Month: October 2024
Over 22,000 CyberPanel instances exposed online to a critical remote code execution (RCE) vulnerability were mass-targeted in a PSAUX ransomware attack that took almost all instances offline. This week, security researcher DreyAnd disclosed that CyberPanel 2.3.6 (and likely 2.3.7) suffers from three distinct security problems that can result in an exploit allowing unauthenticated remote root access…
Read More
The cybersecurity vendor says in a federal lawsuit over the July IT outage that it ‘certainly did not cause the harm that Delta claims.’ CrowdStrike has filed a lawsuit against Delta over the July IT outage that crippled the airline for days, formally accusing Delta of seeking to “shift blame” for its own failings to…
Read More
Among the highlights of the XChange Best of Breed conference were a number of lessons for the AI era from the top CEOs in the business, including a massive infrastructure upgrade opportunity, a shift by more partners into the MSSP market and the continued rise of the marketplace model. Here’s a look at the 10…
Read More
In an exclusive interview with CRN, Michael Green, general manager of Intel’s new North America partner scale group, says his top priorities are to grow the chipmaker’s business with partners and get his employees familiar with new roles as he pushes for greater efficiency within the semiconductor giant’s partner programs. After becoming Intel’s U.S. channel…
Read More
QNAP has fixed a critical zero-day vulnerability exploited by security researchers on Thursday to hack a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. Tracked as CVE-2024-50388, the security flaw is caused by an OS command injection weakness in HBS 3 Hybrid Backup Sync version 25.1.x, the company’s disaster recovery and data backup solution.…
Read More
Imagine yourself or your organization caught up in a ransomware attack. You’d quickly realize how limited your options are. Attackers generally present two grim choices: they’ll either release your sensitive data to the public or refuse to unlock the encrypted data unless you meet their demands. In most ransomware incidents, it boils down to a…
Read More
Adam, Beau, and Travis are joined by Mozilla’s Jen Caltrider to uncover the hidden dangers of the Internet of Things (IoT), showing how everyday devices—like smart glasses, baby monitors, and even toasters—have become a gateway for hackers, companies, and even stalkers to exploit your personal data. Source link lol
Read MoreApple released security updates to address vulnerabilities in multiple Apple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply necessary updates: iOS 18.1 and iPadOS 18.1 iOS 17.7.1 and iPadOS 17.7.1 macOS Sequoia 15.1…
Read MoreCISA released three Industrial Control Systems (ICS) advisories on October 29, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. Source link lol
Read More
In today’s digital landscape, businesses face an increasing number of sophisticated cyber threats. To combat these challenges, many organizations are turning to managed endpoint detection and response (EDR) solutions. But what exactly is managed EDR, and how can it benefit your business? What is Managed Endpoint Detection and Response? Before we discuss the benefits,…
Read More