Links
Archives
-
2024
-
September
-
UCLA is set to introduce ChatGPT Enterprise on campus – a first for California higher ed by Rebecca Kendall
09/26/24
Key takeaways
UCLA is the first university in California to incorporate OpenAI’s ChatGPT Enterprise into its operations.
Access to the advanced AI technology will be granted to students, faculty and staff engaged in initiatives focused on innovation in teaching, -
Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates by Ravie Lakshmanan
09/26/24
Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate.
"These attacks could be executed remotely on any hardware-equipped -
Biomedical and Chemical Engineering Student Paul Sagoe Selected as a 2024 Rostker Dissertation Fund Fellow
09/26/24
Managed by the D’Aniello Institute for Veterans and Military Families (IVMF), the Bernard D. and Louise C. Rostker IVMF Dissertation Research Fund recently provided more than $40,000 to four students who are at varying stages of their dissertation pursuits. The Rostker IVMF Dissertation Research F -
Disney cuts 300 corporate staffers in latest wave of layoffs By Christi Carras
09/25/24
Walt Disney Co. has initiated a fresh round of layoffs, with corporate employees emerging as the latest victims of the Burbank media and entertainment giant’s ongoing $7.5-billion cost-cutting operation.
This week, Disney is in the process of eliminating roughly 300 jobs, according to D -
EPSS vs. CVSS: What's the Best Approach to Vulnerability Prioritization? by The Hacker News
09/25/24
Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these scores provide some insight into the potential impact of a vulnerability, they don't factor in real-world threat data, such as the likelihood of explo -
Paramount Global begins second phase of layoffs in U.S., internal memo says
09/24/24
Sept 24 (Reuters) - Paramount Global (PARA.O) , opens new tab has begun the second phase of its planned layoffs in the United States as the media giant pushes toward increasing profitability, according to an internal memo seen by Reuters.
The cuts are part of the company's efforts to reduc -
Google's Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52% by
09/24/24
Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years.
The tech giant said focusing on Safe C -
Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent by Ravie Lakshmanan
09/23/24
Vienna-based privacy non-profit noyb (short for None Of Your Business) has filed a complaint with the Austrian data protection authority (DPA) against Firefox maker Mozilla for enabling a new feature called Privacy-Preserving Attribution (PPA) without explicitly seeking users' consent. -
Passwordless AND Keyless: The Future of (Privileged) Access Management by The Hacker News
09/22/24
In IT environments, some secrets are managed well and some fly under the radar. Here's a quick checklist of what kinds of secrets companies typically manage, including one type they should manage:
Passwords [x]
TLS certificates [x]
Accounts [x]
SSH keys -
Telegram Agrees to Share User Data With Authorities for Criminal Investigations by Ravie Lakshmanan
09/21/24
In a major policy reversal, the popular messaging app Telegram has announced it will give users' IP addresses and phone numbers to authorities in response to valid legal requests in an attempt to rein in criminal activity on the platform.
"We've made it clear that the IP ad -
CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub by Ravie Lakshmanan
09/20/24
The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses (SMBs) in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub.
"CosmicBeetle replaced -
Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector by Ravie Lakshmanan
09/20/24
Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first time to target the healthcare sector in the U.S.
The tech giant's threat intelligence team is tracking the activity under the name Vanilla Tempest (fo -
New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining by Ravie Lakshmanan
09/19/24
Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that's designed to mine cryptocurrency after brute-forcing their way into PostgreSQL database instances.
"Brute-force attacks on Postgres involve repeatedly attempting to guess the database credentials un -
GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions by Ravie Lakshmanan
09/19/24
GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass.
The vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an attacker to log -
Mechanical Engineering Capstone Design Teams Begin Working On Industry Sponsored Projects
09/18/24
The 2024-2025 mechanical engineering senior capstone design teams have been formed and are now working on 15 industry-sponsored projects. This year’s sponsors include renowned organizations such as NASA, Lockheed Martin, Boeing, Eaton Corporation, Carrier Corporation, Dupont, Advion Inc., Aerovec -
Rogue PyPI Library Solana Users, Steals Blockchain Wallet Keys by Ravie Lakshmanan
09/18/24
Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that masquerades as a library from the Solana blockchain platform but is actually designed to steal victims' secrets.
"The legitimate Solana Python API project is know -
New Phishing Scam Uses Google Drawings and WhatsApp Shortened Links by Ravie Lakshmanan
09/17/24
Cybersecurity researchers have discovered a novel phishing campaign that leverages Google Drawings and shortened links generated via WhatsApp to evade detection and trick users into clicking on bogus links designed to steal sensitive information.
"The attackers chose a group of the b -
New ICS Malware 'FrostyGoop' Targeting Critical Infrastructure by Ravie Lakshmanan
09/16/24
Cybersecurity researchers have discovered what they say is the ninth Industrial Control Systems (ICS)-focused malware that has been used in a disruptive cyber attack targeting an energy company in the Ukrainian city of Lviv earlier this January.
Industrial cybersecurity firm Dragos has du -
WazirX Cryptocurrency Exchange Loses $230 Million in Major Security Breach
09/15/24
Indian cryptocurrency exchange WazirX has confirmed that it was the target of a security breach that led to the theft of $230 million in cryptocurrency assets.
"A cyber attack occurred in one of our [multi-signature] wallets involving a loss of funds exceeding $230 million,&quo -
PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks by Ravie Lakshmanan
09/14/24
Multiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, cryptocurrency miners, and distributed denial-of-service (DDoS) botnets.
The vulnerability in question is CVE-2024-4577 (CVSS score: 9.8), which allows an attac -
New Ransomware-as-a-Service 'Eldorado' Targets Windows and Linux Systems by Ravie Lakshmanan
09/13/24
An emerging ransomware-as-a-service (RaaS) operation called Eldorado comes with locker variants to encrypt files on Windows and Linux systems.
Eldorado first appeared on March 16, 2024, when an advertisement for the affiliate program was posted on the ransomware forum RAMP, Singapore-head -
Israeli Entities Targeted by Cyberattack Using Donut and Sliver Frameworks by Ravie Lakshmanan
09/12/24
Cybersecurity researchers have discovered an attack campaign that targets various Israeli entities with publicly-available frameworks like Donut and Sliver.
The campaign, believed to be highly targeted in nature, "leverage target-specific infrastructure and custom WordPress websites -
Pakistan-linked Malware Campaign Evolves to Target Windows, Android, and macOS by Ravie Lakshmanan
09/11/24
Threat actors with ties to Pakistan have been linked to a long-running malware campaign dubbed Operation Celestial Force since at least 2018.
The activity, still ongoing, entails the use of an Android malware called GravityRAT and a Windows-based malware loader codenamed HeavyLift, accord -
Mysterious Cyber Attack Took Down 600,000+ Routers in the U.S. by Ravie Lakshmanan
09/10/24
More than 600,000 small office/home office (SOHO) routers are estimated to have been bricked and taken offline following a destructive cyber attack staged by unidentified cyber actors, disrupting users' access to the internet.
The mysterious event, which took place between October 25 -
Multicloud Computing in Education: Why Schools Benefit by Calvin Hennick
09/10/24
When the public cloud first emerged as a computing and storage option, many K–12 IT leaders (as well as those in other sectors) were reluctant to move resources to an environment outside of their control. But as cloud-hosted student information systems, collaboration suites and learning management -
Professors Try ‘Restrained AI’ Approach to Help Teach Writing By Jeffrey R. Young
09/10/24
When ChatGPT emerged a year and half ago, many professors immediately worried that their students would use it as a substitute for doing their own written assignments — that they’d click a button on a chatbot instead of doing the thinking involved in responding to an essay prompt themselves.
-
How to Future Proof Your K–12 IT Infrastructure by Joel Keller
09/09/24
While the IT needs of K–12 schools are always changing, it seems that the number of student, educator and staff needs has grown exponentially over the past few years.
One major change on the horizon for how schools use data is through artificial intelligence. Staff and students are leve -
What Is Cloud Bursting, and How Can Schools Take Advantage of It? by Joel Snyder
09/07/24
Cloud bursting isn’t just for meteorologists — it’s a term that’s entered the world of cloud computing as well.
The idea behind cloud bursting is simple: When users begin to overwhelm on-premises servers, applications can quickly scale up by adding cloud servers, bursting above pe -
Partners Make a Big Difference in Device Management for Schools in Texas by Akilah Willery
09/06/24
Laptops, tablets, extra monitors, interactive whiteboards, digital projectors, speakers, charging carts and even mobile furniture have become essential to a highly engaging modern classroom. However, for large school districts, managing tens of thousands of devices comes with challenges.
-
Tame the Summer Crunch: How Year-Round Asset Management Can Transform K–12 IT by by Emily Stapf
09/05/24
Traditionally, IT staff waits until the hallways are quiet during summer break to tackle large cabling projects, install updated wireless equipment or otherwise overhaul a school’s infrastructure. That’s when the team handles device collection, refreshes and mass updates, and new device prep and -
Refreshing Your Devices? Here’s What You Need to Know! by Luke Bruschuk
09/04/24
Today, 94 percent of public schools provide digital devices to students, in part due to the need caused by the pandemic. K–12 IT leaders must reflect on what we learned during that time and use that knowledge to guide our approach to refreshing our districts’ devices, especially with the Element -
Which Language 'Superpowers' Do Bilingual Students Bring to U.S. Schools? By Nadia Tamez-Robledo
09/03/24
No need to hop over to Google Translate. Chances are good that if you were one of the 5.3 million English learners in public schools, you’d know the opening line explains that recent data has something interesting to reveal about the U.S.’s bilingual students.
The Department of Educat -
How Rising Higher Ed Costs Change Student Attitudes About College By Jeffrey R. Young
09/02/24
ST. PAUL, Minn. — At the end of each school year at Central High School, seniors grab a paint pen and write their post-graduation plans on a glass wall outside the counseling office.
For many, that means announcing what college they’ve enrolled in. But the goal is to celebrate whatev -
Cash-Starved Districts Are Turning to Four-Day School Weeks. Will That Harm Students? By Daniel Mollenkamp
09/01/24
The need was becoming dire.
A school district in Brighton, in the Denver metro area of Colorado, was having a hard time keeping teachers. The salaries in the district, 27J Schools, were low for the region. And in Colorado, voters have to approve higher property taxes to send additional do
-
UCLA is set to introduce ChatGPT Enterprise on campus – a first for California higher ed by Rebecca Kendall
- August
- July
- June
- May
- April
- March
- February
- January
-
September
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
- 2014
- 2013
- 2012
- 2011
- 2010
- 2007
- 2006
- 2005
- 2003