Author: nlqip
MS-ISAC ADVISORY NUMBER: 2024-124 DATE(S) ISSUED: 11/07/2024 OVERVIEW: A vulnerability has been discovered in Android OS that could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of this vulnerability could allow for remote code execution in the context…
Read More
North Korean threat actor BlueNoroff has been targeting crypto-related businesses with a new multi-stage malware for macOS systems. Researchers are calling the campaign Hidden Risk and say that it lures victims with emails that share fake news about the latest activity in the cryptocurrency sector. The malware deployed in these attacks relies on a novel…
Read More
The vulnerability affects Palo Alto Networks’ Expedition migration tool and was originally disclosed in July. A critical-severity vulnerability affecting a Palo Alto Networks tool — originally disclosed in July — is now known to have been exploited in cyberattacks, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). CISA released an advisory Thursday mentioning…
Read More
Today, CISA warned that attackers are exploiting a critical missing authentication vulnerability in Palo Alto Networks Expedition, a migration tool that can help convert firewall configuration from Checkpoint, Cisco, and other vendors to PAN-OS. This security flaw, tracked as CVE-2024-5910, was patched in July, and threat actors can remotely exploit it to reset application admin credentials on Internet-exposed Expedition…
Read MoreCisco’s Revamped Leadership To Pave The Way Toward Becoming A ‘Meaningfully Different’ Company: Exec
‘I think next year, we should be a meaningfully different company for the better, and in two years, we should almost be an unrecognizable company for the better, and that would be the yardstick for success,’ said Cisco’s Chief Product Officer Jeetu Patel. Cisco Systems is undergoing a transformation, and that’s within its leadership ranks,…
Read More
Nokia’s investigation of recent claims of a data breach found that the source code leaked on a hacker forum belongs to a third party and company and customer data has not been impacted. The statement comes in response to threat actor IntelBroker earlier this week releasing data belonging to Nokia, allegedly stolen after breaching a third-party…
Read More
A collaboration agreement with AWS streamlines and enhances the way partners interact with AWS products and services and gives them a community of experts to turn to for help. Ingram Micro is harnessing its collaboration with Amazon Web Services through a multiyear Strategic Collaboration Agreement that aims to help drive business for AWS partners by…
Read More
The Canadian government has ordered the dissolution of TikTok Technology Canada following a multi-step review that provided information and evidence of the social media company posing a national risk. The decision also considered advice of Canada’s security and intelligence community as well as other government partners. It does not ban Canadian users’ access to the TikTok…
Read MoreCISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-43093 Android Framework Privilege Escalation Vulnerability CVE-2024-51567 CyberPanel Incorrect Default Permissions Vulnerability CVE-2019-16278 Nostromo nhttpd Directory Traversal Vulnerability CVE-2024-5910 Palo Alto Expedition Missing Authentication Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose…
Read More
‘The world is changing fast,’ says Ingram Micro CEO Paul Bay. ‘We may not know exactly what will happen in the next five years, but we know the trends we are seeing now will shape the future. It’s up to us to help you take advantage of these shifts, especially when it comes to AI…
Read More