Month: August 2024
Image: Midjourney The Corona Mirai-based malware botnet is spreading through a 5-year-old remote code execution (RCE) zero-day in AVTECH IP cameras, which have been discontinued for years and will not receive a patch. The flaw, discovered by Akamai’s Aline Eliovich, is tracked as CVE-2024-7029 and is a high-severity (CVSS v4 score: 8.7) issue in the…
Read More
Importantly, with its development based in Dubai and St Petersburg, Telegram isn’t an American company. For prosecutors, both inside and outside of the US, that has become an issue. Should the authorities want to grab metadata such as the IP address of a specific user on a social media, messaging or email platform, companies registered…
Read More
Who doesn’t fancy earning US $2.5 million? That’s the reward that’s on offer from the US Department and State and Secret Service for information leading to the arrest and/or conviction of a Belarusian man who allegedly was a key figure behind the development and distribution of the notorious Angler Exploit Kit. 38-year-old Vladimir Kadariya is…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-7965 Google Chromium V8 Inappropriate Implementation Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited…
Read MoreCISA released three Industrial Control Systems (ICS) advisories on August 29, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations. Source link lol
Read More
The goal of the partnership is to ensure Citrix Service Provider partners ‘have the level of coverage, service, technical support, so on and so forth that they need to be effective in their business and maintain flexibility in the model in which they want to consume,’ says Ethan Fitzsimons, Citrix’s channel chief. Citrix, a business…
Read More
‘The refresh is still ahead of us. We have only started to see that. And we continue to believe that this opportunity is coming,’ HP CEO Enrique Lores said during the company’s quarterly earnings call. HP Inc. CEO Enrique Lores told analysts on Wednesday’s quarterly earnings call that the majority of the PC refresh cycle…
Read More
Demand for the company’s Hopper GPUs remains strong, Nvidia executives said during the company’s fiscal 2025 Q2 earnings call Wednesday, which highlighted 122-percent revenue growth to more than $30 billion. Samples of Nvidia’s much-anticipated Blackwell-architecture GPUs are currently shipping to Nvidia partners and customers, according to company executives, with production expected to ramp up in…
Read More
The Russian state-sponsored APT29 hacking group has been observed using the same iOS and Android exploits created by commercial spyware vendors in a series of cyberattack between November 2023 and July 2024. The activity was discovered by Google’s Threat Analysis Group (TAG) who said the n-day flaws have already been patched, but remain effective on…
Read More
Aug 29, 2024Ravie LakshmananIoT Security / Vulnerability A years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet. CVE-2024-7029 (CVSS score: 8.7), the vulnerability in question, is a “command injection vulnerability found in the brightness function of AVTECH closed-circuit television (CCTV) cameras that…
Read More