Error message

  • Notice: Trying to access array offset on value of type int in element_children() (line 6591 of /home/cay45lq1/public_html/includes/common.inc).
  • Notice: Trying to access array offset on value of type int in element_children() (line 6591 of /home/cay45lq1/public_html/includes/common.inc).
  • Notice: Trying to access array offset on value of type int in element_children() (line 6591 of /home/cay45lq1/public_html/includes/common.inc).
  • Notice: Trying to access array offset on value of type int in element_children() (line 6591 of /home/cay45lq1/public_html/includes/common.inc).
  • Notice: Trying to access array offset on value of type int in element_children() (line 6591 of /home/cay45lq1/public_html/includes/common.inc).
  • Notice: Trying to access array offset on value of type int in element_children() (line 6591 of /home/cay45lq1/public_html/includes/common.inc).
  • Notice: Trying to access array offset on value of type int in element_children() (line 6591 of /home/cay45lq1/public_html/includes/common.inc).
  • Notice: Trying to access array offset on value of type int in element_children() (line 6591 of /home/cay45lq1/public_html/includes/common.inc).
  • Notice: Trying to access array offset on value of type int in element_children() (line 6591 of /home/cay45lq1/public_html/includes/common.inc).
  • Notice: Trying to access array offset on value of type int in element_children() (line 6591 of /home/cay45lq1/public_html/includes/common.inc).
  • Notice: Trying to access array offset on value of type int in element_children() (line 6591 of /home/cay45lq1/public_html/includes/common.inc).
  • Notice: Trying to access array offset on value of type int in element_children() (line 6591 of /home/cay45lq1/public_html/includes/common.inc).
  • Notice: Trying to access array offset on value of type int in element_children() (line 6591 of /home/cay45lq1/public_html/includes/common.inc).
  • Notice: Trying to access array offset on value of type int in element_children() (line 6591 of /home/cay45lq1/public_html/includes/common.inc).
  • Notice: Trying to access array offset on value of type int in element_children() (line 6591 of /home/cay45lq1/public_html/includes/common.inc).
  • Deprecated function: implode(): Passing glue string after array is deprecated. Swap the parameters in drupal_get_feeds() (line 394 of /home/cay45lq1/public_html/includes/common.inc).
  • Deprecated function: The each() function is deprecated. This message will be suppressed on further calls in menu_set_active_trail() (line 2405 of /home/cay45lq1/public_html/includes/menu.inc).

Feed aggregator

New forum topics

Best Verizon Deals: Free iPhone 16, Galaxy S24 or Pixel 9 With New Line and Trade-In

CNET News - Thu, 01/09/2025 - 14:19
Verizon is offering serious savings on some of the best phones for 2025, plus discounted subscriptions and more ways to save.
Categories: Technology

Experts warn DNA sequencers are vulnerable to bootkit attacks

TechRadar News - Thu, 01/09/2025 - 14:03
  • Researchers from Eclypsium find vulnerability in the way iSeq 100 boots up
  • The bug allows threat actors to establish persistence, brick the device, or tamper with the results
  • A patch has since been made available, so update now

A popular DNA sequencer has been found carrying a vulnerability allowing threat actors to establish persistence on the device, destroy the hardware, or even tamper with the results, experts have claimed.

Researchers from Eclypsium analyzed the BIOS firmware in iSeq 100, a DNA sequencer built by a US biotechnology company Illumina, a benchtop sequencing system designed for small-scale genomic and targeted sequencing applications. It is used to read and analyze DNA, help researchers understand genetic information, study diseases, develop treatments, or explore how organisms are related.

Eclypsium said the device boots an older version of the BIOS firmware, which even ran in Compatibility Support Mode (CSM), in order to support older devices. It did not boot with standard protections, including Secure Boot technology.

Manipulating outcomes

All of this made iSeq 100 vulnerable to nine different bugs, some discovered in 2017, and with different severity scores. Threat actors could launch LogoFAIL, Spectre 2, and Microarchitectural Data Sampling (MDS) attacks against these devices, it was claimed.

To make matters worse, Eclypsium said it only analyzed this specific model, and that it is possible that other models are suffering from the same drawbacks, as well, especially since the motherboards in these devices were built by a third party.

“If the data is manipulated by an implant/backdoor in these devices, then a threat actor may manipulate a wide range of outcomes including faking presence or absence of hereditary conditions, manipulating medical treatments or new vaccines, faking ancestry DNA research, etc,” Eclypsium said.

Since making the discovery, Eclypsium notified the iSeq 100 manufacturer, who came back with a patch. There was no word on how many devices are vulnerable, or how fast the patch will be applied on all of them.

“Our initial evaluation indicates these issues are not high-risk,” an Illumina representative told BleepingComputer.

Via BleepingComputer

You might also like
Categories: Technology

The 32 Best Movies on Hulu This Week (January 2024)

WIRED Top Stories - Thu, 01/09/2025 - 14:00
Nightbitch, John Wick, and American Psycho are just a few of the movies you need to watch on Hulu right now.
Categories: Technology

Sorry, There Are No 'Best Robots' at CES This Year video

CNET News - Thu, 01/09/2025 - 13:49
We saw a lot of awesome robots at CES this year but can't crown any of them "the best." Here's why.
Categories: Technology

How the US TikTok Ban Would Actually Work

WIRED Top Stories - Thu, 01/09/2025 - 13:46
The fate of TikTok now rests in the hands of the US Supreme Court. If a law banning the social video app this month is upheld, it won’t disappear from your phone—but it will get messy fast.
Categories: Technology

This Is What the Los Angeles Wildfires Look Like From Space

CNET News - Thu, 01/09/2025 - 13:25
The scope of the devastating Los Angeles wildfires comes into focus through smoke-filled satellite imagery from NASA and other agencies.
Categories: Technology

Ivanti warns another critical security flaw is being attacked

TechRadar News - Thu, 01/09/2025 - 13:08
  • Ivanti uncovers two security vulnerabilities, including one critical-severity
  • One of the flaws was being abused as a zero-day by a Chinese threat actor
  • Researchers uncovered never-before-seen malware being deployed in the attack

Ivanti has warned customers of a critical vulnerability impacting its VPN appliances that is being actively exploited in the wild to drop malware.

In a security advisory, Ivanti said that it uncovered two vulnerabilities recently - CVE-2025-0282 and CVE-2025-0283, both of which are impacting Ivanti Connect Secure VPN appliances.

The former seems to be the more dangerous of the two. It is given a severity score of 9.0 (critical), and is described as an unauthenticated stack-based buffer overflow. “Successful exploitation could result in unauthenticated remote code execution, leading to potential downstream compromise of a victim network,” it was said.

The second vulnerability, also a stack-based buffer overflow, comes with a 7.0 severity score (high).

New malware deployed

The company urged customers to apply the patch immediately, and provided further details about the threat actors and their tools.

In partnership with security researchers at Mandiant, Ivanti determined the first vulnerability has been abused in the wild as a zero-day, most likely by multiple threat actors.

In at least one of the compromised VPNs, Mandiant found the threat actors deploying the SPAWN ecosystem of malware (including SPAWNANT installer, SPAWNMOLE tunneler, and SPAWNSNAIL SSH backdoor).

The group behind this attack was identified as UNC5221, which is apparently, a China-nexus espionage group, active since at least December 2023.

In the past, UNC5221 has been linked to the exploitation of zero-day vulnerabilities in Ivanti Connect Secure VPN appliances, targeting organizations in telecommunications, healthcare, and public sectors. The group focuses on data exfiltration and espionage.

Mendiant has also seen crooks drop previously unseen malware, now tracked as DRYHOOK and PHASEJAM. They were not able to attribute these families to any known threat actor.

“It is possible that multiple actors are responsible for the creation and deployment of these various code families (i.e. SPAWN, DRYHOOK and PHASEJAM), but as of publishing this report, we don't have enough data to accurately assess the number of threat actors targeting CVE-2025-0282,” Ivanti said in the report.

You might also like
Categories: Technology

The Los Angeles Fires Will Put California’s New Insurance Rules to the Test

WIRED Top Stories - Thu, 01/09/2025 - 12:53
The state’s insurance industry was reformed in late 2024 to promote coverage in disaster-prone areas. Tens of billions in fire damage will stress-test the new regime.
Categories: Technology

This Portable Air Conditioner Can Travel With You -- And Now It Brings the Heat Too

CNET News - Thu, 01/09/2025 - 12:41
The Zero Breeze Mark 3 I saw at CES 2025 is basically a 22-pound heat pump that can run off of a battery.
Categories: Technology

Best T-Mobile Deals: Get Up to $1,000 Off the Latest Apple, Google and Samsung Phones

CNET News - Thu, 01/09/2025 - 12:40
Plus, we found the best ways to knock a few dollars off the cost of your service plan at the end of the month.
Categories: Technology

PHOTOS: See the California wildfires' destructive force, in satellite images

NPR News Headlines - Thu, 01/09/2025 - 12:38

Satellite images show the extent of devastation from multiple wildfires burning in Los Angeles County after one day. The fires have killed at least five people and destroyed thousands of structures.

Categories: News

I can't believe this Lenovo monitor has more ports than an Apple MacBook Pro laptop

TechRadar News - Thu, 01/09/2025 - 12:34
  • The ThinkVision P32UD-40 is Lenovo's new flagship business monitor
  • It has 12 ports including a Thunderbolt 4 one and Gigabit Ethernet
  • Users can daisy-chain several together for improved productivity

When choosing a business monitor, buyers typically look for a display with sharpcolors and plenty of ports that can simplify everything from creative projects to data analysis and multitasking across multiple devices.

At CES 2025, Lenovo unveiled the ThinkVision P32UD-40, which ticks all of those boxes. The 31.5-inch flagship IPS display has a 3840x2160 resolution, HDR10 support, and a contrast ratio of 1500:1.

The monitor supports up to 98% DCI-P3 and 99% sRGB and BT.709 color gamuts, making it suitable for tasks requiring precise color accuracy, and the screen’s 2.0mm ultra-thin bezel design maximizes screen space for an immersive viewing experience.

A dozen ports, and much more besides

(Image credit: Lenovo)

Elsewhere, the ThinkVision P32UD-40 offers a number of features such as Picture-in-Picture (PiP) and Picture-by-Picture (PbP) modes, along with a KVM switch for managing multiple devices seamlessly. The inclusion of daisy-chaining capabilities allows users to connect multiple monitors, improving multitasking and workspace efficiency.

What stands out for me, though, is the ThinkVision P32UD-40’s impressive array of no fewer than 12 ports, including a Thunderbolt 4 connector capable of 40Gbps transfer speeds, HDMI 2.1, DisplayPort 1.4, a second DP 1.4 for daisy-chaining, USB-B, USB-C, four USB-A ports, and a Gigabit Ethernet port, offering versatility for a range of devices and peripherals.

With a refresh rate ranging from 24Hz to 120Hz, the screen balances smooth motion and energy efficiency, aided by Lenovo’s AI Power Saving Mode, which adjusts backlighting and pixel intensity based on the displayed content. The monitor is certified with ENERGY STAR, EPEAT Gold, and multiple TÜV Rheinland eye comfort standards, including low blue light and flicker-free certifications.

Sustainability is a core focus for Lenovo’s new products, and the ThinkVision P Series is no exception. The P32UD-40 is constructed using 95% post-consumer recycled plastic for its front bezel and covers, while its stand swivel incorporates 100% recycled aluminum. The panel itself uses 20% recycled glass.

The ThinkVision P32UD-40 is expected to be available in Q2 2025, with a starting price of $1,199.

You might also like
Categories: Technology

Los Angeles Fires: Donations, Relief Efforts and How to Help Fire Victims

CNET News - Thu, 01/09/2025 - 12:28
Communities across LA County have been devastated by fires. There's more than one way you can help.
Categories: Technology

Social Security Recipients Need A Benefit Statement For Tax Season: Here's Where To Find It

CNET News - Thu, 01/09/2025 - 12:28
Tax season is almost here. If you receive Social Security benefits, you'll need your benefit statement to find out if you need to file taxes this year.
Categories: Technology

Pakistan telecom authority blames VPN usage for slow internet speeds

TechRadar News - Thu, 01/09/2025 - 12:23

A surge in VPN usage is the cause of slow internet speeds in Pakistan, with each megabyte of data routed via these services costing approximately $1 to the country's economy.

This shocking revelation came from a recent report published by the Pakistan Telecommunication Authority (PTA) – local publications, including the Pakistani English-speaking newspaper The Express Tribune could reveal.

While this isn't the first time authorities have condemned unauthorized VPN usage for, among other things, internet slowdowns, experts have long argued that government-imposed censorship is instead to blame for breaking the internet in Pakistan.

The ongoing Pakistan debate

According to the PTA report – as reported by The Express Tribune – the ever-growing reliance on the best VPN apps "has put additional pressure on Pakistan's internet infrastructure."

This is because, authorities explain, virtual private network (VPN) services bypass local content delivery networks (CDNs), causing inefficiencies. Additionally, hefty VPN usage is also behind significant economic losses "due to increased reliance on foreign exchange."

As per the PTA data, VPN bandwidth usage peaked at 634 Gbps in August, 597 Gbps in September, 815 Gbps in October, and 378 Gbps in November.

These numbers certainly do not come as a surprise. Pakistanis have turned en masse to VPNs since the beginning of the year as a means to bypass stringent online restrictions.

X (formerly Twitter) has been inaccessible without a VPN since February. Meta's Facebook and Instagram were also restricted in July 2024 and May 2023, respectively, according to Surfshark's Internet Tracker. Bluesky and WhatsApp were the latest social media platforms blocked in the country this year.

Proton VPN has been recording spike in VPN sign-ups from Pakistan since the beginning of the year, with the most recent increase reaching +2860% over baseline on November 26, 2024. (Image credit: Proton)

It was in this context that the PTA first shared plans to regulate the use of VPNs as a way to curb misuse back in August. Authorities would later deem unregistered VPNs a "security risk" for Pakistan as they can be used to access "sensitive data."

The PTA then set a deadline for November 30, 2024, to begin implementing the new policy, urging businesses and freelance workers to register their services to avoid any disruptions. As the registration deadline expired, however, it was revealed that Pakistan doesn't have any legal grounds to ban VPNs, according to Pakistan's Law Ministry.

On December 19, 2024, the PTA shared some new directives that require VPN companies to obtain a Class License for Data Services to operate within the country. VPN providers will also be forced to collect and share users' information usage with authorities upon request – de facto going against their strict no-log VPN policies.

While it's too early to know if such an attempt to regulate VPN usage will be successful this time, it certainly kicks off a new phase for the PTA's quest to regulate the use of these services in Pakistan.

Categories: Technology

Supercopa de Espana Soccer Livestream: How to Watch Real Madrid vs. Mallorca From Anywhere

CNET News - Thu, 01/09/2025 - 12:08
Defending champs Los Blancos look to claim a place in Sunday's final against Barcelona in Saudi Arabia.
Categories: Technology

Rediscovering My Favorite Songs With Cadillac, Dolby Atmos video

CNET News - Thu, 01/09/2025 - 12:06
I played some of my favorite tunes in the Cadillac Optiq, a handsome electric SUV, to see how the listening experience is unlocked and evolved by Dolby Atmos audio.
Categories: Technology

SonicWall tells admins to patch worrying SSLVPN flaw immediately

TechRadar News - Thu, 01/09/2025 - 12:03
  • SonicWall is mailing IT admins, warning them about a high-severity vulnerability in its firewalls
  • The bug is "susceptible to actual exploitation" it said
  • A patch is available, as well as a few mitigation measures

SonicWall has recently addressed a high-severity vulnerability in its firewalls which is “susceptible to actual exploitation.” The company has since started notifying IT admins, urging them to apply the fix immediately and secure their endpoints.

Citing a few Reddit users who were contacted by SonicWall, BleepingComputer said the vulnerability is an authentication bypass in SSL VPN and SSH management, tracked as CVE-2024-53704.

It has a severity score of 8.2 (high) and impacts multiple generation six and generation seven firewalls, powered by SonicOS 6.5.4.15-117n and older and 7.0.1-5161 and older.

Three more flaws

"We have identified a high (CVE Score 8.2) firewall vulnerability that is susceptible to actual exploitation for customers with SSL VPN or SSH management enabled and that should be mitigated immediately by upgrading to the latest firmware, which will be web-posted tomorrow, Jan 7th, 2025," SonicWall apparently said in the email.

"The same firmware upgrade contains mitigations for additional, less-critical vulnerabilities."

For those running Gen 6 or 6.5 hardware firewalls, SonicOS 6.5.5.1-6n or newer is the firmware they should update to, while Gen 6 / 6.5 NSv firewalls need to look for SonicOS 6.5.4.v-21s-RC2457 or newer. Finally, TZ80 users need at least SonicOS 8.0.0-8037.

In the same patch, the company fixed three additional flaws (CVE-2024-40762, CVE-2024-53705, and CVE-2024-53706), which allow for authentication bypassing, remote code execution, and more.

Those that are unable to install the patch immediately should at least apply the mitigations SonicWall suggested in the security advisory, which include limiting access to trusted sources, or disabling SSLVPN access from the Internet.

To minimize the potential impact of an SSH vulnerability, SonicWall suggests restricting firewall management to trusted sources as well, and disabling firewall SSH management from the internet.

Via BleepingComputer

You might also like
Categories: Technology

Demystifying the Department of Government Efficiency

WIRED Top Stories - Thu, 01/09/2025 - 12:02
This week we break down the new government committee being led by Elon Musk and Vivek Ramaswamy.
Categories: Technology

Own a Samsung TV? Good news: Disney Plus is set to start streaming TV shows and movies in HDR10+

TechRadar News - Thu, 01/09/2025 - 12:01
  • Disney Plus will offer HDR10+ streaming of movies and TV shows
  • It joins Prime Video and Apple in offering support for the HDR format
  • HDR10+ is supported on Samsung TVs in place of Dolby Vision

Disney Plus will support HDR10+ streaming on movies and TV shows in the future, as reported by Media Play News. There is currently no timeframe for when this will happen.

The announcement was made at a press conference at CES 2025 by a representative of Communication Research Inc

Disney Plus joins some of the best streaming services such as Prime Video, Apple TV Plus, Hulu, Paramount Plus, and YouTube in supporting the premium HDR format. Disney Plus will continue to offer Dolby Vision HDR streaming as well.

HDR10+ is a premium HDR format that allows for a more dynamic, brighter, and more contrast-rich picture than SDR and HDR10. It is not only supported on streaming but also on 4K Blu-ray as well.

Why is this good news for Samsung TV owners? Until now, Disney Plus has only offered Dolby Vision HDR quality, and as Samsung TVs don't support Dolby Vision, instead opting to support HDR10+, viewers couldn't get the most out of their hardware. With HDR10+ support coming to Disney Plus, Samsung TVs, some of the best TVs around, will now get an upgraded picture when watching the best Disney Plus shows.

Samsung TVs aren't the only TVs to support HDR10+. Hisense, TCL, Panasonic, as well as Philips in the UK, all offer models that support HDR10+ as well as Dolby Vision. LG and Sony however do not support HDR10+, not even on more premium sets such as the LG C4 OLED or Sony Bravia 9, instead opting for Dolby Vision HDR support only.

Great news for Samsung

The Samsung S95F (pictured here at CES 2025) will have another streaming service it can present in its best HDR picture. (Image credit: Future)

It has always seemed like an odd decision by Samsung to continuously forego support of Dolby Vision in its TVs; a decision that hasn't changed with its 2025 OLED TVs or its 2025 mini-LED TVs.

Many streaming services such as Netflix and Disney Plus originally opted to only support the Dolby Vision HDR format, meaning Samsung owners would miss out on the best possible picture quality on their TVs. A TV like the Samsung S95D for example, one of the best OLED TVs of 2024, deserves the best quality on a streaming service.

But this decision by Disney means that Samsung TV fans - and crucially potential customers - can now buy with a bit more confidence knowing another streaming service has joined the seemingly growing group of streaming sites to offer HDR10+ streaming.

Whether other streaming services will offer HDR10+ support (looking at you, Netflix and Max) remains to be seen, but until then, Samsung lovers now have one more service they can watch on the best Samsung TVs in the optimum quality.

You might also like
Categories: Technology

Pages

Subscribe to The Vortex aggregator