Month: September 2024
Two months after the massive IT outage caused by a CrowdStrike update, ‘customers still want to consolidate on the Falcon platform,’ according to a Morgan Stanley analyst. Two months after the massive IT outage caused by a faulty CrowdStrike update, customers remain interested in expanding their usage of the company’s cybersecurity offerings, according to a…
Read More
Google announced that starting today, passkeys added to Google Password Manager will automatically sync between Windows, macOS, Linux, Android, and ChromeOS devices for logged-in users. Passkeys, which use biometric authentication such as fingerprints, facial recognition, or screen locks, provide a more secure and convenient alternative to traditional passwords, significantly reducing the risk of data breaches.…
Read More
A Federal Trade Commission (FTC) staff report has found that social media and video streaming companies have been engaging in widespread user surveillance, particularly of children and teens, with insufficient privacy protections and earning billions of dollars annually by monetizing their data. The FTC’s findings were released after a probe that began in December 2020 and…
Read More
Sep 19, 2024Ravie LakshmananCyber Attack / Hacking Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress. “Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product’s default credentials,” the cybersecurity company said. Targets of the emerging…
Read More
Onboarding new employees is an important time for any organization — after all, it’s your opportunity to integrate new team members into your company and its culture. But the onboarding time frame also creates a unique set of security risks as you share sensitive information with people who are new to the organization. This article…
Read More
German law enforcement seized 47 cryptocurrency exchange services hosted in the country that facilitated illegal money laundering activities for cybercriminals, including ransomware gangs. The platforms allowed users to exchange cryptocurrencies without following applicable “Know Your Customer” regulations, meaning that users remained completely anonymous when making transactions. This created a low-risk environment for cybercriminals to launder their proceeds…
Read More
A joint law enforcement operation has dismantled an international criminal network that used the iServer automated phishing-as-a-service platform to unlock the stolen or lost mobile phones of 483,000 victims worldwide. The global operation, codenamed “Operation Kaerb,” began in 2022 after Europol received information from cybersecurity firm Group-IB, which contributed to identifying the victims and the criminals behind…
Read More
‘June [Yang’s] addition to our board will fuel Ahead’s ability to deliver game-changing hybrid cloud and AI services to our clients,’ says Ahead CEO Daniel Adamany. Solution provider all-star Ahead has appointed former VMware and Google Cloud top executive June Yang (pictured) to its board of directors in a move to accelerate Ahead’s AI services…
Read MoreOne of the common questions often asked of the IT team is “how many systems are missing patches and how many patches are missing on each system?” This dashboard uses the “Patch Report” plugin and organizes the current patch status for systems scanned with credentials. The IT team can now easily communicate the specific systems…
Read More
Sep 19, 2024Ravie LakshmananCryptojacking / Cloud Security The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastructures based on the CentOS operating system. “The initial access was accomplished via a Secure Shell (SSH) brute force attack on the victim’s assets, during which the threat…
Read More