Month: May 2024
May 21, 2024NewsroomHealthcare / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a security flaw impacting NextGen Healthcare Mirth Connect to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The flaw, tracked as CVE-2023-43208 (CVSS score: N/A), concerns a case of unauthenticated remote code execution arising from an…
Read More
May 21, 2024NewsroomCyber Attack / API Security Cybersecurity researchers have discovered a critical security flaw in a popular logging and metrics utility called Fluent Bit that could be exploited to achieve denial-of-service (DoS), information disclosure, or remote code execution. The vulnerability, tracked as CVE-2024-4323, has been codenamed Linguistic Lumberjack by Tenable Research. It impacts versions…
Read More
Watch for discontent in the shadows When it comes to IRM, CISOs focus predominantly on technologies: user entity behavior analytics (UEBA), security information and event management (SIEM), data loss prevention, and the like. There isn’t as much emphasis on stepping outside the view of their colleagues as streams of user data, to instead see them…
Read More
With its acquisition of Locuz, slated to close during the third quarter, SHI gains an 800-person team with extensive experience in CloudOps, SecOps, HPCOps, AIOps, and insight as a service. Global IT solution provider SHI International Monday said it plans to acquire India-based Locuz Enterprise Solutions, a provider of cybersecurity and digital transformation services. With…
Read More
‘This is intellectual property we have developed to provide actionable AI to customers,’ says Fulcrum IT Partners President Kyle Lanzinger. ‘We are productizing the AI-based vertical market domain services we have in our portfolio and also bringing in business leaders with deep industry expertise from our team to work with our customers.’ Fulcrum IT Partners,…
Read More
A critical Fluent Bit vulnerability that can be exploited in denial-of-service and remote code execution attacks impacts all major cloud providers and many technology giants. Fluent Bit is an extremely popular logging and metrics solution for Windows, Linux, and macOS embedded in major Kubernetes distributions, including those from Amazon AWS, Google GCP, and Microsoft Azure.…
Read More
The California-based imaging sensors manufacturer OmniVision is warning of a data breach after the company suffered a Cactus ransomware attack last year. OmniVision, a subsidiary of the Chinese Will Semiconductor, designs and develops imaging sensors for smartphones, laptops, webcams, automotive, medical imaging systems, and others. In 2023, the company employed 2,200 people and reported an annual…
Read More
The owner and operator of Incognito Market, a dark web marketplace for selling illegal narcotics online, was arrested at the John F. Kennedy Airport in New York on May 18. This illegal drug market was used to sell more than $100 million worth of narcotics, including over 1,000 kilograms (kgs) of illicit drugs, including 295…
Read More
A small player in the PC market, Qualcomm’s Snapdragon X launch for Microsoft’s new category of Copilot+ PCs marks the chip designer’s biggest move in the space to date, creating a new wave of competition not only for Intel and AMD but also Apple. Qualcomm launched its highly anticipated Arm-based Snapdragon X processors on Monday,…
Read More
Microsoft has announced a new AI-powered feature for Windows 11 called ‘Recall,’ which records everything you do on your PC and lets you search through your historical activities. Recall works like a photographic memory for your PC, letting you access everything you’ve seen or done on your computer in an organized way using queries in your…
Read More