Security

Earlier this year, we shared the story of how a classic NES Tetris player hit the game's "kill screen" for the first time, activating a crash after an incredible 40-minute, 1,511-line performance. Now, some players are using that kill screen—and some complicated memory manipulation it enables—to code new behaviors into versions of Tetris running on unmodified hardware and cartridges.

A maximum severity vulnerability that allows hackers to hijack GitLab accounts with no user interaction required is now under active exploitation, federal government officials warned as data showed that thousands of users had yet to install a patch released in January.

The best graphics cards are great for gaming but can also help crack passwords. Hive Systems, a cybersecurity solution provider, has released the 2024 edition of its Hive Systems Password Table and some additional studies detailing how long it takes different Nvidia graphics cards to crack a password.

Cybercriminals and spies working for nation-states are surreptitiously coexisting inside the same compromised name-brand routers as they use the devices to disguise attacks motivated both by financial gain and strategic espionage, researchers said.

The disruption to GPS services started getting worse on Christmas Day. Planes and ships moving around southern Sweden and Poland lost connectivity as their radio signals were interfered with. Since then, the region around the Baltic Sea—including neighboring Germany, Finland, Estonia, Latvia, and Lithuania—has faced persistent attacks against GPS systems.

Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-severity vulnerability that allows complete takeover, researchers said.

Cisco has urged its customers to upgrade their software after disclosing that state-sponsored hackers have compromised some of its security devices.

In a blog post, the company said hackers exploited previously undetected vulnerabilities in its Adaptive Security Appliances, a product that combines multiple cybersecurity functions.

Satya Nadella has made a habit on Microsoft’s earnings calls of touting the revenue growth in the company’s security technology business.

But today the Microsoft CEO took a different approach, talking instead about the Secure Future Initiative that the company launched last fall to improve its cybersecurity safeguards.

A now-abandoned USB worm that backdoors connected devices has continued to self-replicate for years since its creators lost control of it and remains active on thousands, possibly millions, of machines, researchers said Thursday.

Hackers backed by a powerful nation-state have been exploiting two zero-day vulnerabilities in Cisco firewalls in a five-month-long campaign that breaks into government networks around the world, researchers reported Wednesday.