Month: May 2024
‘I’ve given 25 years of my channel career to the channel and the channel paid it forward when I needed them to,’ says Maryann Pagano, CEO of BlackHawk Data LLC. In 2018, Maryann Pagano parted ways with her employer of 15 years but did not leave on good terms. In her late forties, she had…
Read More
A 31-year-old Russian national named Evgeniy Doroshenko has been indicted for wire and computer fraud in the United States for allegedly acting as an “initial access broker” from February 2019 to May 2024. An initial access broker (IAB) is a threat actor who breaches corporate networks and then sells that access to other threat actors,…
Read More
Image: Midjourney Microsoft has linked a North Korean hacking group it tracks as Moonstone Sleet to FakePenny ransomware attacks, which have led to millions of dollars in ransom demands. While this threat group’s tactics, techniques, and procedures (TTPs) largely overlapped with those of other North Korean attackers, it has also slowly adopted novel attack methods,…
Read MoreAtlassian–Confluence Data Center This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.3, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to…
Read More
‘You can choose to judge and define that person to their past or you can choose to accept, empathize and seek to understand,’ says Michelle Cirocco, chief social responsibility for Televerde. “Imagine the worst part of your life and having that always define you,” said Michelle Cirocco. “When you hear somebody else’s story, you have…
Read More
Christie’s confirmed that it suffered a security incident earlier this month after the RansomHub extortion gang claimed responsibility and threatened to leak stolen data. Christie’s is a prominent auction house with a history spanning 2.5 centuries. It operates in 46 countries and specializes in selling art, luxury items, and high-valued collectibles. Christie’s has handled numerous notable auctions such…
Read More
Security researchers have released a proof-of-concept (PoC) exploit for a maximum-severity vulnerability in Fortinet’s security information and event management (SIEM) solution, which was patched in February. Tracked as CVE-2024-23108, this security flaw is a command injection vulnerability discovered and reported by Horizon3 vulnerability expert Zach Hanley that enables remote command execution as root without requiring…
Read More
Identity theft is a many tentacled beast, but when a relative or close family friend steals a child’s identity, it’s particularly heinous. Author and professor Axton Betz-Hamilton knows a lot about the topic of child identity theft. She learned about it the hard way. Her credit was completely destroyed by the time she first went…
Read MoreCISA released one Industrial Control Systems (ICS) advisory on May 28, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. Source link lol
Read More
How to Prevent Ransomware Attacks: Key Practices to Know About The last 12 months or so have seen ransomware around the world continue to set new, unwanted records. Both the frequency of recent ransomware attacks and the figures cybercriminals have demanded from businesses continue to rise, and it’s clear that every company is a target,…
Read More