Month: September 2024
MS-ISAC ADVISORY NUMBER: 2024-096 DATE(S) ISSUED: 09/05/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Veeam Products, the most severe of which could allow for remote code execution. Veeam Backup & Replication is a proprietary backup app. Veeam ONE is a solution for managing virtual and data protection environments. Veeam Service Provider Console provides centralized monitoring…
Read More
HPE CEO Antonio Neri said HPE GreenLake is an “important component” of HPE’s AI strategy because it provides customers “confidence and control of their data which is the fundamental value when it comes to AI.” Hewlett Packard Enterprise CEO Antonio Neri said HPE’s GreenLake pay-per-use on premise cloud service is helping fuel AI server sales…
Read More
Additions to the Couchbase Capella database-as-a-service boost its ability to handle both operational and analytical workloads and leverage vector search capabilities – critical for AI applications – from anywhere. Couchbase is boosting the combined operational and analytical capabilities of its Capella database-as-a-service with expanded columnar and vector search functionality for developing next-generation “adaptive” applications –…
Read More
Yet, another critical severity vulnerability has been discovered in LiteSpeed Cache, a caching plugin for speeding up user browsing in over 6 million WordPress sites. The flaw, tracked as CVE-2024-44000 and categorized as an unauthenticated account takeover issue, was discovered by Patchstack’s Rafie Muhammad on August 22, 2024. A fix was made available yesterday with the…
Read More
‘Our goal is to continue our aggressive growth trajectory and leverage the expanding market to benefit both our company and our partners,’ says Kaseya’s Mike Sanders. ‘I’ve spent my entire career in this space because I find it incredibly fulfilling. We’re dedicated to helping our partners build successful businesses and serve their clients effectively. It’s…
Read More
Image: MidjourneyThe United States and its allies have linked a group of Russian military intelligence hackers (tracked as Cadet Blizzard and Ember Bear) to Unit 29155 of Russia’s Main Directorate of the General Staff of the Armed Forces. In a joint advisory published today, the Russian hackers, known for deploying WhisperGate data-wiping malware in Ukraine…
Read More
Sep 05, 2024Ravie LakshmananThreat Prevention / Software Security Veeam has shipped security updates to address a total of 18 security flaws impacting its software products, including five critical vulnerabilities that could result in remote code execution. The list of shortcomings is below – CVE-2024-40711 (CVSS score: 9.8) – A vulnerability in Veeam Backup & Replication…
Read More
Hackers are targeting other hackers with a fake OnlyFans tool that claims to help steal accounts but instead infects threat actors with the Lumma stealer information-stealing malware. The operation, discovered by Veriti Research, constitutes a characteristic example of the blurred lines between being a predator or prey in the world of cybercrime, where ironic twists…
Read More
Sep 05, 2024Ravie LakshmananMalware / Human Rights Unnamed government entities in the Middle East and Malaysia are the target of a persistent cyber campaign orchestrated by a threat actor known as Tropic Trooper since June 2023. “Sighting this group’s [Tactics, Techniques, and Procedures] in critical governmental entities in the Middle East, particularly those related to…
Read More
Image: MidjourneyNorth Carolina musician Michael Smith was indicted for collecting over $10 million in royalty payments from Spotify, Amazon Music, Apple Music, and YouTube Music using AI-generated songs streamed by thousands of bots in a massive streaming fraud scheme. According to court documents, Smith fraudulently inflated music streams on digital platforms between 2017 and 2024 with the…
Read More