Month: May 2024
A CEO of a number of tech companies has been sentenced in federal court for running what officials are calling “one of the largest counterfeit-trafficking operations ever.” Onur Aksoy was convicted of selling counterfeit Cisco equipment, with some of the phony gear being deployed in classified information systems, combat and non-combat operations of the U.S.…
Read More
Law enforcement shut down 12 phone fraud call centers in Albania, Bosnia and Herzegovina, Kosovo, and Lebanon, behind thousands of scam calls daily. Dozens of German law enforcement officers, aided by hundreds of counterparts from other countries (i.e., Albania, Bosnia and Herzegovina, Kosovo, and Lebanon), carried out numerous raids on April 18, identifying 39 suspects…
Read More
U.S. and international cybersecurity and law enforcement agencies this week issued a joint fact sheet to highlight and safeguard against the continued malicious cyber activity conducted by pro-Russia hacktivists against operational technology (OT) devices in North America and Europe. Read on to get all the details and learn what actions to take today. Against the…
Read More
CRN rounds up five cool AI and high-performance computing servers from Dell Technologies, Lenovo, Supermicro and Gigabyte that use AMD’s Instinct MI300 chips, which launched a few months ago to challenge Nvidia’s dominance in the AI computing space. AMD is making its biggest challenge yet to Nvidia’s dominance in the AI computing space with its…
Read More
Tony Safoian, CEO of Google Cloud all-star partner SADA, talks about winning new Google Workspace customers, Insight’s Microsoft practice and his bullish thoughts on Google’s AI strategy. After Insight Enterprises acquired Google Cloud superstar SADA for $410 million a few months ago, SADA CEO Tony Safoian said he is bullish about the new cloud customer…
Read More
Microsoft has highlighted a novel attack dubbed “Dirty Stream,” which could allow malicious Android apps to overwrite files in another application’s home directory, potentially leading to arbitrary code execution and secrets theft. The flaw arises from the improper use of Android’s content provider system, which manages access to structured data sets meant to be shared…
Read MoreCISA released three Industrial Control Systems (ICS) advisories on May 02, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations. Source link lol
Read More
The company says there’s ‘no evidence that the threat actor accessed the contents of users’ accounts’ in the breach of its Dropbox Sign service. Dropbox disclosed that its eSignature service, Dropbox Sign, was compromised and authentication data such as hashed passwords, API keys and OAuth tokens for some users were accessed. Certain customer information and…
Read More
May 02, 2024NewsroomVulnerability / Android Several popular Android applications available in Google Play Store are susceptible to a path traversal-affiliated vulnerability that could be exploited by a malicious app to overwrite arbitrary files in the vulnerable app’s home directory. “The implications of this vulnerability pattern include arbitrary code execution and token theft, depending on an…
Read More
Microsoft has confirmed that it won’t provide an automated fix for a known issue causing 0x80070643 errors when installing recent Windows Recovery Environment (WinRE) updates. The problematic updates were issued during the January 2024 Patch Tuesday to fix CVE-2024-20666, a BitLocker encryption bypass vulnerability that allows attackers to access encrypted data. The issue impacts Windows…
Read More