Menu

Blog

Archive for the ‘security’ category: Page 7

Aug 27, 2024

Google Warns of CVE-2024–7965 Chrome Security Flaw Under Active Exploitation

Posted by in category: security

Google patches CVE-2024–7965, an actively exploited Chrome vulnerability, urging users to update for security.

Aug 22, 2024

Prof. Dr. Dan Blumberg — VP, Regional & Industrial Development, Ben-Gurion University of the Negev

Posted by in categories: alien life, satellites, security

Planetary Science Innovation For All Humanity — Professor Dr. Dan Blumberg Ph.D. — Vice-President for Regional and Industrial Development — Ben-Gurion University of the Negev — Chair, Israel Space Agency.


Professor Dr. Dan Blumberg, Ph.D. is the Vice-President for Regional and Industrial Development at Ben-Gurion University of the Negev (BGU — https://www.blumberg.bgu.ac.il/), an elected Member of the International Academy of Astronautics, and Chair of the Israel Space Agency (https://www.space.gov.il/en), a position he was appointed to by the Ministry of Innovation, Science and Technology (https://www.gov.il/en/departments/min…) in 2022.

Continue reading “Prof. Dr. Dan Blumberg — VP, Regional & Industrial Development, Ben-Gurion University of the Negev” »

Aug 21, 2024

Democratizing AI With Edge Computing: Putting Intelligence In Every Device

Posted by in categories: business, robotics/AI, security

Despite these challenges, the potential rewards of edge AI are driving innovation in model optimization, device management and security solutions. As these advancements continue, the barriers to edge AI deployment are gradually being lowered, paving the way for its widespread adoption across industries.

Ultimately, edge computing democratizes AI by removing it from complex, costly cloud execution and moving it to the local, accessible devices companies already own and use. This means that small and medium-sized businesses can gain access to tools previously reserved for much larger companies.

As we move forward, AI in business and edge computing are intertwined. The ebb and flow of progress is already noticeable in edge computing applications, and AI will continue this trajectory. As edge devices become more powerful, the proliferation of intelligent applications that operate seamlessly at the edge will transform industries.

Aug 21, 2024

GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk

Posted by in category: security

A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks.

The flaw, tracked as CVE-2024–5932 (CVSS score: 10.0), impacts all versions of the plugin prior to version 3.14.2, which was released on August 7, 2024. A security researcher, who goes by the online alias villu164, has been credited with discovering and reporting the issue.

The plugin is “vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the ‘give_title’ parameter,” Wordfence said in a report this week.

Aug 21, 2024

Computer scientists discover vulnerabilities in a popular security protocol

Posted by in categories: computing, internet, security

A widely used security protocol that dates back to the days of dial-up internet has vulnerabilities that could expose large numbers of networked devices to an attack and allow an attacker to gain control of traffic on an organization’s network.

A research team led by University of California San Diego computer scientists investigated the Remote Authentication Dial-In User Service (RADIUS) protocol and found a vulnerability they call Blast-RADIUS that has been present for decades. RADIUS, designed in 1991, allows networked devices such as routers, switches or mobile roaming gear to use a to validate login or other credentials.

This is a common set-up in enterprise and because it allows credentials to be centrally managed. As a result, RADIUS is a critical part of modern telecommunications and enterprise networks; in large enterprises, it may control access to tens of thousands of switches.

Aug 20, 2024

August Windows updates break dual boot on some Linux systems

Posted by in categories: computing, security

According to user reports following this month’s Patch Tuesday, the August 2024 Windows updates are breaking dual boot on Linux systems with Secure Boot enabled.

This issue is caused by Microsoft’s decision to apply a Secure Boot Advanced Targeting (SBAT) update to block Linux boot loaders unpatched against the CVE-2022–2601 GRUB2 Secure Boot bypass vulnerability, which could “have an impact on Windows security.”

“The vulnerability assigned to this CVE is in the Linux GRUB2 boot loader, a boot loader designed to support Secure Boot on systems that are running Linux,” Microsoft says in an advisory published last week to address this issue.

Aug 15, 2024

Linux Kernel Vulnerabilities Expose Systems to Privilege Escalation: Flaws Detailed and Exploit Code Released

Posted by in categories: computing, security

Security researchers disclosed PoC exploit codes for three vulnerabilities (CVE-2023–4206, CVE-2023–4207, and CVE-2023–4208) in the Linux kernel, impacting versions v3.18-rc1 to v6.5-rc4. These “use-after-free” vulnerabilities within the net/sched component could allow local privilege escalation, enabling attackers to gain unauthorized control over affected systems. The vulnerabilities have been given a CVSS score of 7.8, indicating their high severity.

Aug 15, 2024

Novel light transport model improves X-ray phase contrast imaging

Posted by in categories: biotech/medical, security, transportation

Researchers at the University of Houston unveiled an advancement in X-ray imaging technology that could provide significant improvements in medical diagnostics, materials and industrial imaging, transportation security and other applications.

Aug 14, 2024

Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Days

Posted by in category: security

Microsoft on Tuesday shipped fixes to address a total of 90 security flaws, including 10 zero-days, of which six have come under active exploitation in the wild.

Of the 90 bugs, seven are rated Critical, 79 are rated Important, and one is rated Moderate in severity. This is also in addition to 36 vulnerabilities that the tech giant resolved in its Edge browser since last month.

The Patch Tuesday updates are notable for addressing six actively exploited zero-days.

Aug 14, 2024

Critical Flaw in Ivanti Virtual Traffic Manager Could Allow Rogue Admin Access

Posted by in categories: neuroscience, security

Ivanti releases critical security updates for vTM and Neurons for ITSM to fix vulnerabilities allowing unauthorized access. Update immediately.

Page 7 of 148First4567891011Last