Month: December 2024
South Korean police have arrested a CEO and five employees for manufacturing over 240,000 satellite receivers pre-loaded or later updated to include DDoS attack functionality at a purchaser’s request. While neither company has been named, the two companies have been trading since 2017. In November 2018, the purchasing company made a special request to include…
Read More
CEO Paul Bay Sunday wrote to employees that the company made the ‘difficult’ decision to lay off 850 employees over the next few months as part of a restructuring of its business aimed at optimizing costs and efficiency. IT distribution heavyweight Ingram Micro is eliminating about 850 of its employees with a planned layoff expected…
Read More1000 Projects–Portfolio Management System MCA A vulnerability has been found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed…
Read More
Google undoubtedly dominates the desktop browser market, while Microsoft Edge has shown notable growth in recent times. However, Firefox continues to face challenges in attracting new users. In an effort to turn the tide, Mozilla is testing a fresh approach that could persuade more people to switch their default browser on Windows during the installation…
Read More
Russian authorities have sentenced the leader of the criminal group behind the now-closed dark web platform Hydra Market to life in prison. Additionally, more than a dozen accomplices have been convicted for their involvement in the production and sale of nearly a ton of drugs. Stanislav Moiseyev, the group’s “organizer,” who was sentenced to life…
Read More
A novel phishing attack abuses Microsoft’s Word file recovery feature by sending corrupted Word documents as email attachments, allowing them to bypass security software due to their damaged state but still be recoverable by the application. Threat actors constantly look for new ways to bypass email security software and land their phishing emails in targets’…
Read More
The recently uncovered ‘Bootkitty’ Linux UEFI bootkit exploits the LogoFAIL flaw, tracked as CVE-2023-40238, to target computers running on vulnerable firmware. This is confirmed by firmware security firm Binarly, which discovered LogoFAIL in November 2023 and warned about its potential to be used in actual attacks. Bootkitty and LogoFAIL connection Bootkitty was discovered by ESET,…
Read More
‘Learning isn’t a luxury, it’s essential to operations,’ says Keith Craig, head of learning development at Empath. ‘We’re focused on delivering learning experiences that are not just relevant but directly applicable to the real-world challenges MSPs face.’ Empath, a training and education platform for MSPs, is gearing up for a busy 2025 with plans to…
Read More
In 2023, the need for more comprehensive web application security became apparent given that the average cost of a data breach reached $4.45 million. Modern web development requires a strategy that balances speed, precision, and frequent testing, as traditional periodic scans are no longer enough to address evolving threats. Government agencies face heightened risks, as…
Read More
CRN staff compiled the top partner-friendly products that launched or were significantly enhanced over the past year and then turned to solution providers to choose this year’s winners. And The Trophies Go To… The CRN 2024 Products of the Year awards honor the leading partner-friendly IT products as selected by the solution providers that develop…
Read More