Month: November 2024
Hackers are using a novel technique that abuses extended attributes for macOS files to deliver a new trojan that researchers call RustyAttr. The threat actor is hiding malicious code in custom file metadata and also uses decoy PDF documents to help evade detection. The new technique is similar to how the Bundlore adware in 2020 hid its…
Read More
We’ve all been there: staring at the login screen, trying to remember which password variation we’re supposed to use on a particular site. Thankfully, a quick call to the IT helpdesk can easily get us back on track. But multiply that “quick fix” across your organization — where employees average two resets a year —…
Read More
OpenAI’s ChatGPT platform provides a great degree of access to the LLM’s sandbox, allowing you to upload programs and files, execute commands, and browse the sandbox’s file structure. The ChatGPT sandbox is an isolated environment that allows users to interact with the it securely while being walled off from other users and the host servers.…
Read MoreCISA released nineteen Industrial Control Systems (ICS) advisories on November 14, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-319-01 Siemens RUGGEDCOM CROSSBOW ICSA-24-319-02 Siemens SIPORT ICSA-24-319-03 Siemens OZW672 and OZW772 Web Server ICSA-24-319-04 Siemens SINEC NMS ICSA-24-319-05 Siemens Solid Edge ICSA-24-319-06 Siemens SCALANCE M-800 Family ICSA-24-319-07 Siemens…
Read More
‘The technology and resilience needed to respond to cyber threats are within the MSP ecosystem. Insurers don’t have access to this level of insight, which is why they need a trusted intermediary,’ says Spectra CEO Edouard von Herberstein. Insurance providers Spectra and Beltex have formed a strategic alliance in a move to solve long-standing challenges…
Read More
Gartner assesses the eight top cloud platform service providers—accounting for 97 percent of the global cloud services market—which includes AWS, Google, Microsoft, Oracle, Alibaba, IBM, Huawei and Tencent. The top eight cloud platform service providers own 97 percent share of the global market, with AI and generative AI technologies becoming key to winning customers. These…
Read More
Each year, Cybersecurity Awareness Month serves as a reminder of the critical role that cybersecurity plays in our lives. Every October, LevelBlue champions this initiative which brings awareness to cyber risks, and promotes best practices to protect against growing cyber threats. Throughout the month, we focused the spotlight on cyber resilience – sharing key trends…
Read More
Partners should see ‘a huge opportunity with OpenShift virtualization,’ especially with continued frustrations over price changes at rival VMware, said Kirsten Newcomer, Red Hat’s senior director of hybrid cloud platforms. Updates to Red Hat OpenShift, OpenShift AI, Edge Device and Developer Hub should offer partners more ways to do business with customers, executives with the…
Read More
CISA and the FBI confirmed that Chinese hackers compromised the “private communications” of a “limited number” of government officials after breaching multiple U.S. broadband providers. The attackers also stole other information from the companies’ compromised systems, including information related to customer call records and law enforcement requests. “Specifically, we have identified that PRC-affiliated actors have…
Read More
Suspected Russian hackers were caught exploiting a recently patched Windows vulnerability as a zero-day in ongoing attacks targeting Ukrainian entities. The security flaw (CVE-2024-43451) is an NTLM Hash Disclosure spoofing vulnerability reported by ClearSky security researchers, which can be exploited to steal the logged-in user’s NTLMv2 hash by forcing connections to a remote attacker-controlled server.…
Read More