Valladolid loses again and Getafe ends winless run in La LigaFor a brief window of time in October, Russian hackers had the ability to launch arbitrary code against anyone in the world using Firefox or Tor. On Oct. 8, researchers from ESET first spotted malicious files on a server managed by the Russian advanced persistent threat (APT) RomCom (aka Storm-0978, Tropical Scorpius, UNC2596). The files had gone online just five days earlier, on Oct. 3. Analysis showed that they leveraged two zero-day vulnerabilities : one affecting Mozilla software, the other Windows. The result: an exploit that spread the RomCom backdoor to anyone who visited an infected website, no clicks required. Luckily, both issues were remediated quickly. "The attackers only had a really small window to try to compromise computers," explains Romain Dumont, malware researcher with ESET. "Yes, there was a zero-day vulnerability. But, still, it was patched really fast." Dark Reading has reached out to Mozilla for comment on this story. The first of the two vulnerabilities, CVE-2024-9680, is a use-after-free opportunity in Firefox animation timelines — the browser mechanism that handles how animations play out based on user interactions with websites. Its power to afford attackers arbitrary command execution earned it a "critical" 9.8 rating from the Common Vulnerability Scoring System (CVSS). Related: Salt Typhoon Builds Out Malware Arsenal With GhostSpider Importantly, CVE-2024-9680 affects more than just Firefox. Mozilla's open source email client "Thunderbird" is also impacted, as is the ultrasecretive Tor browser, which is built from a modified version of Firefox's Extended Support Release (ESR) browser. In October, RomCom deployed specially crafted websites that would instantly trigger CVE-2024-9680 without the need for any victim interaction. Victims would unknowingly download the RomCom backdoor from RomCom-controlled servers, then quickly be redirected to the original website they thought they were visiting all along. These malicious domains were made to mimic the real sites associated with the ConnectWise and Devolutions IT services platforms, and Correctiv, a nonprofit newsroom for investigative journalism in Germany. That these organizations are both political and economic in nature might not surprise those familiar with RomCom, which has always conducted opportunistic cybercrime, but in more recent times has added politically motivated espionage to its agenda. Its activity in 2024 has included campaigns against the insurance and pharmaceutical sectors in the US, but also the defense, energy, and government sectors in Ukraine. Related: OpenSea Phishers Aim to Drain Crypto Wallets of NFT Enthusiasts It's unclear by what means of social engineering RomCom might have spread these malicious sites. Not content with only running code in a victim's browser, however, RomCom also employed a second vulnerability, CVE-2024-49039 . This high-severity 8.8 CVSS-rated bug in the Windows Task Scheduler allows for privilege escalation, thanks to an undocumented remote procedure calls (RPC) endpoint unintentionally accessible to low level users. In this case, RomCom used CVE-2024-49039 to escape the browser sandbox and onto a victim's machine at large. The damage that might've been done with such a powerful exploit chain, and exactly who was affected by it last month, remains unknown. What's clear at this point is that the overwhelming majority of targets were located in North America and Europe — particularly the Czech Republic, France, Germany, Poland, Spain, Italy, and the US — plus scattered victims in New Zealand and French Guiana. Also, notably, none of the victims tracked by ESET were compromised via Tor. "Tor has some predefined settings that differ from Firefox, so maybe it would not have worked," Damien Schaeffer, senior malware researcher at ESET speculates. He notes, too, that RomCom's primary targets appeared to be corporations, which rarely use Tor. Related: CyCognito Report Highlights Rising Cybersecurity Risks in Holiday E-Commerce Both CVE-2024-9680 and CVE-2024-49039 have since been patched — the former on Oct. 9, just 25 hours after Mozilla was notified of the issue, and the latter on Nov. 12. "By now, I hope, the problem is more or less done," Schaeffer says. Still, for any given organization, "It'll depend on their policies. If you have good patch management, this would have been fixed in one day or so. But it's up to people to fix their stuff." Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts "The Industrial Security Podcast," the most popular show in its field.
MAYFIELD HEIGHTS, Ohio – JB Bagelry is bringing new bagel and cream cheese flavors to Mayfield Heights. The shop, which opened earlier this fall, is offering asiago onion, garlic bread, fruity pebbles and cheez-it bagels, among other new combinations. The shop’s handcrafted cream cheese flavors are both traditional and seasonal. Espresso and pumpkin were recent seasonal favorites. December will bring salted caramel cream cheese to the menu. “We still have a ton of interesting, fun flavors to introduce,” says Jamie Kowit, who with her husband Brad, owns the shop at 5848 Mayfield Road, Mayfield Heights. The idea of the shop started in the couple’s kitchen. “We’re big foodies,” says Jamie. “On Sunday we made bagels and cream cheese together.” When the local Bruegger’s Bagel shop closed, they saw an opportunity to get out of the home kitchen and fill a community need. All they needed was a storefront. When a space opened next to Starbucks they were golden. She categorizes the bagelry’s product as a “water bagel.” But instead of boiling bagels, the shop uses new technology for the same crispy exterior. “We have state-of-the art oven that adds steam while baking,” she explains. “It takes some work out for us. We proof and put in oven where they get steamed and baked all in one.” Bagels may be the star of the menu, but the café offers more. “We’re so much more than bagels, we offer salads, homemade soups, wraps ... a reason to come back every day,” says Jamie. The most popular item on their catering menu is a bagel board complete with bagels, spreads, fruit and more. The entrepreneurial duo also own Tavern of Mayfield which they opened a few years ago. Stories by Paris Wolfe Three December hikes show off Cleveland during the holidays Christmas Around the World ‘Theme Park’ opens Nov. 29 in Avon Cleveland Museum of Art’s December MIX party celebrates Cavs' new City Edition jersey collaboration Send dining, drinking and culture story ideas to Paris Wolfe at pwolfe@cleveland.com . Review her previous stories here. Follow Paris Wolfe on Instagram @pariswolfe.
Rep. Adam Smith (D-Wash.), ranking member of the House Armed Services Committee, shares his concerns with embattled defense secretary pick Pete Hegseth. NBC News Chief Political Analyst Chuck Todd examines the ramifications of President Biden pardoning his son, Hunter. The Supreme Court hears a case on gender-affirming care for minors. Dec. 4, 2024None
NEW YORK (AFP) – United States (US) President-elect Donald Trump’s attorneys sought to dismiss his historic criminal fraud conviction in a new filing released on Tuesday – arguing President Joe Biden used similar reasoning to pardon his son, Hunter Biden. The Democratic lame-duck president pardoned his son on Sunday, after Hunter was convicted earlier this year of tax evasion and illegally possessing a firearm, arguing he was “selectively, and unfairly, prosecuted” by the Department of Justice (DOJ) “only because he is my son”. Trump’s motion to dismiss, filed on Monday, saw his legal team cite the arguments used by Biden to make their own case to presiding judge Juan Merchan. Biden’s “comments amounted to an extraordinary condemnation of President Biden’s own DOJ,” the letter’s introduction reads. “This is the same DOJ that coordinated and oversaw the politically-motivated, election-interference witch hunts targeting President Trump.” The 69-page brief also invoked the doctrine of presidential immunity – which the Supreme Court has ruled extends to “official acts” while president – and the Presidential Transition Act, among other laws, to “immediately dismiss the Indictment and vacate the jury’s verdicts.” Trump, 78, was found guilty in May of 34 counts of falsifying business records from covering up the payment of USD130,000 to film actress Stormy Daniels to silence her from coming forward about an alleged extramarital affair during the final stretch of the 2016 election campaign. Merchan, the judge in the only criminal case against Trump that has gone to trial, indefinitely postponed Trump’s sentencing at a hearing on November 22, given his win in the November 5 presidential election. With Trump’s defence team filing to dismiss the case, Merchan will now have to decide whether to throw out the case entirely, or to suspend any legal consequences until after the end of Trump’s upcoming term in office, which will begin on January 20. Manhattan prosecutor Alvin Bragg has supported the latter in light of the “unprecedented circumstances” caused by Trump’s electoral victory. Bragg had argued during the hush money trial that Trump’s payments were made to cover up a scandal that would have tarnished his campaign in the 2016 election that Trump ended up winning over Democrat Hillary Clinton. Trump has consistently denied having an affair with Daniels. ABOVE & BELOW: File photo of United States President-elect Donald Trump; and Hunter Biden. PHOTO: AFP PHOTO: AFPRiversgold advances Northern Zone Gold Project with Leapfrog modelling and strong drill results
One of the first steps of the chaotic offseason schedule for the Arizona football program is signing its recruits for the 2025 cycle during the early signing period on Wednesday, which is one of the busiest days of the year for recruiting. Arizona currently has 21 players committed to become the next wave of freshmen to join the Wildcats following their 4-8 season. The Wildcats aren't approaching the early signing period unscathed. Last month, Arizona lost four-star Dallas-area wide receiver Terry Shelton, who flipped to the hometown TCU Horned Frogs, along with three-star Los Angeles-area cornerback Josh Tuchek (UNLV) and Houston-area wide receiver Muizz Tounkara (Florida). Arizona head coach Brent Brennan said, "Those kids that chose to commit to us chose to do so because they believe in us and put trust in us." “We have to continue to ensure and help them see that when you come here, you are going to get developed at a really high level, you are going to be a part of great football teams, you are going to be a part of a great college football experience. ... I think we’re moving in the right direction," Brennan said a month ago. "I still think we have some pieces to add to it.” Arizona's 2025 recruiting class ranks ninth in the Big 12, according to 247Sports.com . The Wildcats are behind TCU, Colorado, Baylor, Kansas State, Houston, Utah, Arizona State and West Virginia. In Arizona's 21-player recruiting class, California, Texas and Arizona are the three main hubs. Nineteen players from the aforementioned states make up Arizona's ’25 class; the other two hail from Hawaii and Florida. Here's a look at the players currently committed to Arizona for 2025: Arizona picked up a commitment from Northern California 2025 offensive tackle Louis Akpa. Louis Akpa Position: Offensive tackle Height, weight: 6-6, 250 pounds Hometown (high school): San Mateo, California (Junipero Serra) Other offers: Boise State, BYU, Iowa State and Cal Kason Brown Position: Safety Height, weight: 6-4, 190 pounds Hometown (high school): Big Lake, Texas (Reagan County) Other offers: Texas State, UTEP, Cornell and Tulsa Gianni Edwards Position: Cornerback Height, weight: 5-11, 175 pounds Hometown (high school): Forney, Texas (North Forney) Other offers: Michigan State, Arizona State, Arkansas State and Colorado Kellan Ford Position: Tight end Height, weight: 6-5, 230 pounds Hometown (high school): Danville, California (Monte Vista) Other offers: Boston College, Cal, Nevada and Oregon State Three-star 2025 offensive lineman and Hawaii product Javian Goo committed to the Arizona Wildcats. Javian Goo Position: Offensive line Height, weight: 6-4, 280 pounds Hometown (high school): Kapolei, Hawaii (Kapolei) Other offers: Oregon State, Hawaii, Air Force and San Diego State Jaxon Griffin Position: Offensive tackle Height, weight: 6-6, 250 pounds Hometown (high school): Mesa (Red Mountain) Other offers: Oregon State and Colorado State Swayde Griffin Position: Cornerback Height, weight: 6-1, 185 pounds Hometown (high school): Lago Vista, Texas (Lago Vista) Other offers: Arizona State, Texas Tech and Minnesota Luke Haugo Position: Quarterback Height, weight: 6-5, 200 Hometown (high school): Gilbert (Higley) Other offers: Utah, Oregon, Arizona State and San Diego State Chandler Hamilton star Dajon Hinton is one of the top in-state cornerbacks. Dajon Hinton Position: Cornerback Height, weight: 5-10, 175 pounds Hometown (high school): Chandler (Hamilton) Other offers: Arizona State, Boston College, Iowa State and Kansas Kaleb Jones Position: Defensive tackle Height, weight: 6-1, 275 pounds Hometown (high school): Phoenix (Mountain Pointe) Other offers: Arizona State, Oregon and Oregon State Linebacker Carter Jones hails from Crean Lutheran High School in Irvine, California. Carter Jones Position: Linebacker Height, weight: 6-0, 205 pounds Hometown (high school): Irvine, California (Crean Lutheran) Other offers: Florida State, LSU, Miami, Oklahoma and Tennessee Robert McDaniel Position: Quarterback Height, weight: 6-1, 195 pounds Hometown (high school): Hughson, California (Hughson) Other offers: Florida, Cal, San Jose State and Indiana Arizona landed three-star Florida receiver Isaiah Mizell for 2025. Isaiah Mizell Position: Wide receiver Height, weight: 6-0, 160 pounds Hometown (high school): Orlando, Florida (Boone) Other offers: Notre Dame, UCF, Kansas State and Georgia Tech Coleman Paton Position: Defensive back Height, weight: 6-2, 190 pounds Hometown (high school): Del Valle, Texas (Del Valle) Other offers: TCU, Oklahoma State, Northwestern and Kansas State Mays Pese Position: Defensive tackle Height, weight: 6-2, 275 pounds Hometown (high school): Santa Barbara, California (Bishop Garcia Diego) Other offers: Boise State, Cal, Michigan State, Oregon State and San Jose State Basha Bears wide receiver Gio Richardson (5) dodges a tackle attempt by American Leadership Academy Patriots strong safety Diesel Mack at Basha High School in Chandler on Nov. 17, 2023. Gio Richardson Position: Wide receiver Height, weight: 5-11, 170 pounds Hometown (high school): Chandler (Basha) Other offers: Vanderbilt, Kansas State, Arizona State and Boise State Myron Robinson Position: Linebacker Height, weight: 6-2, 210 pounds Hometown (high school): San Antonio, Texas (East Central) Other offers: Washington State, Boston College, Georgia Tech and Houston Sean Robinson Position: Athlete Height, weight: 6-3, 205 pounds Hometown (high school): Cibolo, Texas (Steele) Other offers: Texas Tech, Oklahoma State, Houston and Nebraska Sione Tohi Position: Offensive line Height, weight: 6-3, 356 pounds Hometown (high school): Santa Ana, California (Mater Dei) Other offers: Alabama, Arizona State, Auburn, LSU, Oklahoma and Ole Miss Losipini Tupou Position: Offensive line Height, weight: 6-2, 275 pounds Hometown (high school): San Francisco (Archbishop Riordan) Other offers: Arizona State, Florida, Nebraska, Penn State and Utah Wesley Yarbrough Position: Running back Height, weight: 5-10, 195 pounds Hometown (high school): Crosby, Texas (Crosby) Other offers: Houston, Oklahoma State, TCU, Memphis and Utah Arizona quarterback Nick Foles looks toward the sideline during a UA matchup against Stanford at Arizona Stadium on Oct. 17, 2009. Ex-Wildcat Foles supports Brennan Former Arizona star quarterback and Super Bowl MVP Nick Foles recently posted his support for Brennan on X (Twitter) after UA athletic director Desireé Reed-Francois told the Star Brennan will return next season despite an "unacceptable" 4-8 campaign this year. Foles, who recently retired from the NFL and attended a UA football practice in the spring and spoke to the team, said, "I'm glad coach Brent Brennan will be back at the U of A. "I got to spend several days with him and really enjoyed my time. It was obvious the love he has for Wildcat nation and those roots run deep. I know the outcome of the season is not what the team or the Wildcat fans wanted but winning consistently takes time. You have to build the culture all over again when staffs change. That is the part of the game that is the hardest to do but the most fulfilling when done right. I expect coach Brennan to do this right in Tucson." UTEP head coach Dana Dimel looks toward his players during the first half against Southern Mississippi in Hattiesburg, Miss., Sept. 28, 2019. Southern Mississippi won 31-13. Former UA coach Dimel dies Former Arizona assistant coach Dana Dimel, who was the UA's tight ends coach under former head coach Mike Stoops from 2006-08, died Tuesday. Dimel was 62. Dimel's wife, Julie, and children, Winston and Josey, announced his death in a statement. No cause was given. “Today is a difficult day for college football and our Illini family,” said Illinois coach Bret Bielema, who hired Dimel as a senior offensive assistant this past season. “Dana was an exceptional person, husband, father, friend and football coach. He affected the lives of countless coaches, players and staff members for more than three decades in college football." Stoops said in a post on X (Twitter): "I am deeply saddened to hear of the loss of my dear friend, Dana Dimel. It was a privilege working with him as a coach for many years. His devotion and love to his family and the significant influence he had on so many through his football coaching will never be forgotten. Our thoughts and prayers are with his family during this difficult time." Arizona tight ends coach Dana Dimel, left, talks with offensive coordinator/quarterbacks coach Mike Canales, center, and offensive line coach Eric Wolford, right, at the start of practice Monday, April 10, 2006. Dimel grew up in Columbus, Ohio and graduated in 1986 from Kansas State, where Winston Dimel was later a three-time All-Big 12 fullback. The elder Dimel attended training camp with the Vikings in 1987 before going into coaching with his alma mater, and he was part of the early staffs of Hall of Fame coach Bill Snyder that turned around a long-suffering program. He was part of 12 bowl teams over three separate stints covering 19 seasons with Kansas State. “He was a special friend and coaching companion,” Snyder said in a statement. "I admired his passion for helping his players and fellow coaches. He was a big part of the development of the Kansas State football program, and along with his wife Julie, very meaningful in the Manhattan community.” Dimel was hired by Wyoming in 1997 and went 22–13 over three seasons before leaving for Houston, where he was 8–26 in three seasons. Dimel returned to Kansas State as an assistant, along with a period at Arizona, where he coached standout tight end Rob Gronkowski, before getting a final chance to be a head coach at UTEP, where he went 20–49 and led the Miners to the New Mexico Bowl over six seasons. Dimel, who had a career record of 50–88 as a head coach, helped the Illini go 9-3 as an assistant this season. “His influence on our program was incredible to witness and be a part of,” Bielema said. "His infectious positive energy had a major impact on me, our players and everyone in our building every day. He will be dearly missed. Our thoughts and prayers are with his wife and family.” — Staff and wire report Contact Justin Spears, the Star's Arizona football beat reporter, at jspears@tucson.com . On X(Twitter): @JustinESports Respond: Write a letter to the editor | Write a guest opinion Subscribe to stay connected to Tucson. A subscription helps you access more of the local stories that keep you connected to the community. Be the first to know Get local news delivered to your inbox! Sports ReporterPOET Technologies Completes US$25 Million Registered Direct Offering
As President Joe Biden's term comes to an end, social media users are falsely claiming that his administration spent billions of dollars on the construction of just a handful of electric vehicle charging stations. Multiple high-profile figures, including sitting members of Congress, have promoted the claims. The claims misrepresent funding set aside by the 2021 Infrastructure and Jobs Act , also known as the Bipartisan Infrastructure Law, for a national network of publicly available electric vehicle chargers . Biden has set a goal of creating 500,000 such chargers by 2030. Here's a closer look at the facts. CLAIM: The Biden administration spent $7.5 billion to build eight electric vehicle charging stations. THE FACTS: That's incorrect. The $7.5 billion figure refers to the total amount allocated through the 2021 law to build a network of charging stations across the U.S., not the amount that has already been spent. There are currently 214 operational chargers in 12 states that have been funded through the law, with 24,800 projects underway across the country, according to the Federal Highway Administration. A charger, often called a charging port, provides electric power to one vehicle at a time through a connector, which is plugged into the vehicle. Stations are physical locations that can have multiple chargers. Secretary of Transportation Pete Buttigieg called the claims spreading online “false” in a series of X posts. “$7.5B has not been spent, nor anything like that,” he wrote, adding that federally funded chargers are built by individual states, not the federal government, and that most will be built in the second half of the 2020s. The total $7.5 billion in funding consists of $5 billion distributed through the National Electric Vehicle Infrastructure Formula Program , or NEVI, and $2.5 billion distributed through the Charging and Fueling Infrastructure Discretionary Grant Program , or CFI. NEVI funds, as determined by a formula, go annually to departments of transportation in all 50 states, plus Puerto Rico and the District of Columbia, from 2022 to 2026. The funds will be available until 2030. Each year, 10% of NEVI funding is set aside for states and local governments that require additional assistance. CFI provides grants to states and other localities through an application process. It funds electric vehicle charging, as well as other alternative fueling infrastructure, with a focus on underserved and disadvantaged communities. Rep. Michael Rulli, a Republican from Ohio, was among multiple high-profile figures who falsely claimed this week that the entire budget has already been spent. “Pete Buttigieg will leave his post as Transportation Secretary having spend $7.5 BILLION to build 8 EV charging stations,” he wrote in an X post that had received approximately 62,900 likes and shares as of Wednesday. “His legacy will be squandering billions on something nobody wants, while millions struggle to afford the things they need.” Rulli's office did not immediately respond to a request for comment. By early this year, only four states — Ohio, New York, Pennsylvania and Hawaii — had opened stations funded by the Bipartisan Infrastructure Law, The Associated Press reported in March . A Washington Post article published the next day said this amounted to just seven stations . Loren McDonald, an independent analyst tracking the electric vehicle charger buildout, told the AP that when assessing the progress that's been made it's important to understand that some states have extensive experience constructing electric vehicle charging infrastructure while others have little to none. He explained that Wisconsin, for example, had to pass a new law in order to comply with federal requirements. “This is a federal program, but at the end of the day, it's completely dependent on the states,” he said. “And so the real criticism probably needs to be directed at the states that are moving slowly or how the program was structure. But I don't know how else you would have done it.” Asked whether the federal government could do anything to help states move faster, McDonald suggested that it could have provided them with more guidance on how to manage their individual buildouts. All 50 states, Puerto Rico and the District of Columbia have access to two rounds of NEVI funding totaling nearly $2.4 billion, according to the Federal Highway Administration. As of Friday, 37 states have access to their third round of funding, for an additional $586 million total. The agency explained, however, that this does not represent money that has already been spent — just the money that is available to fund projects. The Federal Highway Administration has announced more than $1.3 billion in awards through CFI and funds set aside by NEVI with $779 million in grants currently available under both programs. This also represents money that is available for projects rather than money that has been spent. There are currently more than 203,000 publicly available charging ports across the U.S., with nearly 1,000 being turned on every week, according to the agency. This is more than double the number available in 2021. In addition to NEVI and CFI, funding sources include federal tax incentives and private investments. Find AP Fact Checks here: https://apnews.com/APFactCheck .Leonardo DRS SVP sells $386,391 in common stock