science and technology Enough to Convince Me to Convert to Satinism By cheezburger.com Published On :: Sun, 29 Jul 2012 06:00:00 -0700 Full Article satan satin ugly
science and technology Ultimate Pain By cheezburger.com Published On :: Fri, 25 Jan 2013 15:00:00 -0800 Full Article pain tampon
science and technology How is paper made from trees? By www.livescience.com Published On :: Tue, 12 Nov 2024 14:57:55 +0000 Plant-based paper has been used for thousands of years, but exactly how is it created from trees? Full Article Plants Planet Earth
science and technology Vampire bats have a really strange way of getting energy, scientists discover after putting them on treadmills By www.livescience.com Published On :: Tue, 12 Nov 2024 16:15:00 +0000 Vampire bats rely on amino acids from their blood diet to fuel their exercise, scientists discovered after observing the animals on tiny treadmills. Full Article Bats Animals Land Mammals
science and technology 2,600-year-old Celtic wooden burial chamber of 'outstanding scientific importance' uncovered by archaeologists in Germany By www.livescience.com Published On :: Tue, 12 Nov 2024 16:34:00 +0000 The discovery of an impeccably preserved Celtic burial chamber in southern Germany is a "stroke of luck for archaeology," scientists say. Full Article Archaeology
science and technology Pando, the world's largest organism, may have been growing nonstop since the 1st humans left Africa, study suggests By www.livescience.com Published On :: Tue, 12 Nov 2024 17:17:38 +0000 The clonal quaking aspen known as Pando is between 16,000 and 80,000 years old. Full Article Plants Planet Earth
science and technology Leonid meteor shower 2024: How to spot 'shooting stars' and 'fireballs' over the US this week By www.livescience.com Published On :: Tue, 12 Nov 2024 17:23:09 +0000 The Leonid meteor shower peaks in North America overnight from Nov. 17 to 18, with fast-moving fireballs possible in US skies. Full Article Space
science and technology Our ancestor Lucy may have used tools more than 3 million years ago By www.livescience.com Published On :: Tue, 12 Nov 2024 17:29:35 +0000 An analysis looking at the hand bones of australopithecines, apes and humans reveals that tool use likely evolved before the Homo genus arose. Full Article Archaeology
science and technology Extremely rare 'failed supernova' may have erased a star from the night sky without a trace By www.livescience.com Published On :: Tue, 12 Nov 2024 20:05:32 +0000 An artist's rendering of a black hole Full Article Black Holes Space Astronomy
science and technology Canada reports 1st local case of H5 bird flu By www.livescience.com Published On :: Tue, 12 Nov 2024 20:10:00 +0000 A teen in Canada may be the first person to catch an H5 bird flu virus within the country. Health officials are now working to confirm the diagnosis. Full Article Flu Health Viruses Infections & Disease
science and technology Should you shop on Prime Day, or wait for Black Friday? By www.livescience.com Published On :: Wed, 13 Nov 2024 00:00:00 +0000 Prime Day sees some pretty tempting deals and discounts on science gifts, but is it worth waiting for Black Friday to potentially save even more? Full Article Tech
science and technology Global carbon emissions reach new record high in 2024, with no end in sight, scientists say By www.livescience.com Published On :: Wed, 13 Nov 2024 00:01:00 +0000 There is a 50% chance that global warming will consistently exceed 1.5 degrees Celsius in the next six years, according to a new report. Full Article Climate Change Planet Earth
science and technology Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar By thehackernews.com Published On :: Sat, 02 Nov 2024 11:02:00 +0530 Did you know that advanced threat actors can infiltrate the identity systems of major organizations and extract sensitive data within days? It’s a chilling reality, becoming more common and concerning by the day. These attackers exploit vulnerabilities in SaaS and cloud environments, using compromised identities to move laterally within networks, causing widespread damage. Cybersecurity and IT Full Article
science and technology New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls By thehackernews.com Published On :: Mon, 04 Nov 2024 11:43:00 +0530 Cybersecurity researchers have discovered a new version of a well-known Android malware family dubbed FakeCall that employs voice phishing (aka vishing) techniques to trick users into parting with their personal information. "FakeCall is an extremely sophisticated Vishing attack that leverages malware to take almost complete control of the mobile device, including the interception of incoming Full Article
science and technology Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine By thehackernews.com Published On :: Mon, 04 Nov 2024 15:34:00 +0530 Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model (LLM) assisted framework called Big Sleep (formerly Project Naptime). The tech giant described the development as the "first real-world vulnerability" uncovered using the artificial intelligence (AI) agent. "We believe this is the first public example of an AI agent finding Full Article
science and technology Cyber Threats That Could Impact the Retail Industry This Holiday Season (and What to Do About It) By thehackernews.com Published On :: Mon, 04 Nov 2024 16:30:00 +0530 As the holiday season approaches, retail businesses are gearing up for their annual surge in online (and in-store) traffic. Unfortunately, this increase in activity also attracts cybercriminals looking to exploit vulnerabilities for their gain. Imperva, a Thales company, recently published its annual holiday shopping cybersecurity guide. Data from the Imperva Threat Research team’s Full Article
science and technology THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 - Nov 03) By thehackernews.com Published On :: Mon, 04 Nov 2024 16:58:00 +0530 This week was a total digital dumpster fire! Hackers were like, "Let's cause some chaos!" and went after everything from our browsers to those fancy cameras that zoom and spin. (You know, the ones they use in spy movies? ????️♀️) We're talking password-stealing bots, sneaky extensions that spy on you, and even cloud-hacking ninjas! ???? It's enough to make you want to chuck your phone in the ocean. Full Article
science and technology German Police Disrupt DDoS-for-Hire Platform dstat[.]cc; Suspects Arrested By thehackernews.com Published On :: Mon, 04 Nov 2024 17:32:00 +0530 German law enforcement authorities have announced the disruption of a criminal service called dstat[.]cc that made it possible for other threat actors to easily mount distributed denial-of-service (DDoS) attacks. "The platform made such DDoS attacks accessible to a wide range of users, even those without any in-depth technical skills of their own," the Federal Criminal Police Office (aka Full Article
science and technology Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning By thehackernews.com Published On :: Mon, 04 Nov 2024 19:38:00 +0530 Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited by a malicious actor to perform various actions, including denial-of-service, model poisoning, and model theft. "Collectively, the vulnerabilities could allow an attacker to carry out a wide-range of malicious actions with a single HTTP request, including Full Article
science and technology Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System By thehackernews.com Published On :: Tue, 05 Nov 2024 09:00:00 +0530 Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw in the Android Framework component that could result in unauthorized access to "Android/data," "Android/obb," and "Android/sandbox" directories, and their respective Full Article
science and technology Canadian Suspect Arrested Over Snowflake Customer Breach and Extortion Attacks By thehackernews.com Published On :: Tue, 05 Nov 2024 10:38:00 +0530 Canadian law enforcement authorities have arrested an individual who is suspected to have conducted a series of hacks stemming from the breach of cloud data warehousing platform Snowflake earlier this year. The individual in question, Alexander "Connor" Moucka (aka Judische and Waifu), was apprehended on October 30, 2024, on the basis of a provisional arrest warrant, following a request by the Full Article
science and technology Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages By thehackernews.com Published On :: Tue, 05 Nov 2024 11:03:00 +0530 An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to trick them into running cross-platform malware. The attack is notable for utilizing Ethereum smart contracts for command-and-control (C2) server address distribution, according to independent findings from Checkmarx, Phylum, and Socket published over the past few Full Article
science and technology Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices By thehackernews.com Published On :: Tue, 05 Nov 2024 15:04:00 +0530 Taiwanese network-attached storage (NAS) appliance maker Synology has addressed a critical security flaw impacting DiskStation and BeePhotos that could lead to remote code execution. Tracked as CVE-2024-10443 and dubbed RISK:STATION by Midnight Blue, the zero-day flaw was demonstrated at the Pwn2Own Ireland 2024 hacking contest by security researcher Rick de Jager. RISK:STATION is an " Full Article
science and technology Leveraging Wazuh for Zero Trust security By thehackernews.com Published On :: Tue, 05 Nov 2024 16:30:00 +0530 Zero Trust security changes how organizations handle security by doing away with implicit trust while continuously analyzing and validating access requests. Contrary to perimeter-based security, users within an environment are not automatically trusted upon gaining access. Zero Trust security encourages continuous monitoring of every device and user, which ensures sustained protection after Full Article
science and technology New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers By thehackernews.com Published On :: Tue, 05 Nov 2024 17:46:00 +0530 Over 1,500 Android devices have been infected by a new strain of Android banking malware called ToxicPanda that allows threat actors to conduct fraudulent banking transactions. "ToxicPanda's main goal is to initiate money transfers from compromised devices via account takeover (ATO) using a well-known technique called on-device fraud (ODF)," Cleafy researchers Michele Roviello, Alessandro Strino Full Article
science and technology FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions By thehackernews.com Published On :: Tue, 05 Nov 2024 22:45:00 +0530 The U.S. Federal Bureau of Investigation (FBI) has sought assistance from the public in connection with an investigation involving the breach of edge devices and computer networks belonging to companies and government entities. "An Advanced Persistent Threat group allegedly created and deployed malware (CVE-2020-12271) as part of a widespread series of indiscriminate computer intrusions designed Full Article
science and technology Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users By thehackernews.com Published On :: Wed, 06 Nov 2024 11:07:00 +0530 Google's cloud division has announced that it will enforce mandatory multi-factor authentication (MFA) for all users by the end of 2025 as part of its efforts to improve account security. "We will be implementing mandatory MFA for Google Cloud in a phased approach that will roll out to all users worldwide during 2025," Mayank Upadhyay, vice president of engineering and distinguished engineer at Full Article
science and technology South Korea Fines Meta $15.67M for Illegally Sharing Sensitive User Data with Advertisers By thehackernews.com Published On :: Wed, 06 Nov 2024 12:28:00 +0530 Meta has been fined 21.62 billion won ($15.67 million) by South Korea's data privacy watchdog for illegally collecting sensitive personal information from Facebook users, including data about their political views and sexual orientation, and sharing it with advertisers without their consent. The country's Personal Information Protection Commission (PIPC) said Meta gathered information such as Full Article
science and technology INTERPOL Disrupts Over 22,000 Malicious Servers in Global Crackdown on Cybercrime By thehackernews.com Published On :: Wed, 06 Nov 2024 15:43:00 +0530 INTERPOL on Tuesday said it took down more than 22,000 malicious servers linked to various cyber threats as part of a global operation. Dubbed Operation Synergia II, the coordinated effort ran from April 1 to August 31, 2024, targeting phishing, ransomware, and information stealer infrastructure. "Of the approximately 30,000 suspicious IP addresses identified, 76 per cent were taken down and 59 Full Article
science and technology 9 Steps to Get CTEM on Your 2025 Budgetary Radar By thehackernews.com Published On :: Wed, 06 Nov 2024 17:00:00 +0530 Budget season is upon us, and everyone in your organization is vying for their slice of the pie. Every year, every department has a pet project that they present as absolutely essential to profitability, business continuity, and quite possibly the future of humanity itself. And no doubt that some of these actually may be mission critical. But as cybersecurity professionals, we understand that Full Article
science and technology Winos 4.0 Malware Infects Gamers Through Malicious Game Optimization Apps By thehackernews.com Published On :: Wed, 06 Nov 2024 19:29:00 +0530 Cybersecurity researchers are warning that a command-and-control (C&C) framework called Winos is being distributed within gaming-related applications like installation tools, speed boosters, and optimization utilities. "Winos 4.0 is an advanced malicious framework that offers comprehensive functionality, a stable architecture, and efficient control over numerous online endpoints to execute Full Article
science and technology VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware By thehackernews.com Published On :: Wed, 06 Nov 2024 23:22:00 +0530 An ongoing threat campaign dubbed VEILDrive has been observed taking advantage of legitimate services from Microsoft, including Teams, SharePoint, Quick Assist, and OneDrive, as part of its modus operandi. "Leveraging Microsoft SaaS services — including Teams, SharePoint, Quick Assist, and OneDrive — the attacker exploited the trusted infrastructures of previously compromised organizations to Full Article
science and technology Canada Orders TikTok to Shut Down Canadian Operations Over Security Concerns By thehackernews.com Published On :: Thu, 07 Nov 2024 10:09:00 +0530 The Canadian government on Wednesday ordered ByteDance-owned TikTok to dissolve its operations in the country, citing national security risks, but stopped short of instituting a ban on the popular video-sharing platform. "The decision was based on the information and evidence collected over the course of the review and on the advice of Canada's security and intelligence community and other Full Article
science and technology Malicious PyPI Package ‘Fabrice’ Found Stealing AWS Keys from Thousands of Developers By thehackernews.com Published On :: Thu, 07 Nov 2024 14:37:00 +0530 Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years while stealthily exfiltrating developers' Amazon Web Services (AWS) credentials. The package in question is "fabrice," which typosquats a popular Python library known as "fabric," which is designed to execute shell commands remotely over Full Article
science and technology Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems By thehackernews.com Published On :: Thu, 07 Nov 2024 14:38:00 +0530 Cisco has released security updates to address a maximum severity security flaw impacting Ultra-Reliable Wireless Backhaul (URWB) Access Points that could permit unauthenticated, remote attackers to run commands with elevated privileges. Tracked as CVE-2024-20418 (CVS score: 10.0), the vulnerability has been described as stemming from a lack of input validation to the web-based management Full Article
science and technology China-Aligned MirrorFace Hackers Target EU Diplomats with World Expo 2025 Bait By thehackernews.com Published On :: Thu, 07 Nov 2024 15:10:00 +0530 The China-aligned threat actor known as MirrorFace has been observed targeting a diplomatic organization in the European Union, marking the first time the hacking crew has targeted an entity in the region. "During this attack, the threat actor used as a lure the upcoming World Expo, which will be held in 2025 in Osaka, Japan," ESET said in its APT Activity Report for the period April to Full Article
science and technology SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims By thehackernews.com Published On :: Thu, 07 Nov 2024 15:12:00 +0530 An ongoing phishing campaign is employing copyright infringement-related themes to trick victims into downloading a newer version of the Rhadamanthys information stealer since July 2024. Cybersecurity firm Check Point is tracking the large-scale campaign under the name CopyRh(ight)adamantys. Targeted regions include the United States, Europe, East Asia, and South America. "The campaign Full Article
science and technology 5 Most Common Malware Techniques in 2024 By thehackernews.com Published On :: Thu, 07 Nov 2024 15:18:00 +0530 Tactics, techniques, and procedures (TTPs) form the foundation of modern defense strategies. Unlike indicators of compromise (IOCs), TTPs are more stable, making them a reliable way to identify specific cyber threats. Here are some of the most commonly used techniques, according to ANY.RUN's Q3 2024 report on malware trends, complete with real-world examples. Disabling of Windows Event Logging Full Article
science and technology A Hacker's Guide to Password Cracking By thehackernews.com Published On :: Thu, 07 Nov 2024 17:30:00 +0530 Defending your organization’s security is like fortifying a castle—you need to understand where attackers will strike and how they’ll try to breach your walls. And hackers are always searching for weaknesses, whether it’s a lax password policy or a forgotten backdoor. To build a stronger defense, you must think like a hacker and anticipate their moves. Read on to learn more about hackers' Full Article
science and technology North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS By thehackernews.com Published On :: Thu, 07 Nov 2024 18:10:00 +0530 A threat actor with ties to the Democratic People's Republic of Korea (DPRK) has been observed targeting cryptocurrency-related businesses with a multi-stage malware capable of infecting Apple macOS devices. Cybersecurity company SentinelOne, which dubbed the campaign Hidden Risk, attributed it with high confidence to BlueNoroff, which has been previously linked to malware families such as Full Article
science and technology CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability By thehackernews.com Published On :: Fri, 08 Nov 2024 10:47:00 +0530 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-5910 (CVSS score: 9.3), concerns a case of missing authentication in the Expedition migration tool that Full Article
science and technology New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus By thehackernews.com Published On :: Fri, 08 Nov 2024 12:45:00 +0530 Cybersecurity researchers have flagged a new malware campaign that infects Windows systems with a Linux virtual instance containing a backdoor capable of establishing remote access to the compromised hosts. The "intriguing" campaign, codenamed CRON#TRAP, starts with a malicious Windows shortcut (LNK) file likely distributed in the form of a ZIP archive via a phishing email. "What makes the CRON# Full Article
science and technology Malicious NPM Packages Target Roblox Users with Data-Stealing Malware By thehackernews.com Published On :: Fri, 08 Nov 2024 17:23:00 +0530 A new campaign has targeted the npm package repository with malicious JavaScript libraries that are designed to infect Roblox users with open-source stealer malware such as Skuld and Blank-Grabber. "This incident highlights the alarming ease with which threat actors can launch supply chain attacks by exploiting trust and human error within the open source ecosystem, and using readily available Full Article
science and technology The vCISO Academy: Transforming MSPs and MSSPs into Cybersecurity Powerhouses By thehackernews.com Published On :: Fri, 08 Nov 2024 17:23:00 +0530 We’ve all heard a million times: growing demand for robust cybersecurity in the face of rising cyber threats is undeniable. Globally small and medium-sized businesses (SMBs) are increasingly targeted by cyberattacks but often lack the resources for full-time Chief Information Security Officers (CISOs). This gap is driving the rise of the virtual CISO (vCISO) model, offering a cost-effective Full Article
science and technology IcePeony and Transparent Tribe Target Indian Entities with Cloud-Based Tools By thehackernews.com Published On :: Fri, 08 Nov 2024 17:53:00 +0530 High-profile entities in India have become the target of malicious campaigns orchestrated by the Pakistan-based Transparent Tribe threat actor and a previously unknown China-nexus cyber espionage group dubbed IcePeony. The intrusions linked to Transparent Tribe involve the use of a malware called ElizaRAT and a new stealer payload dubbed ApoloStealer on specific victims of interest, Check Point Full Article
science and technology AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services By thehackernews.com Published On :: Fri, 08 Nov 2024 19:32:00 +0530 The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. "This botnet utilizes remote code execution and credential-stealing methods to maintain persistent access, leveraging unpatched vulnerabilities to infiltrate critical infrastructures," CloudSEK said in a Full Article
science and technology Webinar: Learn How Storytelling Can Make Cybersecurity Training Fun and Effective By thehackernews.com Published On :: Fri, 08 Nov 2024 22:53:00 +0530 Let’s face it—traditional security training can feel as thrilling as reading the fine print on a software update. It’s routine, predictable, and, let’s be honest, often forgotten the moment it's over. Now, imagine cybersecurity training that’s as unforgettable as your favorite show. Remember how "Hamilton" made history come alive, or how "The Office" taught us CPR (Staying Alive beat, anyone?)? Full Article
science and technology Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money Laundering By thehackernews.com Published On :: Sat, 09 Nov 2024 11:12:00 +0530 The 36-year-old founder of the Bitcoin Fog cryptocurrency mixer has been sentenced to 12 years and six months in prison for facilitating money laundering activities between 2011 and 2021. Roman Sterlingov, a dual Russian-Swedish national, pleaded guilty to charges of money laundering and operating an unlicensed money-transmitting business earlier this March. The U.S. Department of Justice (DoJ) Full Article
science and technology Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns By thehackernews.com Published On :: Sat, 09 Nov 2024 11:42:00 +0530 Palo Alto Networks on Friday issued an informational advisory urging customers to ensure that access to the PAN-OS management interface is secured because of a potential remote code execution vulnerability. "Palo Alto Networks is aware of a claim of a remote code execution vulnerability via the PAN-OS management interface," the company said. "At this time, we do not know the specifics of the Full Article
science and technology Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware By thehackernews.com Published On :: Mon, 11 Nov 2024 11:43:00 +0530 Cybersecurity researchers have discovered a new phishing campaign that spreads a new fileless variant of known commercial malware called Remcos RAT. Remcos RAT "provides purchases with a wide range of advanced features to remotely control computers belonging to the buyer," Fortinet FortiGuard Labs researcher Xiaopeng Zhang said in an analysis published last week. "However, threat actors have Full Article