Month: June 2024
Swatting definition Swattingis a form of criminal harassment in which attackers try to trick police forces into sending a heavily armed strike force to a victim’s home or business. The term takes its name from SWAT (Special Weapons and Tactics), a highly trained police unit that is called on to respond to active shooting scenes.…
Read More
Starting midnight July 20, Kaspersky is barred “from entering into any new agreement with U.S. persons involving one or more” information and communications technology and services deals. The United States has taken steps to ban domestic sales and integration of products by Russia-based cybersecurity vendor Kaspersky, citing “undue and unacceptable risks to U.S. national security…
Read More
Today, the Biden administration has announced an upcoming ban of Kaspersky antivirus software and the pushing of software updates to US companies and consumers, giving customers until September 29, 2024, to find alternative security software. “Today, the Department of Commerce’s Bureau of Industry and Security (BIS) announced a Final Determination prohibiting Kaspersky Lab, Inc., the…
Read More
The RansomHub ransomware operation is using a Linux encryptor designed specifically to encrypt VMware ESXi environments in corporate attacks. RansomHub is a ransomware-as-a-service (RaaS) operation launched in February 2024, featuring code overlaps and member associations with ALPHV/BlackCat and Knight ransomware, having claimed over 45 victims across 18 countries. The existence of a Windows and Linux…
Read More
A vulnerability dubbed “CosmicSting” impacting Adobe Commerce and Magento websites remains largely unpatched nine days after the security update has been made available, leaving millions of sites open to catastrophic attacks. According to Sansec’s stats, roughly three out of four websites using the impacted e-commerce platforms have not patched against CosmicSting, which puts them at…
Read More
A newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo already releasing new firmware updates to resolve the flaw. The vulnerability, dubbed ‘UEFICANHAZBUFFEROVERFLOW,’ is a buffer overflow bug in the firmware’s Trusted Platform Module (TPM) configuration that could be exploited to perform code execution on…
Read More
In an interview with CRN, Qualcomm Global Channel Chief Kyle Houser says partners are ‘essential’ to aiding the chip designer in its goal to ‘revolutionize the PC’ and break up the Intel-AMD duopoly with the new Snapdragon X processors for Copilot+ laptops hitting the market now. Qualcomm is hoping to break up the Intel-AMD duopoly…
Read More
How do you ensure that your remote access is secure? Do you consider your servers protected as long as you have in place a virtual private network (VPN), virtual desktop infrastructure (VDI), Azure Virtual Desktop, desktop-as-a-service (DaaS), VDI-as-a-service (VDIaaS), or other forms of secure jump hosts? There is a misconception that having a secured intermediary…
Read More
The provider of software used by thousands of car dealerships reportedly says it has shut down most of its systems after a pair of attacks. CDK Global, a provider of software used by thousands of car dealerships, has reportedly shut down most of its systems after a pair of cyberattacks in recent days. The first…
Read More
On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The subjects of that piece are threatening to sue KrebsOnSecurity for…
Read More