News

End of an era? This PC case gives the O11 Dynamic a run for its money

Read More

Dev corrupts NPM libs ‘colors’ and ‘faker’ breaking thousands of apps

Users of popular open-source libraries ‘colors’ and ‘faker’ were left stunned after they saw their applications, using these libraries, printing gibberish data and breaking.

Some surmised if the NPM libraries had been compromised, but it turns out there’s much more to the story.

The developer of these libraries intentionally introduced an infinite loop that bricked thousands of projects that depend on ‘colors’ and ‘faker.’ 

The colors library receives over 20 million weekly downloads on npm alone and has almost 19,000 projects relying on it. Whereas, faker receives over 2.8 million weekly downloads on npm, and has over 2,500 dependents.

Open

Read More

Shutterfly services disrupted by Conti ransomware attack

Photography and personalized photo giant Shutterfly has suffered a Conti ransomware attack that allegedly encrypted thousands of devices and stole corporate data.

Although many associate Shutterfly with their website, the company’s photography-related services are aimed at consumer, enterprise, and education customers through various brands such as GrooveBook, BorrowLenses, Shutterfly.com, Snapfish, and Lifetouch.

The main website can be used to upload photos to create photo books, personalized stationary, greeting cards, post cards, and more.

Shutterfly suffers a Conti ransomware attack

On Friday, a source told BleepingComputer that Shutterfly suffered a ransomware attack approximately two weeks ago by the Conti gang,

Read More

U.S. warns new software flaw leaves millions of computers vulnerable

The top U.S. cybersecurity agency is warning that a new, easy-to-exploit software vulnerability has likely led to hundreds of millions of computer hacks around the world.

The flaw is in Log4j, a snippet of open-source code widely used in internet applications around the world to help track users’ activity. Since Log4j is used in so many applications, and most modern organizations’ computer networks rely on a hodgepodge of different programs, there are scores of opportunities to exploit that flaw.

Jen Easterly testifies during her confirmation hearing before the Senate Homeland Security and Governmental Affairs Committee on June 10, 2021, in
Read More

University loses 77TB of research data due to backup error

The Kyoto University in Japan has lost about 77TB of research data due to an error in the backup system of its Hewlett-Packard supercomputer.

The incident occurred between December 14 and 16, 2021, and resulted in 34 million files from 14 research groups being wiped from the system and the backup file.

After investigating to determine the impact of the loss, the university concluded that the work of four of the affected groups could no longer be restored.

All affected users have been individually notified of the incident via email, but no details were published on the type of work

Read More

Cheap or free ways to make your old PC faster

Read More

‘World’s Fastest PC’ Hits 100 KPH Packing Core i9-12900K and RX 6900 XT

Sega has been busy with Intel and ASRock, attempting to craft the “world’s fastest PC.” In a techy double entendre, the purported ‘speediest PC on Earth’ is designed with the cream of the crop of current PC components from the Intel Alder Lake series plus the ASRock Radeon 6000 series, all built into a chassis propelled by a powerful G-Force Remote Control car that hits a top speed of 100kmph. 

Sega - world's fastest PC

(Image credit: Sega)

It is hard to deny the result of the collaboration is impressive. The companies put together a compact PC with Intel Core i9-12900K processor, an ASRock Radeon

Read More

Firmware attack can drop persistent malware in hidden SSD area

Korean researchers have developed a set of attacks against some solid-state drives (SSDs) that could allow planting malware in a location that’s beyond the reach of the user and security solutions.

The attack models are for drives with flex capacity features and target a hidden area on the device called over-provisioning, which is widely used by SSD makers these days for performance optimization on NAND flash-based storage systems.

Hardware-level attacks offer ultimate persistence and stealth. Sophisticated actors have worked hard to implement such concepts against HDDs in the past, hiding malicious code in unreachable disk sectors.

How flex capacity

Read More

Microsoft Exchange year 2022 bug in FIP-FS breaks email delivery

Microsoft Exchange on-premise servers cannot deliver email starting on January 1st, 2022, due to a “Year 2022” bug in the FIP-FS anti-malware scanning engine.

Starting with Exchange Server 2013, Microsoft enabled the FIP-FS anti-spam and anti-malware scanning engine by default to protect users from malicious email.

Microsoft Exchange Y2K22 bug

According to numerous reports from Microsoft Exchange admins worldwide, a bug in the FIP-FS engine is blocking email delivery with on-premise servers starting at midnight on January 1st, 2022.

Security researcher and Exchange admin Joseph Roosen said that this is caused by Microsoft using a signed int32 variable to store

Read More