malicious infrastructure allows adversaries to blend in with legitimate network […]