Month: April 2024
Apr 13, 2024NewsroomCryptocurrency / Regulatory Compliance A former security engineer has been sentenced to three years in prison in the U.S. for charges relating to hacking two decentralized cryptocurrency exchanges in July 2022 and stealing over $12.3 million. Shakeeb Ahmed, the defendant in question, pled guilty to one count of computer fraud in December 2023…
Read More
Intel CEO Pat Gelsinger has made a bold prediction: the rise of AI will soon automate entire offices, potentially leading to the creation of what he calls “one-person, billion-dollar companies.” This vision highlights the rapidly increasing capabilities of artificial intelligence and the potential for radical transformation in the workplace. Intel, a major player in the…
Read More
Apr 13, 2024Newsroom Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly three weeks before it came to light yesterday. The network security company’s Unit 42 division is tracking the activity under the name Operation MidnightEclipse, attributing it as the work…
Read MoreApply appropriate mitigations provided for PAN- OS. Palo Alto plans to release an update for Pan-OS on 4/14. (M1051: Update Software, M1042: Disable or Remove Feature or Program)o Safeguard 4.8: Uninstall or Disable Unnecessary Services on Enterprise Assets and Software: Uninstall or disable unnecessary services on enterprise assets and software, such as an unused file…
Read MoreFriday Squid Blogging: The Awfulness of Squid Fishing Boats It’s a pretty awful story. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Tags: squid Posted on April 12, 2024 at 5:08 PM • 1 Comments…
Read More
“This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls with the configurations for both GlobalProtect gateway and device telemetry enabled,” the company said in its advisory. Customers can check if they have the GlobalProtect gateway configured under the Network > GlobalProtect > Gateways menu in the firewall’s web interface. The…
Read More
“For several years, the US government has documented malicious cyber activity as a standard part of the Russian playbook; this latest compromise of Microsoft adds to their long list. We will continue efforts in collaboration with our federal government and private sector partners to protect and defend our systems from such threat activity,” CISA Director…
Read MoreJuniper has released security updates to address multiple vulnerabilities in Junos OS, Junos OS Evolved, Paragon Active Assurance and Junos OS: EX4300 Series. A cyber threat actor could exploit some of these vulnerabilities to cause a denial-of-service condition. Users and administrators are encouraged to review Juniper’s Support Portal and apply the necessary updates. Source link lol
Read More
“Test files” associated with the XZ Utils backdoor have made their way to a Rust crate known as liblzma-sys, new findings from Phylum reveal. liblzma-sys, which has been downloaded over 21,000 times to date, provides Rust developers with bindings to the liblzma implementation, an underlying library that is part of the XZ Utils data compression…
Read MoreCitrix released security updates to address multiple vulnerabilities in XenServer and Citrix Hypervisor. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review and apply the necessary updates: Source link lol
Read More