Bog Is the Rubber-Suit Monster Movie You Never Knew You Needed
For an ultra low-budget movie about a monster in a lake terrorizing a small town, 1979’s Bog is quirky enough to make it notable and charmingly bad enough to make it thoroughly entertaining. Its highlights include a script stuffed with howlers and a fish-man costume that looks like a middle-school art project.
E Ink’s New Color E-Paper Looks Almost as Good as LCD Screens
With the first E Ink devices having debuted almost two decades ago, it’s been a long road transitioning the technology from black and white to color. But yesterday, E Ink revealed some tantalizing details on its latest color electronic paper panels, Spectra 6, with color reproduction that looks almost as good as what…
Tuberculosis-Infected Woman Still Going Out in Public Despite Arrest Warrant
A Washington woman with acute tuberculosis remains free despite having an arrest warrant filed against her. She was diagnosed over a year ago and has continued to refuse treatment or to isolate herself from others while contagious. Local health officials are expected to once again obtain a court order on Friday.
Andor’s Most Uncomfortable Costume Is Star Wars Celebration’s Hottest Cosplay
Star Wars fans will cosplay anything from the galaxy far, far away, especially at Star Wars Celebration, where you’re going to be among an audience that will get any obscure reference. But just one day into the 2023 con, one look dominates all: Andor’s prison getup.
News & Updates
CISA Adds Five Known Exploited Vulnerabilities to Catalog
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
- CVE-2021-27876 Veritas Backup Exec Agent File Access Vulnerability
- CVE-2021-27877 Veritas Backup Exec Agent Improper Authentication Vulnerability
- CVE-2021-27878 Veritas Backup Exec Agent Command Execution Vulnerability
- CVE-2019-1388 Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability
- CVE-2023-26083 Arm Mali GPU Kernel Driver Information Disclosure Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view other newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column—which will sort by descending dates.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
News & Updates
Microsoft, Fortra & Health-ISAC Team Up to Remove Illicit Cobalt Strike Tools
The effort aims to disrupt the use of altered Cobalt Strike software by cybercriminals in ransomware and other attacks.
Cybersecurity Tools
Best Patch Management Practices to Follow to Keep Your Business Secured
Patch management is an essential practice for businesses to maintain the security and stability of their IT infrastructure. Patches are released by software vendors to fix vulnerabilities and enhance performance, and failing to manage these patches can lead to security breaches and system failures. In this article, we will be discussing what are the best […]
The post Best Patch Management Practices to Follow to Keep Your Business Secured appeared first on Heimdal Security Blog.
News & Updates
Attackers Use Old YouTube Feature in Phishing Attack to Send Messages from Legitimate Email
A new phishing campaign using a YouTube feature that helps attackers send emails
from a valid email has been making the rounds. Google is already investigating
the issue, and our telemetry shows the phishing campaign is live.
from a valid email has been making the rounds. Google is already investigating
the issue, and our telemetry shows the phishing campaign is live.
Spam filters can quickly determine if an email is part of a phishing campaign,
and one way to do that is by looking at the email address that sent the message.
While a spoofed address might trick a user by looking like a real one, the
server won’t make the same mistake.
N
News & Updates
TikTok, Other Mobile Apps Violate Privacy Regulations
App developers are ignoring laws and guidelines regulating data protection measures aimed at minors, putting their monetization plans in jeopardy and risking user trust.