Dell SupportAssist bugs put over 30 million PCs at risk
Security researchers have found four major security vulnerabilities in the BIOSConnect feature of Dell SupportAssist, allowing attackers to remotely execute code within the BIOS of impacted devices. According to Dell's website, the SupportAssist software is "preinstalled on most Dell devices running Windows operating system," while BIOSConnect provides remote firmware update and OS recovery features. READ MORE...
US seizes 33 Iranian state-run media sites accused of election disinformation
On Tuesday, the US government said it seized 33 websites run by a branch of the Iranian government that spread disinformation in the US before the 2020 presidential election. The US also seized three websites that it said were operated by an Iraqi terrorist organization. Yesterday's Department of Justice announcement said the 33 Iranian sites were used by the Iranian Islamic Radio and Television Union (IRTVU), which is owned or controlled by the Islamic Revolutionary Guard Corps Quds Force (IRGC-QF). READ MORE...
Tulsa's Police-Citation Data Leaked by Conti Gang
The city of Tulsa, OK is asking some of its residents to keep a close eye on their personal and financial accounts after the Conti ransomware group leaked some 18,000 city files, mostly police citations, on the dark web. The leak stemmed from a May 6 ransomware attack that caused the city to shut down its network, disrupting its online bill payment systems, utility billing and email. READ MORE...
Cyber-Attacks Are Primary Funding Source for North Korea
Cybercrime is now the primary means by which the North Korean state is funded, according to researchers at Venafi. The security vendor's threat intelligence specialist, Yana Blachman, and her team analyzed publicly available information on state-sponsored attacks directed by the hermit kingdom over the past four years. They concluded that the Asian dictatorship now monetizes cyber-attacks to circumvent economic sanctions and keep the Kim Jong-un regime alive. READ MORE...
Most third-party libraries are never updated after being included in a codebase
79% percent of the time, third-party libraries are never updated by developers after being included in a codebase - despite the fact that more than two thirds of fixes are minor and non-disruptive to the functionality of even the most complex software applications, Veracode research reveals. Open source libraries constantly evolve so what appears secure today may no longer be so tomorrow, potentially creating a significant security risk for software vendors and users. READ MORE...
Atlassian Bugs Could Have Led to 1-Click Takeover
Atlassian, a platform used by 180,000 customers to engineer software and manage projects, could have been hijacked with a single click due to security flaws, researchers have disclosed. On Thursday, Check Point Research (CPR) published a report (PDF) outlining how an attacker could have exploited the bugs to access Atlassian's Jira: A proprietary bug-tracking and agile project-management tool. READ MORE...
- ...in 1901, basketball player and Converse athletic-shoe namesake Chuck Taylor is born in Azalia, IN.
- ...in 1916, Mary Pickford becomes the first female film star to sign a million-dollar contract.
- ...in 1949, the first television western, "Hopalong Cassidy" premieres on NBC.
- ...in 1979, comedian and actress Mindy Kaling is born in Cambridge, MA.
