A popular DNA sequencer has been found carrying a vulnerability allowing threat actors to establish persistence on the device, destroy the hardware, or even tamper with the results, experts have claimed.
Researchers from Eclypsium analyzed the BIOS firmware in iSeq 100, a DNA sequencer built by a US biotechnology company Illumina, a benchtop sequencing system designed for small-scale genomic and targeted sequencing applications. It is used to read and analyze DNA, help researchers understand genetic information, study diseases, develop treatments, or explore how organisms are related.
Eclypsium said the device boots an older version of the BIOS firmware, which even ran in Compatibility Support Mode (CSM), in order to support older devices. It did not boot with standard protections, including Secure Boot technology.
Manipulating outcomesAll of this made iSeq 100 vulnerable to nine different bugs, some discovered in 2017, and with different severity scores. Threat actors could launch LogoFAIL, Spectre 2, and Microarchitectural Data Sampling (MDS) attacks against these devices, it was claimed.
To make matters worse, Eclypsium said it only analyzed this specific model, and that it is possible that other models are suffering from the same drawbacks, as well, especially since the motherboards in these devices were built by a third party.
“If the data is manipulated by an implant/backdoor in these devices, then a threat actor may manipulate a wide range of outcomes including faking presence or absence of hereditary conditions, manipulating medical treatments or new vaccines, faking ancestry DNA research, etc,” Eclypsium said.
Since making the discovery, Eclypsium notified the iSeq 100 manufacturer, who came back with a patch. There was no word on how many devices are vulnerable, or how fast the patch will be applied on all of them.
“Our initial evaluation indicates these issues are not high-risk,” an Illumina representative told BleepingComputer.
Via BleepingComputer
You might also likeIvanti has warned customers of a critical vulnerability impacting its VPN appliances that is being actively exploited in the wild to drop malware.
In a security advisory, Ivanti said that it uncovered two vulnerabilities recently - CVE-2025-0282 and CVE-2025-0283, both of which are impacting Ivanti Connect Secure VPN appliances.
The former seems to be the more dangerous of the two. It is given a severity score of 9.0 (critical), and is described as an unauthenticated stack-based buffer overflow. “Successful exploitation could result in unauthenticated remote code execution, leading to potential downstream compromise of a victim network,” it was said.
The second vulnerability, also a stack-based buffer overflow, comes with a 7.0 severity score (high).
New malware deployedThe company urged customers to apply the patch immediately, and provided further details about the threat actors and their tools.
In partnership with security researchers at Mandiant, Ivanti determined the first vulnerability has been abused in the wild as a zero-day, most likely by multiple threat actors.
In at least one of the compromised VPNs, Mandiant found the threat actors deploying the SPAWN ecosystem of malware (including SPAWNANT installer, SPAWNMOLE tunneler, and SPAWNSNAIL SSH backdoor).
The group behind this attack was identified as UNC5221, which is apparently, a China-nexus espionage group, active since at least December 2023.
In the past, UNC5221 has been linked to the exploitation of zero-day vulnerabilities in Ivanti Connect Secure VPN appliances, targeting organizations in telecommunications, healthcare, and public sectors. The group focuses on data exfiltration and espionage.
Mendiant has also seen crooks drop previously unseen malware, now tracked as DRYHOOK and PHASEJAM. They were not able to attribute these families to any known threat actor.
“It is possible that multiple actors are responsible for the creation and deployment of these various code families (i.e. SPAWN, DRYHOOK and PHASEJAM), but as of publishing this report, we don't have enough data to accurately assess the number of threat actors targeting CVE-2025-0282,” Ivanti said in the report.
You might also likeSatellite images show the extent of devastation from multiple wildfires burning in Los Angeles County after one day. The fires have killed at least five people and destroyed thousands of structures.
When choosing a business monitor, buyers typically look for a display with sharpcolors and plenty of ports that can simplify everything from creative projects to data analysis and multitasking across multiple devices.
At CES 2025, Lenovo unveiled the ThinkVision P32UD-40, which ticks all of those boxes. The 31.5-inch flagship IPS display has a 3840x2160 resolution, HDR10 support, and a contrast ratio of 1500:1.
The monitor supports up to 98% DCI-P3 and 99% sRGB and BT.709 color gamuts, making it suitable for tasks requiring precise color accuracy, and the screen’s 2.0mm ultra-thin bezel design maximizes screen space for an immersive viewing experience.
A dozen ports, and much more besides (Image credit: Lenovo)Elsewhere, the ThinkVision P32UD-40 offers a number of features such as Picture-in-Picture (PiP) and Picture-by-Picture (PbP) modes, along with a KVM switch for managing multiple devices seamlessly. The inclusion of daisy-chaining capabilities allows users to connect multiple monitors, improving multitasking and workspace efficiency.
What stands out for me, though, is the ThinkVision P32UD-40’s impressive array of no fewer than 12 ports, including a Thunderbolt 4 connector capable of 40Gbps transfer speeds, HDMI 2.1, DisplayPort 1.4, a second DP 1.4 for daisy-chaining, USB-B, USB-C, four USB-A ports, and a Gigabit Ethernet port, offering versatility for a range of devices and peripherals.
With a refresh rate ranging from 24Hz to 120Hz, the screen balances smooth motion and energy efficiency, aided by Lenovo’s AI Power Saving Mode, which adjusts backlighting and pixel intensity based on the displayed content. The monitor is certified with ENERGY STAR, EPEAT Gold, and multiple TÜV Rheinland eye comfort standards, including low blue light and flicker-free certifications.
Sustainability is a core focus for Lenovo’s new products, and the ThinkVision P Series is no exception. The P32UD-40 is constructed using 95% post-consumer recycled plastic for its front bezel and covers, while its stand swivel incorporates 100% recycled aluminum. The panel itself uses 20% recycled glass.
The ThinkVision P32UD-40 is expected to be available in Q2 2025, with a starting price of $1,199.
You might also likeA surge in VPN usage is the cause of slow internet speeds in Pakistan, with each megabyte of data routed via these services costing approximately $1 to the country's economy.
This shocking revelation came from a recent report published by the Pakistan Telecommunication Authority (PTA) – local publications, including the Pakistani English-speaking newspaper The Express Tribune could reveal.
While this isn't the first time authorities have condemned unauthorized VPN usage for, among other things, internet slowdowns, experts have long argued that government-imposed censorship is instead to blame for breaking the internet in Pakistan.
The ongoing Pakistan debateAccording to the PTA report – as reported by The Express Tribune – the ever-growing reliance on the best VPN apps "has put additional pressure on Pakistan's internet infrastructure."
This is because, authorities explain, virtual private network (VPN) services bypass local content delivery networks (CDNs), causing inefficiencies. Additionally, hefty VPN usage is also behind significant economic losses "due to increased reliance on foreign exchange."
As per the PTA data, VPN bandwidth usage peaked at 634 Gbps in August, 597 Gbps in September, 815 Gbps in October, and 378 Gbps in November.
These numbers certainly do not come as a surprise. Pakistanis have turned en masse to VPNs since the beginning of the year as a means to bypass stringent online restrictions.
X (formerly Twitter) has been inaccessible without a VPN since February. Meta's Facebook and Instagram were also restricted in July 2024 and May 2023, respectively, according to Surfshark's Internet Tracker. Bluesky and WhatsApp were the latest social media platforms blocked in the country this year.
Proton VPN has been recording spike in VPN sign-ups from Pakistan since the beginning of the year, with the most recent increase reaching +2860% over baseline on November 26, 2024. (Image credit: Proton)It was in this context that the PTA first shared plans to regulate the use of VPNs as a way to curb misuse back in August. Authorities would later deem unregistered VPNs a "security risk" for Pakistan as they can be used to access "sensitive data."
The PTA then set a deadline for November 30, 2024, to begin implementing the new policy, urging businesses and freelance workers to register their services to avoid any disruptions. As the registration deadline expired, however, it was revealed that Pakistan doesn't have any legal grounds to ban VPNs, according to Pakistan's Law Ministry.
On December 19, 2024, the PTA shared some new directives that require VPN companies to obtain a Class License for Data Services to operate within the country. VPN providers will also be forced to collect and share users' information usage with authorities upon request – de facto going against their strict no-log VPN policies.
While it's too early to know if such an attempt to regulate VPN usage will be successful this time, it certainly kicks off a new phase for the PTA's quest to regulate the use of these services in Pakistan.
SonicWall has recently addressed a high-severity vulnerability in its firewalls which is “susceptible to actual exploitation.” The company has since started notifying IT admins, urging them to apply the fix immediately and secure their endpoints.
Citing a few Reddit users who were contacted by SonicWall, BleepingComputer said the vulnerability is an authentication bypass in SSL VPN and SSH management, tracked as CVE-2024-53704.
It has a severity score of 8.2 (high) and impacts multiple generation six and generation seven firewalls, powered by SonicOS 6.5.4.15-117n and older and 7.0.1-5161 and older.
Three more flaws"We have identified a high (CVE Score 8.2) firewall vulnerability that is susceptible to actual exploitation for customers with SSL VPN or SSH management enabled and that should be mitigated immediately by upgrading to the latest firmware, which will be web-posted tomorrow, Jan 7th, 2025," SonicWall apparently said in the email.
"The same firmware upgrade contains mitigations for additional, less-critical vulnerabilities."
For those running Gen 6 or 6.5 hardware firewalls, SonicOS 6.5.5.1-6n or newer is the firmware they should update to, while Gen 6 / 6.5 NSv firewalls need to look for SonicOS 6.5.4.v-21s-RC2457 or newer. Finally, TZ80 users need at least SonicOS 8.0.0-8037.
In the same patch, the company fixed three additional flaws (CVE-2024-40762, CVE-2024-53705, and CVE-2024-53706), which allow for authentication bypassing, remote code execution, and more.
Those that are unable to install the patch immediately should at least apply the mitigations SonicWall suggested in the security advisory, which include limiting access to trusted sources, or disabling SSLVPN access from the Internet.
To minimize the potential impact of an SSH vulnerability, SonicWall suggests restricting firewall management to trusted sources as well, and disabling firewall SSH management from the internet.
Via BleepingComputer
You might also likeDisney Plus will support HDR10+ streaming on movies and TV shows in the future, as reported by Media Play News. There is currently no timeframe for when this will happen.
The announcement was made at a press conference at CES 2025 by a representative of Communication Research Inc
Disney Plus joins some of the best streaming services such as Prime Video, Apple TV Plus, Hulu, Paramount Plus, and YouTube in supporting the premium HDR format. Disney Plus will continue to offer Dolby Vision HDR streaming as well.
HDR10+ is a premium HDR format that allows for a more dynamic, brighter, and more contrast-rich picture than SDR and HDR10. It is not only supported on streaming but also on 4K Blu-ray as well.
Why is this good news for Samsung TV owners? Until now, Disney Plus has only offered Dolby Vision HDR quality, and as Samsung TVs don't support Dolby Vision, instead opting to support HDR10+, viewers couldn't get the most out of their hardware. With HDR10+ support coming to Disney Plus, Samsung TVs, some of the best TVs around, will now get an upgraded picture when watching the best Disney Plus shows.
Samsung TVs aren't the only TVs to support HDR10+. Hisense, TCL, Panasonic, as well as Philips in the UK, all offer models that support HDR10+ as well as Dolby Vision. LG and Sony however do not support HDR10+, not even on more premium sets such as the LG C4 OLED or Sony Bravia 9, instead opting for Dolby Vision HDR support only.
Great news for Samsung The Samsung S95F (pictured here at CES 2025) will have another streaming service it can present in its best HDR picture. (Image credit: Future)It has always seemed like an odd decision by Samsung to continuously forego support of Dolby Vision in its TVs; a decision that hasn't changed with its 2025 OLED TVs or its 2025 mini-LED TVs.
Many streaming services such as Netflix and Disney Plus originally opted to only support the Dolby Vision HDR format, meaning Samsung owners would miss out on the best possible picture quality on their TVs. A TV like the Samsung S95D for example, one of the best OLED TVs of 2024, deserves the best quality on a streaming service.
But this decision by Disney means that Samsung TV fans - and crucially potential customers - can now buy with a bit more confidence knowing another streaming service has joined the seemingly growing group of streaming sites to offer HDR10+ streaming.
Whether other streaming services will offer HDR10+ support (looking at you, Netflix and Max) remains to be seen, but until then, Samsung lovers now have one more service they can watch on the best Samsung TVs in the optimum quality.
You might also like