Month: September 2024
Microsoft has announced that Office LTSC (Long Term Servicing Channel) 2024, a volume-licensed and perpetual version of Office for Windows and macOS users, is now available for commercial and government customers. Office LTSC 2024 is designed for organizations with devices without internet connectivity and requiring long-term support, such as specialty systems like medical equipment. It has…
Read More
‘Think of Copilot as the UI for AI,’ Microsoft CEO Satya Nadella says. Microsoft CEO and Chairman Satya Nadella said the vendor is on a second wave of iteration on its Copilot brand of artificial intelligence tools, showcasing a new Copilot Pages canvas offering, more integrations with existing productivity applications and capabilities around AI agents.…
Read More
‘I compare AI to the New York subway,’ says Balancelogic CEO Bill Campbell. ‘It’s a great tool that’s quick and convenient, but you have to be cautious. Just like in the subway, there are precautions you need to take with AI, particularly concerning data security.’ Dawn Sizer and some of her clients have already seen…
Read More
Image: MidjourneyToday, the U.S. Department of the Treasury has sanctioned five executives and one entity linked to the Intellexa Consortium for developing and distributing Predator commercial spyware. Intellexa Consortium is a network of decentralized companies that developed and sold highly intrusive spyware products marketed under the “Predator” brand. Predator spyware has allowed Intellexa customers worldwide —…
Read More
Google is updating the post-quantum cryptography used in the Chrome browser to protect against TLS attacks using quantum computers and to mitigate store-now-decrypt-later attacks. The upcoming change will swap Kyber used in hybrid key exchanges to a newer, and slightly modified version, renamed as Module Lattice Key Encapsulation Mechanism (ML-KEM). This change comes roughly five months…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8190 Ivanti Cloud Services Appliance OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk…
Read MoreAccess Denied You don’t have permission to access “http://cybersecurity.att.com/blogs/security-essentials/tackling-the-unique-cybersecurity-challenges-of-online-learning-platforms” on this server. Reference #18.ddd7ce17.1726501433.90741bc5 https://errors.edgesuite.net/18.ddd7ce17.1726501433.90741bc5 Source link lol
Read MoreIvanti has released a security update addressing an OS command injection vulnerability (CVE-2024-8190) affecting Ivanti Cloud Services Appliance (CSA) 4.6 (all versions before patch 519). A cyber threat actor could exploit this vulnerability to take control of an affected system. At this time, Ivanti has confirmed limited exploitation and urges its customers using the affected…
Read MoreCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-43461 Microsoft Windows MSHTML Platform Spoofing Vulnerability CVE-2024-6670 Progress WhatsUp Gold SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD)…
Read More
‘CloudImposer could have allowed attackers to conduct a massive supply chain attack by compromising the Google Cloud Platform’s Cloud Composer service for orchestrating software pipelines,’ says Tenable security researcher Liv Matan. Google has patched a critical security flaw inside its Google Cloud Platform Composer tool that could have enabled hackers to achieve remote execution on…
Read More