Author: nlqip
Microsoft has released an emergency out-of-band (OOB) update for Windows Server 2019 that fixes a bug causing 0x800f0982 errors when attempting to install the May 2024 Patch Tuesday security updates. As reported by BleepingComputer last week, many system administrators have reported that they could not install this month’s Patch Tuesday security updates, receiving a 0x800f0982 when attempting to do so. “Yep, 6…
Read More
The homepage of Stark Industries Solutions. Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is…
Read MoreThe British Government is proposing sweeping change in its approach to ransomware attacks, proposing mandatory reporting by victims and licensing regime for all payments. Read more in my article on the Exponential-e blog. Source link lol
Read MoreMS-ISAC ADVISORY NUMBER: 2024-060 DATE(S) ISSUED: 05/23/2024 OVERVIEW: A vulnerability has been discovered in GitHub Enterprise Server (GHES), which could allow for authentication bypass. GHES is a popular platform for software developers. Organizations can build and store software applications using Git version control and automate deployment pipelines. Successful exploitation of this vulnerability could allow for…
Read More
Artificial intelligence (AI) holds significant promise to increase productivity across business functions, and cybersecurity is no exception. Arguably no area of the security operation is more poised to benefit from AI than the security operations center (SOC). Today’s SOC teams manage a constant onslaught of attacks while navigating a complex and fragmented tooling landscape, an…
Read More
Attackers have backdoored the installer of widely used Justice AV Solutions (JAVS) courtroom video recording software with malware that lets them take over compromised systems. The company behind this software, also known as JAVS, says the digital recording tool currently has over 10,000 installations in many courtrooms, legal offices, correctional facilities, and government agencies worldwide. JAVS has…
Read More
That means that CISOs should make sure that systems are trying to differentiate between automated and manual attacks. And to then examine manual attacks very carefully, Harrigan said. CISOs should “spend extra time” examining the manual attack attempts, he said, as doing so may give the security operations center a sneak preview of a zero-day,…
Read More
Microsoft has published a “Cyber Signals” report sharing new information about the hacking group Storm-0539 and a sharp rise in gift card theft as we approach the Memorial Day holiday in the United States. The FBI previously warned about Storm-0539’s (aka “Ant Lion”) activities earlier this month, highlighting the threat group’s advanced techniques in conducting gift card theft and fraud,…
Read More
Mark Tauschek, vice president of research fellowships and distinguished analyst at Info-Tech Research Group, sees the new class of Windows computers leveraging Copilot a logical next step for Microsoft, especially given the rise of AI-enabled attacks. “The only way to defend against AI-enabled attacks is with AI-enabled defenses,” he said. “Leveraging OpenAI in Azure and…
Read More
‘Security is a team sport,’ Microsoft CVP Vasu Jakkal said on a panel this week. Microsoft solution providers are “critical” to the vendor’s plans for achieving and maintaining responsible artificial intelligence and security, Microsoft executives told CRN this week. During a panel on responsible AI and security held the week of Microsoft Build 2024, CRN…
Read More