Month: September 2024
U.K.’s National Crime Agency says it arrested a 17-year-old teenager who is suspected of being connected to the cyberattack on Transport for London, the city’s public transportation agency. “A teenager has been arrested in Walsall by the National Crime Agency, as part of the investigation into a cyber security incident affecting Transport for London (TfL),”…
Read MoreCisco released security updates to address vulnerabilities in Cisco ISO XR software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Source link lol
Read MoreCISA released twenty-five Industrial Control Systems (ICS) advisories on September 12, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-256-01 Siemens SINEMA Remote Connect Server ICSA-24-256-02 Siemens SINUMERIK ONE, SINUMERIK 840D and SINUMERIK 828D ICSA-24-256-03 Siemens User Management Component (UMC) ICSA-24-256-04 Siemens SINUMERIK Systems ICSA-24-256-05 Siemens Mendix Runtime…
Read MoreAdobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates: Security update available for Adobe Media Encoder | APSB24-53 Security…
Read More
CRN breaks down six significant recent executive departures and hires at Google Cloud, including the exit of Google’s Kubernetes leader and the hiring of Microsoft’s former corporate vice president. From the departure of Google Cloud’s Kubernetes and serverless general manager to the hiring of Microsoft’s former corporate vice president, Google Cloud’s top executive lineup continues…
Read More
The outage Thursday morning had prevented some AT&T users from accessing Microsoft 365 and Azure services. AT&T said that “connections are operating normally” as of mid-morning Thursday, EDT, following reports that Microsoft 365 and Azure services were inaccessible for AT&T users earlier in the morning. Microsoft also confirmed that the issues that caused the outage…
Read More
Transport for London (TfL) has determined that the cyberattack on September 1 impacts customer data, including names, contact details, email addresses, and home addresses. The urban transportation agency had informed the public on September 2 about an ongoing cybersecurity incident, assuring customers that at the time there was no evidence of data being compromised. Last Friday, TfL staff…
Read More
GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions. The release is for versions 17.3.2, 17.2.5, and 17.1.7 for both GitLab Community Edition (CE) and Enterprise Edition (EE), and patches a total of 18 security issues as part of the bi-monthly…
Read More
‘We’re investigating an issue where users may be unable to access multiple Microsoft 365 services,’ the tech giant said. Microsoft reported an outage that prevented some users from accessing Azure and Microsoft 365 services starting Thursday morning, EDT. The Microsoft 365 X account disclosed the outage at 8:38 a.m., EDT, on Thursday. “We’re investigating an…
Read More
Sep 12, 2024Ravie LakshmananMalware / IoT Security Nearly 1.3 million Android-based TV boxes running outdated versions of the operating system and belonging to users spanning 197 countries have been infected by a new malware dubbed Vo1d (aka Void). “It is a backdoor that puts its components in the system storage area and, when commanded by…
Read More