Author: user
September 3, 2025Ravi LakshmananMobile Security/Vulnerability As part of the monthly fixes for September 2025, Google has sent out a security update to address 120 security flaws in the Android operating system. The vulnerabilities are listed below – CVE-2025-38352 (CVSS score: 7.4) – Privilege escalation flaw in Linux kernel component CVE-2025-48543 (CVSS score: N/A) – Privilege escalation flaw in Android runtime component Google said both vulnerabilities could lead to local escalation of privileges without requiring additional execution privileges. He also noted that exploitation does not require user interaction. The tech giants did not reveal how the issues were weaponized in actual…
A study from the University of Birmingham revealed that global methane emissions continue to rise steadily, with no signs of slowing down. They also found that trade between countries contributes to about 30% of the total amount of methane emissions swirling on the planet. As key trade patterns change, South-South trading now controls global supply chains, with developing countries increasingly participating in the global supply chain. Asia and the developing Pacific region are emerging as the biggest contributors of global methane emissions driven by rapid industrialization and population growth. Methane has contributed approximately 30% to global warming since before the…
September 3, 2025Ravi LakshmananData Breach/Cyberspy The Iranian and Nexus groups are linked to “coordinated” and “multiwave” spear fishing campaigns targeting embassies and consulates in Europe and other regions around the world. The activity stems from operators lined with Iranians associated with the broader range of offensive cyber activities carried out by a group known as the National Judiciary, due to the dream of Israeli cybersecurity companies. “The emails were sent to multiple government recipients around the world, disguised as legitimate diplomatic communications,” the company said. “The evidence points to a wider range of local espionage targeting diplomatic and government groups…
The UK is preparing to launch a new campaign in Spain and Germany aimed at strengthening research and business ties through the Horizon Europe programme. The initiative highlights the value of working with UK researchers, academics and innovative businesses through the Horizon Europe initiative, opening the door to groundbreaking projects and new commercial opportunities. The UK Minister of Science, Balance, emphasized the importance of the campaign. “Horizon Europe is an incredible tool for advancing world-leading science and research, both in terms of available funding and the opportunities it offers to innovators from across Europe. “I want the UK to be…
Researchers at Tu Berlin’s UnisyScat Cluster of Excellence synthesized a silicon-based Super Lewis acid containing additional halogen atoms for the first time. These compounds rank among the most powerful Lewis acids known to date and are capable of attacking very stable chemical bonds, such as the carbon fluorophore bonds of PFA. New compounds are not consumed during the reaction and can be regenerated instead. Therefore, they act catalytically and present critical advantages for potential applications in recycling processes and green chemistry. Why is it so difficult for PFAS bonds to break down? The extreme difficulty of decomposeting PFAS bonds results…
The UK is making great strides in the clean energy future with a five-year investment of £7.8 million aimed at revolutionizing fusion energy training and research. The funding is a collaboration between the UK Atomic Energy Agency (UKAEA), York University, and the University of Edinburgh, and will be distributed through UKAEA’s fusion opportunities in the Skills, Training, Education and Research (Foster) Programme. The initiative seeks to cultivate the next generation of important professionals to deliver fusion energy to grids around the country. This investment is not just about fundraising. This is a commitment to building a robust and diverse skills…
September 3, 2025Ravi LakshmananThreat Intelligence/Network Security CloudFlare said Tuesday it automatically mitigates record-breaking volume distributed denial-of-service (DDOS) attacks, which peaked at 11.5 terabits per second (TBPS). “Over the past few weeks, we have autonomously blocked hundreds of ultrasound DDOS attacks reaching their peak peaks of 5.1 BPPS and 11.5 TBP. The entire attack lasted only about 35 seconds, but the company says “defense is working overtime.” Volume Measurement DDOS attacks are designed to overwhelm targets with tsunamis of traffic, causing servers to slow or fail. These attacks usually result in network congestion, packet loss, and service disruption. Such attacks are…
Your digital identity is under constant threat. This article explores how offline biometric identity verification and tokenisation provide a more secure and convenient solution. Offline biometric verification and tokenisation address key challenges in cybersecurity, including identity, credential, and access management (ICAM), while integrating with existing software solutions. The cybersecurity challenge For years, we have been told that stronger encryption and increasingly complex passwords are the key to protecting our data and identity. But is that really true? The short answer is NO. Hackers have become more sophisticated, and their tools more powerful. This has boosted the cost of cybercrime to…
September 3, 2025Ravi LakshmananVulnerability/Mobile Security The US Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday affected the TP-Link TL-WA855RE Wi-Fi Ranger Extender product, affected the known exploitation catalogue, and cited evidence of active exploitation. The vulnerability, CVE-2020-24363 (CVSS score: 8.8) is related to cases where authentication is missing that could be abused to gain increased access to sensitive devices. “The vulnerability allows unidentified attackers (on the same network) to send factory reset and restart TDDP_RESET POST requests,” the agency said. “Attackers can obtain incorrect access controls by setting a new administrative password.” According to Malwrforensics, this issue has been fixed…
September 3, 2025Ravi LakshmananData Breach/Threat Intelligence, SalesLoft on Tuesday announced that several companies will be temporarily collecting drifts offline in the “very near future” as they are caught up in a widespread supply chain attack targeting marketing software as a service, resulting in mass theft of certified tokens. “This provides the fastest path to comprehensively reviewing applications, building additional resilience and security within the system, and bringing applications back to full functionality,” the company said. “As a result, the customer website’s drift chatbot is not available and drift is not accessible.” The company said its top priority is ensuring the…