Month: June 2024
The Los Angeles Unified School District has confirmed a data breach after threat actors stole student and employee data by breaching the company’s Snowflake account. SnowFlake is a cloud database platform used by some of the largest companies worldwide to store their data. Earlier this month, a threat actor began to sell data from numerous…
Read MoreThe U.S. did not sanction CEO and founder Eugene Kaspersky. The United States has blocked members of Russia-based cybersecurity vendor Kaspersky’s leadership from making transactions in the country a day after banning the company from making sales in the U.S. Twelve individuals associated with Kaspersky have been designated to the Specially Designated Nationals (SDN) list…
Read MoreWho Is Scanning for CVE-2023-1389? Back in April, when we first started tracking CVE-2023-1389, we did an analysis of who was scanning for it, and found that the majority of scanning activity was coming from just two ASNs, AS49870 (Alsycon, a hosting provider out of the Netherlands) and AS47890 (Unmanaged Ltd). Running these analyses again,…
Read MoreIn an interview with CRN, Insight Enterprises executive Megan Amdahl says there are multiple tailwinds for AI PC adoption, including potential productivity gains, an aging fleet of hastily obtained 2020-era PCs and Microsoft’s plan to stop supporting Windows 10 in 2025. What will motivate businesses to buy the growing wave of AI PCs hitting the…
Read MoreThis aligns with trends noted by analysts at Dell’Oro Group. In the first quarter of this year, they saw a 23% growth rate for SASE revenue, the 17th consecutive quarter with over 20% growth. And the unified SASE market, Dell’Oro said, especially appeals to the mid-market thanks to its simplified networking and security integration. “Enterprises…
Read MoreChange Healthcare: Patient Data Exposed In Breach Includes Medical Diagnoses, Test Results, Prescriptions
- by nlqip
The medical data exposed in the cyberattack earlier this year may have included ‘diagnoses, medicines, test results, images, care and treatment,’ according to Change Healthcare. Change Healthcare disclosed that it now believes sensitive patient medical data was exposed in the widely felt cyberattack earlier this year, as the UnitedHealth-owned company said it is preparing to…
Read MoreA pair of cyberattacks against software maker CDK continues to impact thousands of car dealerships and has spurred threat actors to launch impersonation attacks. The CDK Global outage affecting thousands of car dealerships continued Friday, while the attempts to recover from cyberattacks earlier this week were compounded by reported impersonation scams targeting dealership staff. While…
Read MoreThe Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned twelve Kaspersky Lab executives for operating in the technology sector of Russia. These sanctions came after the Biden administration announced yesterday the ban of sales and software updates for Kaspersky antivirus software in the USA, which started in July, over potential cybersecurity risks to national…
Read MoreCVE-2024-28995: SolarWinds Serv-U Path/Directory Traversal Vulnerability Exploited in the Wild
- by nlqip
Following the publication of proof-of-concept exploit details for a high-severity flaw in SolarWinds Serv-U, researchers have observed both automated and manual in-the-wild exploitation attempts; patching is strongly advised. Background On June 5, SolarWinds published an advisory for a vulnerability in its Serv-U file transfer protocol (FTP) and managed file transfer (MFT) solutions: CVE Description CVSSv3…
Read MoreA federal jury in Las Vegas convicted five men for their involvement in the operation of Jetflicks, one of the largest and most popular illegal streaming services in the United States. Jetflicks operated for 12 years, from its launch in 2007 until its shutdown by the FBI in 2019. At its peak, the service offered…
Read MoreRecent Posts
- A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
- CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- Xerox To Buy Lexmark For $1.5B In Blockbuster Print Deal
- Vulnerability Summary for the Week of December 16, 2024 | CISA
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict