-
CISA Warns of Multiple Critical Vulnerabilities in Mitsubishi Electric GX Works3 Engineering Software
Exploitation of these vulnerabilities could disrupt industrial processes.The US Cybersecurity and Infrastructure Protection Agency (CISA) this week issued an advisory warning of multiple vulnerabilities in Mitsubishi Electric GX Works3 engineering software."The successful exploitation of these vulnerabilities allows unauthorized attackers to view and execute programs, gain access to the MELSEC iQ-R/F/L series processor modules and the MELSEC iQ-R OPC UA series server module," the agency said.GX Works3 is Mitsubishi Electric's latest generation of programming and maintenance software specifically designed for MELSEC iQ-R series control systems. It includes many new features such as graphical system configuration, built-in...
-
Over 1600 Docker Hub images contain backdoors
More than 1,600 public Docker Hub images hide cryptocurrency miners, backdoors, DNS interceptors, and website redirectors.Docker Hub is a cloud-based container library that allows developers to search and download Docker images or upload their creations to a public library or personal repositories.Researchers at Sysdig have looked into the issue in an attempt to assess the extent of the problem and have reported images found that contain malicious code. Sysdig examined 250,000 unverified Linux images and identified 1,652 of them as malicious.In the first place are cryptominers, found in 608 images that used server resources for...
-
Meta steals personal data even if you don't use social media
Popular online tax filing platforms TaxAct, TaxSlayer, and H&R Block sent sensitive financial information to Meta via a tracking pixel.Researchers at The Verge found that a tracking pixel on organizations' websites violated Meta's privacy policy by sending the following information:Client's name;E-mail address;Income information;The amount of loans;The amount of the debt.Facebook may use information from tax websites to customize its advertising algorithms, even if the tax customer does not have a Facebook account.The experts also found that TaxAct was feeding similar information (without customer names) to Google through its analytics tool. A Google spokesperson said that...
-
Australia decriminalizes psilocybin, LSD and ecstasy
The Legislative Assembly of the Australian Capital Territory (ACT) has passed a decree decriminalizing psilocybin, LSD, ecstasy and several other psychoactive substances. The regulation will enter into force in 2023.According to the provisions of the law, the ACT will decriminalize possession of the following prohibited psychoactive substances:cocaine (weighing up to 1.5 grams);heroin (up to 2 grams);MDMA (up to 3 grams);methamphetamine (up to 1.5 grams);amphetamine (up to 2 grams);psilocybin (up to 2 grams);LSD (up to 2 milligrams).Possession of these substances below this limit will be punishable by a warning, a fine of $100 or participation in...
-
Malicious SMS app steals phone numbers from thousands of victims
The malicious application was discovered by cybersecurity researcher Maxim Ingrao, who works for Evina. It's called Symoo and has over 100,000 downloads on Google Play. According to the researcher, after installing the application, victims' SIM cards are used as "virtual numbers" to create accounts on Microsoft, Google, Instagram, Telegram and Facebook websites.The operation of the malicious application is simple – after installation, it requests access to send and read SMS messages, which does not arouse suspicion among the victims, since Symoo is advertised as “a simple application for sending SMS”. The fun begins after installation:The...
-
The United States spoke about the North Korean malware AppleJeus to steal cryptocurrency
The Lazarus Group has developed several versions of the AppleJeus malware to attack individuals and companies around the world.The FBI, CISA and the US Treasury have released details of malicious and fake cryptocurrency trading apps used by North Korean hackers to steal cryptocurrencies from individuals and companies around the world.The fake apps were developed and infected with the AppleJeus malware by the Lazarus Group. Hackers have developed and used multiple versions of AppleJeus since the malware was discovered in 2018.Most versions are delivered under the guise of secure applications through sites controlled by attackers and...
-
New version of Punisher ransomware targets Chilean citizens
Researchers at Cyble recently uncovered a new version of the Punisher ransomware that is being spread through a fake COVID-19 tracking app and is targeting Chilean citizens. After infecting the victim’s system, the malware adds the following to the ransom note:System ID;Unique ID of the victim;Bitcoin wallet address for paying the ransom;JS code that starts a timer that increases the ransom amount depending on the elapsed time.The victim's ransom note is found as a shortcut called "unlock your files.lnk" on the desktop and in the "Start" menu. The attackers demand $1,000 in bitcoins to decrypt...
-
New Redigo malware attacks Redis servers
Attackers inject malware using a critical RCE vulnerability.The malware was found on the baits of Aqua Security specialists. The researchers named it Redigo, combining the name of the target servers (Redis) and the programming language in which the malware is written (Go) into one word. To inject malware, hackers use the critical RCE vulnerability CVE-2022-0543 (which has a score of 10 out of 10 on the CVSS scale), which allows you to “escape from the sandbox” of the Lua script processor in Redis and execute arbitrary code on a remote host. This security flaw affects...
-
Clinical trial of pill for marijuana-related disorders begins
Segal Trials has announced a double-blind clinical trial of a new drug, Aelis Farma, for the treatment of cannabis use disorder (CUD).Segal Trials, a private network of research centers in South Florida, has announced a phase 2B study of Aelis Farma's new drug AEF0117-202 for the treatment of cannabis use disorders, announced in an October 5 press release.There are no approved pharmacological treatments for people with cannabis use disorder, so this randomized, double-blind, parallel-group study could pave the way for significant advances in the world of substance abuse treatment. For the first time, people who...
-
Does marijuana cause short-term memory lapses?
The effect of weed on memory is the most surprising and the easiest to notice. Many inexperienced smokers notice very strange, sudden and unpredictable memory lapses. Sometimes they take the form of complete loss of idea what you are talking about right in the middle of a very important phrase.The reason for these phenomena is not connected with memory, but with the peculiarities of perception. Many have noticed a stunning increase in time intervals under the influence of cannabis.This effect is explained by the fact that weed sharply expands perception, the flow of impressions, sensations...
