Category: Kamban
The Hôpital de Cannes – Simone Veil (CHC-SV) in France announced it received a ransom demand from the Lockbit 3.0 ransomware gang, saying they refuse to pay the ransom. On April 17, the 840-bed hospital announced a severe operational disruption caused by a cyberattack that forced it to take all computers offline and reschedule non-emergency procedures and…
Read More
CISA warned today that attackers are actively exploiting a maximum-severity GitLab vulnerability that allows them to take over accounts via password resets. GitLab hosts sensitive data, including proprietary code and API keys, and account hijacking can have a significant impact. Successful exploitation can also lead to supply chain attacks that can compromise repositories by inserting…
Read More
Microsoft has confirmed customer reports of NTLM authentication failures and high load after installing last month’s Windows Server security updates. According to a new entry added to the Windows health dashboard on Tuesday, this known issue will only affect Windows domain controllers in organizations with a lot of NTLM traffic and few primary DCs. The…
Read More
New Hewlett Packard Enterprise VP of Worldwide Distribution Michael Bernhardt told CRN among his top priorities will be to “increase engagement and participation” in the “under-utilized” HPE distribution led service provider program. Hewlett Packard Enterprise Director of Worldwide Distribution Michael Bernhardt, a 28-year HPE and HP channel veteran, has been promoted to vice president of…
Read More
Microsoft has confirmed that the April 2024 Windows security updates break VPN connections across client and server platforms. The company explains on the Windows health dashboard that “Windows devices might face VPN connection failures after installing the April 2024 security update or the April 2024 non-security preview update.” “We are investigating user reports, and we…
Read More
A new malware named ‘Cuttlefish’ has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information. Lumen Technologies’ Black Lotus Labs examined the new malware and reports that Cuttlefish creates a proxy or VPN tunnel on the compromised router to exfiltrate data discreetly while…
Read More
Qantas Airways confirms that some of its customers were impacted by a misconfiguration in its app that exposed sensitive information and boarding passes to random users. Qantas is Australia’s flag carrier and the largest airline by fleet size, operating 125 aircraft and serving 104 destinations. Qantas has 23,500 employees and an annual revenue of almost $12.9 billion. Earlier today,…
Read More
The majority of the scanning activity is coming from IP addresses assigned to just a handful of ASNs, mostly AS49870 (Alsycon, a hosting provider out of the Netherlands) and AS47890 (Unmanaged Ltd, what looks to be an IT consulting firm based out of the UK). The scanners appear to be using VPS or other resources…
Read More
Latrodectus malware is now being distributed in phishing campaigns using Microsoft Azure and Cloudflare lures to appear legitimate while making it harder for email security platforms to detect the emails as malicious. Latrodectus (aka Unidentified 111 and IceNova) is an increasingly distributed Windows malware downloader first discovered by Walmart’s security team and later analyzed by ProofPoint and Team…
Read More
‘This has been 10 long years of my life and many people’s lives in developing this platform,’ says Fred Voccola, CEO of Kaseya. ‘It’s been over $14 billion of investment to deliver this platform.’ Kaseya announced Kaseya 365, a product that allows MSPs to manage, secure, back up and automate all their clients’ environments through…
Read More