Author: nlqip
CISA has received multiple reports of a large-scale spear-phishing campaign targeting organizations in several sectors, including government and information technology (IT). The foreign threat actor, often posing as a trusted entity, is sending spear-phishing emails containing malicious remote desktop protocol (RDP) files to targeted organizations to connect to and access files stored on the target’s…
Read More
The password problem — weak, reused credentials that are easy to compromise yet hard to remember and manage — plagues users and organizations. But despite technological advances, passwords still guard 88% of the world’s online services. So how can IT leaders overcome this challenge? In this post, we explore why passwords are so easy to…
Read MoreCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8957 PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability CVE-2024-8956 PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD)…
Read More
A new phishing campaign dubbed ‘CRON#TRAP’ infects Windows with a Linux virtual machine that contains a built-in backdoor to give stealthy access to corporate networks. Using virtual machines to conduct attacks is nothing new, with ransomware gangs and cryptominers using them to stealthily perform malicious activity. However, threat actors commonly install these manually after they…
Read More
CRN showcases the hottest 100 edge computing companies, including the top 25 cybersecurity companies, 25 IoT and 5G vendors, and 50 hardware, software and services edge companies. Companies at the forefront of the global edge computing market range from cloud giants and cybersecurity superstars to hybrid work specialists and AI startups. With market research firm…
Read More
CRN breaks down the head-to-head comparison of Microsoft, AWS and Google Cloud’s recent financial earnings results for third-quarter 2024, including revenue, sales growth, cloud market share and operating income. The world’s three largest cloud computing companies have reported their financial earnings results for the third-quarter 2024 calendar year, with Google Cloud growing revenue the fastest,…
Read More
CRN’s list of the 50 hottest hardware, software and services companies in edge computing this year ranges from innovative startups like Reskube to edge specialists such as Scale Computing to market leaders like Cisco Systems, Dell Technologies and Microsoft. Today’s innovative software and hardware companies continue to invest in edge computing technologies in 2024 as…
Read More
The City of Columbus, Ohio, notified 500,000 individuals that a ransomware gang stole their personal and financial information in a July 2024 cyberattack. Ohio’s capital city (with a population of over 905,000) was hit by the ransomware attack on July 18. The resulting outages affected various services and IT connectivity between public agencies. City officials…
Read More
Nov 04, 2024Ravie LakshmananVulnerability / Cyber Threat Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited by a malicious actor to perform various actions, including denial-of-service, model poisoning, and model theft. “Collectively, the vulnerabilities could allow an attacker to carry out a wide-range of malicious actions…
Read More
Preventing data loss, complying with regulations, automating workflows and managing access are four key challenges facing financial institutions. Learn how Tenable can help. Imagine a bustling bank, made not of bricks and mortar, but of a swirling mass of data in the cloud. Account numbers, transaction histories and personally identifiable information (PII) zip across servers,…
Read More