Daily Archives: April 18, 2020

Curves for the 1918 flu pandemic

Posted on by

For National Geographic, Nina Strochlic and Riley D. Champine look back at the 1918 pandemic for clues about the future:

The 1918 flu, also known as the Spanish Flu, lasted until 1920 and is considered the deadliest pandemic in modern history. Today, as the world grinds to a halt in response to the coronavirus, scientists and historians are studying the 1918 outbreak for clues to the most effective way to stop a global pandemic. The efforts implemented then to stem the flu’s spread in cities across America—and the outcomes—may offer lessons for battling today’s crisis.

Source: Curves for the 1918 flu pandemic | FlowingData

Samsung ‘s TV Boxes Can Now Be Easily Upcycled Into Cat Houses

Posted on by

Taking a cue from anyone under 10 years old who can come up with endless imaginative uses for an empty cardboard box, Samsung is now making it easy for anyone to recycle or upcycle its TV packaging into other useful household items like magazine racks and fancy cat houses.

As competition between flat screen TV makers pushes those companies to release larger and larger sets to woo buyers, the packaging used to safely ship those TVs has grown along with them, leaving consumers with mountains of cardboard to dispose of afterward. In order to help reduce its carbon footprint, Samsung will start using packaging made from “eco-friendly corrugated cardboard” on its higher-end TVs including The Serif, The Frame, and the rotating, portrait mode-friendly, The Sero. The company didn’t go into detail about what makes the type of cardboard its using more eco-friendly, but presumably, and hopefully, it will include a higher percentage of recycled materials.

Source: Samsung ‘s TV Boxes Can Now Be Easily Upcycled Into Cat Houses

That critical VMware vuln allowed anyone on your network to create new admin users, no creds needed

Posted on by

A critical vulnerability in VMware’s vCenter management product allowed any old bod on the same network to remotely create an admin-level user, research by Guardicore Labs has revealed.

The astonishing vuln (CVE-2020-3952), details of which were quite spare when VMWare issued a patch last week, was rated by VMware itself as CVSS v3 10.0, the highest level.

Admins in charge of VMware estates should probably patch this one immediately, if they haven’t already.

Guardicore researcher JJ Lehman told The Register: “You have to be network accessible but you don’t have to be authenticated in any way to pull this off. Which means as an attacker who has already breached the perimeter of a network, as long as [you have] access to the vCenter, you essentially control everything on their VMware hosts.”

The virtualization vendor issued an advisory note and patch on 9 April that explained that a “malicious actor with network access to port 389 on an affected vmdir deployment may be able to extract highly sensitive information such as administrative account credentials”.

“It’s very unique,” Guardicore head of research Ofri Ziv told The Reg, explaining that the 10.0 CVSS impact rating on an enterprise virtualization product caught his enterprise security team’s eye. “This is why this is such a critical issue and this is why we believe it’s important for people to understand and mitigate it as fast as possible.”

He added that Guardicore had not seen evidence of the vuln being abused in the wild, though Lehman explained that by its nature, it would be difficult to see traces of its use.

Source: That critical VMware vuln allowed anyone on your network to create new admin users, no creds needed • The Register