Lifeboat News: The Blog – Safeguarding Humanity

Google fixes one more Chrome zero-day exploited at Pwn2Own

Posted by Saúl Morales Rodriguéz in cybercrime/malcode

Apr 4
2024

Google has fixed another zero-day vulnerability in the Chrome browser, which was exploited by security researchers during the Pwn2Own hacking contest last month.

Tracked as CVE-2024–3159, this high-severity security flaw is caused by an out-of-bounds read weakness in the Chrome V8 JavaScript engine.

Remote attackers can exploit the vulnerability using crafted HTML pages to gain access to data beyond the memory buffer via heap corruption, which can provide them with sensitive information or trigger a crash.

Read more | >

Microsoft fixes Outlook security alerts bug caused by December updates

Posted by Saúl Morales Rodriguéz in security

Apr 4
2024

Microsoft has fixed an issue that triggers erroneous Outlook security alerts when opening. ICS calendar files after installing the December 2023 Outlook Desktop security updates.

The December Patch Tuesday security updates behind these inaccurate warnings patch the CVE-2023–35636 Microsoft Outlook information disclosure vulnerability, which attackers can exploit to steal NTLM hashes via maliciously crafted files.

These credentials are used to authenticate as the compromised Windows user in pass-the-hash attacks, to gain access to sensitive data or spread laterally on their network.

Read more | >

Users say Google’s VPN app “breaks” the Windows DNS settings

Posted by Saúl Morales Rodriguéz in futurism

Apr 4
2024

Does Google’s app really need to constantly reset all Windows network interfaces?

Read more | >

Intel, Microsoft discuss plans to run Copilot locally on PCs instead of in the cloud

Posted by Saúl Morales Rodriguéz in robotics/AI

Apr 4
2024

Companies are trying to make the “AI PC” happen with new silicon and software.

Read more | >

Pentagon calls for tighter integration between military and commercial space

Posted by Saúl Morales Rodriguéz in military, space travel

Apr 4
2024

I would have never written the requirements for Starship.

Read more | >

How to Check if a Linux Distribution is Compromised by the XZ Utils Backdoor in 6 Steps

Posted by Saúl Morales Rodriguéz in cybercrime/malcode

Apr 4
2024

Data security — information security newspaper | hacking news.

Read more | >

What we know about the xz Utils backdoor that almost infected the world

Posted by Saúl Morales Rodriguéz in futurism

Apr 4
2024

Malicious updates made to a ubiquitous tool were a few weeks away from going mainstream.

Read more | >

New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

Posted by Saúl Morales Rodriguéz in security

Apr 4
2024

New research exposes vulnerability in HTTP/2 protocol! The CONTINUATION frame can be exploited for DoS attacks, warns security expert Bartek Nowotarsk.

Read more | >

Probing Liquid Water’s Structure with Attosecond X-Ray Pulses

Posted by Saúl Morales Rodriguéz in futurism

Apr 4
2024

Using an ultrafast technique, researchers shed light on how the hydrogen-bonded structure of water is reflected in its x-ray spectrum.

Read more | >

Stiffening a Spring Made of Light

Posted by Saúl Morales Rodriguéz in futurism

Apr 4
2024

Adding a nonlinear crystal to an optical spring can change the spring’s stiffness, a finding that could allow the use of such devices as gravitational-wave detectors.

Read more | >