Month: June 2024
Swatting definition Swattingis a form of criminal harassment in which attackers try to trick police forces into sending a heavily armed strike force to a victim’s home or business. The term takes its name from SWAT (Special Weapons and Tactics), a highly trained police unit that is called on to respond to active shooting scenes.…
Read MoreStarting midnight July 20, Kaspersky is barred “from entering into any new agreement with U.S. persons involving one or more” information and communications technology and services deals. The United States has taken steps to ban domestic sales and integration of products by Russia-based cybersecurity vendor Kaspersky, citing “undue and unacceptable risks to U.S. national security…
Read MoreToday, the Biden administration has announced an upcoming ban of Kaspersky antivirus software and the pushing of software updates to US companies and consumers, giving customers until September 29, 2024, to find alternative security software. “Today, the Department of Commerce’s Bureau of Industry and Security (BIS) announced a Final Determination prohibiting Kaspersky Lab, Inc., the…
Read MoreThe RansomHub ransomware operation is using a Linux encryptor designed specifically to encrypt VMware ESXi environments in corporate attacks. RansomHub is a ransomware-as-a-service (RaaS) operation launched in February 2024, featuring code overlaps and member associations with ALPHV/BlackCat and Knight ransomware, having claimed over 45 victims across 18 countries. The existence of a Windows and Linux…
Read MoreA vulnerability dubbed “CosmicSting” impacting Adobe Commerce and Magento websites remains largely unpatched nine days after the security update has been made available, leaving millions of sites open to catastrophic attacks. According to Sansec’s stats, roughly three out of four websites using the impacted e-commerce platforms have not patched against CosmicSting, which puts them at…
Read MoreA newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo already releasing new firmware updates to resolve the flaw. The vulnerability, dubbed ‘UEFICANHAZBUFFEROVERFLOW,’ is a buffer overflow bug in the firmware’s Trusted Platform Module (TPM) configuration that could be exploited to perform code execution on…
Read MoreIn an interview with CRN, Qualcomm Global Channel Chief Kyle Houser says partners are ‘essential’ to aiding the chip designer in its goal to ‘revolutionize the PC’ and break up the Intel-AMD duopoly with the new Snapdragon X processors for Copilot+ laptops hitting the market now. Qualcomm is hoping to break up the Intel-AMD duopoly…
Read MoreHow do you ensure that your remote access is secure? Do you consider your servers protected as long as you have in place a virtual private network (VPN), virtual desktop infrastructure (VDI), Azure Virtual Desktop, desktop-as-a-service (DaaS), VDI-as-a-service (VDIaaS), or other forms of secure jump hosts? There is a misconception that having a secured intermediary…
Read MoreThe provider of software used by thousands of car dealerships reportedly says it has shut down most of its systems after a pair of attacks. CDK Global, a provider of software used by thousands of car dealerships, has reportedly shut down most of its systems after a pair of cyberattacks in recent days. The first…
Read MoreKrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO – Krebs on Security
- by nlqip
On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The subjects of that piece are threatening to sue KrebsOnSecurity for…
Read MoreRecent Posts
- A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
- CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- Xerox To Buy Lexmark For $1.5B In Blockbuster Print Deal
- Vulnerability Summary for the Week of December 16, 2024 | CISA
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict