Researchers have found multiple critical flaws in the IT help desk software ManageEngine, made by Zoho Corp. In all, seven vulnerabilities were discovered, each allowing an attacker to ultimately take control of host servers running Zoho’s SaaS suite of applications. Read More
596 Agents from 31 cities in 13 countries earned 86 million AP, gained 63 levels and walked 1,928 km during January’s First Saturday events around the world.
This month, the Enlightened had the most levels gained (+5), most AP earned (+1.3m), most AP per agent (+6.2k), most KM walked (+28) and most KM per agent (+0.14). The Resistance had the most agents (+4). Read More
Authorities in Russia have broken up a widespread scheme involving dozens of gas-station employees who used software programs on electronic gas pumps to con customers into paying for more fuel than then actually pumped into their tank. The scam shorted customers between 3-to-7 percent per gallon of gas pumped. Read More
Intel’s efforts to issue fixes for the Spectre and Meltdown CPU vulnerabilities are still hitting some bumps in the road, a company executive said in a blog post.
“We have now issued firmware updates for 90 percent of Intel CPUs introduced in the past five years, but we have more work to do,” said Navin Shenoy, EVP and general manager of Intel’s data center group. Read More
Oracle has shipped 237 patches for vulnerabilities impacting hundreds of product versions as part of its latest quarterly critical patch update.
Product lines coming in for some of the most fixes include Oracle Financial Services Applications, with 34, Fusion Middleware with 27, MySQL with 25 and Java SE with 21. In many cases, the vulnerabilities can be exploited remotely by an attacker, without need for user credentials. Read More
The U.S. Customs and Border Patrol announced new restrictions on when agents can copy data from digital devices at border crossing points.
Agents now need “reasonable suspicion” in advance of searches of phones, computers, tablets, cameras or any other digital device belonging to people entering or leaving the United States. Border agents will also be restricted from accessing data stored remotely in the cloud. Read More
The race to patch against the Meltdown and Spectre processor vulnerabilities disclosed last week is on. As of today, there are no known exploits in the wild impacting vulnerable Intel, AMD and ARM devices. Read More
Intel, Amazon, Microsoft and others are playing down concerns over the impact of the massive Spectre and Meltdown vulnerabilities affecting computers, servers and mobile devices worldwide.
The two flaws, Spectre and Meltdown, are far reaching and impact a wide range of microprocessors used in the past decade in computers and mobile devices including those running Android, Chrome, iOS, Linux, macOS and Windows. While Meltdown only affects Intel processors, Spectre affects chips from Intel, AMD, ARM and others. Read More
Intel is grappling with what many experts are describing as a processor design flaw impacting CPUs used in Linux, Windows and some macOS systems. The reported flaw is tied to Intel’s kernel virtual memory system that could allow an attacker to access kernel-protected data such as passwords and login keys, according to researchers. Read More
VMware, a Dell Technologies subsidiary, released several patches Tuesday fixing critical vulnerabilities affecting its vSphere cloud computing virtualization platform.
The bugs address three vulnerabilities in VMware’s vSphere Data Protection (VDP), a backup and recovery solution used with its vSphere platform. According to the company, a remote attacker could exploit the vulnerabilities and take control of an affected systems. Read More