Month: November 2024
Shannon Poulin, the COO of Intel programmable chip business Altera, says he has retired from the company as Intel seeks to sell a stake in the independent subsidiary ahead of a planned initial public offering. The COO of Intel programmable chip business Altera said he has retired from the company as the parent company seeks…
Read More
Schneider Electric has confirmed a developer platform was breached after a threat actor claimed to steal 40GB of data from the company’s JIRA server. “Schneider Electric is investigating a cybersecurity incident involving unauthorized access to one of our internal project execution tracking platforms which is hosted within an isolated environment,” Schneider Electric told BleepingComputer. “Our…
Read More
Microsoft has announced that Windows Server 2025, the latest version of its server operating system, is generally available starting Friday, November 1st. In January 2024, the company released the first Windows Server 2025 build for admins enrolled in the Windows Insider program. This new version introduced hotpatching, next-gen Active Directory, and SMB over QUIC alternative ports…
Read More
The third installation of Channel Women in Security podcast, Cass is joined by the “mother of hackers.” As the founder of Black Girls Hack, Tennisha Martin is on a mission to close the ethical hacker’s skills gap by building the next generation of cybersecurity leaders. In episode 3 of the Channel Women in Security podcast,…
Read More
Data center veteran Jim Buie – whose resume includes stops at Flexential and AT&T – was named CEO of Tonaquint ,which has 140,000 square feet of data center space under management in facilities across the U.S. Data center veteran Jim Buie – whose resume includes stops at Flexential and AT&T – was named CEO of…
Read More
UK’s National Cyber Security Centre (NCSC) has published an analysis of a Linux malware named “Pigmy Goat” created to backdoor Sophos XG firewall devices as part of recently disclosed attacks by Chinese threat actors. Last week, Sophos published a series of reports dubbed “Pacific Rim” that detailed five-year attacks by Chinese threat actors on edge networking…
Read Moreabdullahirfan — documentpress Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Abdullah Irfan DocumentPress allows Reflected XSS.This issue affects DocumentPress: from n/a through 2.1. 2024-10-29 6.1 CVE-2024-49656 audit@patchstack.com abdullahirfan — whitelist Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Abdullah Irfan Whitelist allows…
Read MoreCISA has received multiple reports of a large-scale spear-phishing campaign targeting organizations in several sectors, including government and information technology (IT). The foreign threat actor, often posing as a trusted entity, is sending spear-phishing emails containing malicious remote desktop protocol (RDP) files to targeted organizations to connect to and access files stored on the target’s…
Read More
The password problem — weak, reused credentials that are easy to compromise yet hard to remember and manage — plagues users and organizations. But despite technological advances, passwords still guard 88% of the world’s online services. So how can IT leaders overcome this challenge? In this post, we explore why passwords are so easy to…
Read MoreCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8957 PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability CVE-2024-8956 PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD)…
Read More