software
Crypto-stealing malware campaign infects 28,000 people
Over 28,000 people from Russia, Turkey, Ukraine, and other countries in the Eurasian region were impacted by a large-scale cryptocurrency-stealing malware campaign. The malware campaign disguises itself as legitimate software promoted via YouTube videos and fraudulent GitHub repositories where victims download password-protected archives that initiate the infection. According to cybersecurity firm Dr. Web, the campaign […]
New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks
An automated scanner has been released to help security professionals scan environments for devices vulnerable to the Common Unix Printing System (CUPS) RCE flaw tracked as CVE-2024-47176. The flaw, which enables attackers to perform arbitrary remote code execution if certain conditions are met, was disclosed late last month by the person who discovered it, Simone Margaritelli. Although […]
Winamp releases source code, asks for help modernizing the player
The iconic Winamp media player has fulfilled a promise made in May and released its complete source code on GitHub, inviting developers to collaborate on the project. Winamp is a media player launched in 1997 by Nullsoft, which gained massive popularity in the following years, coinciding with the rise of MP3s music files. The player featured a […]
Discord rolls out end-to-end encryption for audio, video calls
Discord has introduced the DAVE protocol, a custom end-to-end encryption (E2EE) protocol designed to protect audio and video calls on the platform from unauthorized interceptions. DAVE was created with the help of cybersecurity experts at Trail of Bits, that also audited the E2EE system’s code and implementation. The new system will cover one-on-one audio and video calls […]
CISA urges software devs to weed out XSS vulnerabilities
CISA and the FBI urged technology manufacturing companies to review their software and ensure that future releases are free of cross-site scripting vulnerabilities before shipping. The two federal agencies said that XSS vulnerabilities still plague software released today, creating further exploitation opportunities for threat actors even though they’re preventable and should not be present in […]
Notion exits Russia and will terminate accounts in September
Notion has announced it will exit the Russian market and is terminating all workspaces and accounts identified linked to users in the country. In an announcement on its website, Notion says the decision was taken due to U.S.-government imposed restrictions on software service providers, making it practically impossible to continue operating in Russia. “The U.S. […]
CrowdStrike: ‘Content Validator’ bug let faulty update pass checks
CrowdStrike released a Preliminary Post Incident Review (PIR) on the faulty Falcon update explaining that a bug allowed bad data to pass its Content Validator and cause millions of Windows systems to crash on July 19, 2024. The cybersecurity company explained that the issue was caused by a problematic content configuration update meant to gather telemetry on […]
Raspberry Pi: Big Performance Boost with 100 Lines of Code
A software update promises a considerable increase in performance for the Raspberry Pi. Only a relatively short program code is required to implement the change. The Raspberry Pi 5 is a very versatile single-board computer, mainly because of its extensive connectivity, and the significantly increased computing capacity compared to previous generations also plays a role. […]
Nvidia patches five high-severity bugs in its software
High-flying Nvidia took care of some routine business on June 6 when it reported three high-severity bugs in its GPU Display Driver and another two high-severity bugs in Nvidia’s vGPU software. In a security bulletin to customers, Nvidia said an exploit of the GPU Display Driver bugs could lead to a combination or all of […]