Security News
A critical security flaw in the Rust standard library could be exploited to target Windows users and stage command injection attacks. The vulnerability, tracked as CVE-2024-24576, has a CVSS score...
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis...
Rew Appel shepherded a public comment-signed by twenty election cybersecurity experts, including myself-on best practices for ballot marking devices and vote tabulation. Hand-marked and hand-counted ballots remove the uncertainty introduced by use of electronic machinery and the ability of bad actors to exploit electronic vulnerabilities to remotely alter the results.
The Russia-linked threat actor known as Turla infected several systems belonging to an unnamed European non-governmental organization (NGO) in order to deploy a backdoor called TinyTurla-NG. "The...
A new denial-of-service attack dubbed 'Loop DoS' targeting application layer protocols can pair network services into an indefinite communication loop that creates large volumes of traffic. The attack is possible due to a vulnerability, currently tracked as CVE-2024-2169, in the implementation of the UDP protocol, which is susceptible to IP spoofing and does not provide sufficient packet verification.
A novel denial-of-service (DoS) attack vector has been found to target application-layer protocols based on User Datagram Protocol (UDP), putting hundreds of thousands of hosts likely at risk....
The U.S. Environmental Protection Agency (EPA) said it's forming a new "Water Sector Cybersecurity Task Force" to devise methods to counter the threats faced by the water sector in the country....
"Drinking water and wastewater systems are a lifeline for communities, but many systems have not adopted important cybersecurity practices to thwart potential cyberattacks," said EPA Administrator Michael S. Regan. The National Security Council and the Environmental Protection Agency have invited governors to a virtual meeting on March 21 to strengthen collaboration between government entities and water systems and establish a Water Sector Cybersecurity Task Force.
Fujitsu has confirmed that miscreants have compromised some of its internal computers, deployed malware, and may have stolen some customer information. "In a March 15 notice posted on its website, and translated from Japanese, the global tech giant said it had"confirmed the presence of malware on several of our company's work computers, and after conducting an internal investigation "Discovered that files containing personal information and customer information could be illegally taken out."