Interesting
On Saturday, Nov 23, 1963, a legend began. An Unearthly Child, the first episode of the BBC’s new science-fiction series Doctor Who was broadcast. At the time, no one was certain if the show would last longer than 13 weeks.
Clip from An Unearthly Child »
Anka Markovic Borak, writing in vpnMentor »
A severe vulnerability affecting the Really Simple Security WordPress plugin, previously Really Simple SSL, has put four million websites at risk of potential takeover. Discovered on November 6, 2024, by Wordfence researchers, the flaw allows attackers to bypass authentication and gain administrative access due to faulty user verification handling.
This is one of the more serious vulnerabilities that we have reported on in our 12 year history as a security provider for WordPress. This vulnerability affects Really Simple Security, formerly known as Really Simple SSL, installed on over 4 million websites, and allows an attacker to remotely gain full administrative access to a site running the plugin.
The vulnerability is scriptable, meaning that it can be turned into a large scale automated attack, targeting WordPress websites. The vendor worked with the WordPress plugins team to force-update all sites running this plugin before we published this post.
In August, a judge ruled (Bloomberg) the Alphabet, Inc. held an illegal search monopoly in the US.
The Department of Justice is now attempting to force Google to sell off (Reuters) its Chrome browser in an antitrust action against the company. If the proposal is grated, this would endanger the survival of other technologies and many other companies.
» 24-page court pdf document filed with the court late November 20th.
More » The Guardian (Nov 19) / Japan Times / AP / Ars Technica / Bloomberg / The Verge / The Atlantic / Fast Company / Business Insider / Droid Life
“On October 1, Durham staff identified a security breach affecting a limited component of the digital systems at the Duffin Creek Water Pollution Control Plant. The affected system was isolated and operations at Duffin Creek are currently running in auto or manual mode,” revealed the Regional Municipality of Durham, Ontario brief statement dated October 11, 2024.
“There has been no impact to any other component of the network at Duffin Creek or elsewhere in Durham’s network. There has been no impact to health, safety or the environment. No private or sensitive information is contained in the affected system, and Duffin Creek is fully operational.”
Just days later, a higher profile cybersecurity event occurred across the border. American Water Works — a Camden, New Jersey-based utility of drinking water and wastewater services — said hackers had breached its computer networks and systems.
Specifically, we have identified that People Republic of China (PRC)-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders. We expect our understanding of these compromises to grow as the investigation continues.
Dan Sabbagh and Pjotr Sauer, writing for The Guardian »
The most serious threat was an assassination plot targeting Armin Papperger, the CEO of the German defence company Rheinmetall, one of many European firms helping supply Ukraine. Though this was detected, other arms industry executives around Europe were also said to have been targeted by Russian assassins.
Police are investigating whether Russian spies posted incendiary devices – via the delivery firm DHL – around Europe, to Birmingham in the UK and Leipzig in Germany. This would have carried the risk of the devices catching fire inside the cargo bay of a plane and bringing it down, as the head of Germany’s domestic intelligence agency warned on Monday this week. It may be fortunate that no lives were lost.
The rapid advancements in artificial intelligence (AI) have unleashed a new threat: deepfakes. As powerful and effective models become more easily accessible, the risk of deepfakes becomes a present danger, for corporations, small businesses, and individuals.
IBM security guru Jeff Crume explores the technology, risks, and offers a few mitigation strategies to help us stay on top of this rapidly evolving landscape.
© 2025 Downshift
Theme by Anders Noren — Up ↑
