Month: November 2024
Blue Yonder, a globally renowned supply chain software provider recently fell victim to a ransomware attack that sent shockwaves through its client base. The attack targeted the company’s managed services hosted environment, causing widespread operational disruptions for major retailers, including Starbucks, Morrisons, and Sainsbury’s. The attack exploited vulnerabilities in Blue Yonder’s systems, locking critical data…
Read More
The first UEFI bootkit specifically targeting Linux systems has been discovered, marking a shift in stealthy and hard-to-remove bootkit threats that previously focused on Windows. Named ‘Bootkitty,’ the Linux malware is a proof-of-concept that works only on some Ubuntu versions and configurations rather than a fully fledged threat deployed in actual attacks. Bootkits are malware…
Read More
T-Mobile says the Chinese “Salt Typhoon” hackers who recently compromised its systems as part of a series of telecom breaches first hacked into some of its routers to explore ways to navigate laterally through the network. However, the company says its engineers blocked the threat actors before they could spread further on the network and…
Read Moren/a — n/a miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was possible in conjunction with CVE-2015-6031 exploitation. 2024-11-18 not yet…
Read More
Internet security giant Cloudflare announced that it lost 55% of all logs pushed to customers over a 3.5-hour period due to a bug in the log collection service on November 14, 2024. Cloudflare offers an extensive logging service to customers that allows them to monitor the traffic on their site and filter that traffic based…
Read More
Welcome to this week’s edition of the “Bi-Weekly Cyber Roundup” by Canary Trap. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity, and this bi-weekly publication is your gateway to the latest news. In this edition, the highlights include ethical hackers uncovering vulnerabilities…
Read More
‘Increasingly, enterprises see the disruptive nature and the innovation opportunities with GenAI, resulting in growing GenAI experimentation and proof of concepts. Underpinning our success is broad enterprise coverage, professional services, engineering leadership, and large-scale system design, all done with incredible speed and time to market. These highly specialized workloads and deployments require high value engineering…
Read More
An international law enforcement operation has dismantled a pirate streaming service that served over 22 million users worldwide and made €250 million ($263M) per month. Italy’s Postal and Cybersecurity Police Service announced the action, codenamed “Taken Down,” stating they worked with Eurojust, Europol, and many other European countries, making this the largest takedown of its kind in…
Read More
Black Friday 2024 is almost here, and great deals are already live in computer security, software, online courses, system admin services, antivirus, and VPN software. These promotions offer deep discounts from various companies and are only available for a limited time. So if you see something you like, you should act on it as soon…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-132 DATE(S) ISSUED: 11/27/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations.…
Read More