Category: Kamban

A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks. The flaw is tracked as CVE-2024-11120 and was discovered by Piort Kijewski of The Shadowserver Foundation. It is a critical severity (CVSS v3.1 score: 9.8) OS command injection problem, allowing unauthenticated attackers…

Read More

On Friday, the U.S. Federal Trade Commission (FTC) reported that the number of consumer complaints about unwanted telemarketing phone calls has dropped over 50% since 2021, continuing a trend that started three years ago. This year, the FTC has received 1.1 million reports regarding robocalls, down from 1.2 million one year before 2023 and from more than…

Read More

A hacker responsible for stealing 119,754 Bitcoin in a 2016 hack on the Bitfinex cryptocurrency exchange was sentenced to five years in prison by U.S. authorities. The man, Ilya Lichtenstein, was arrested in February 2022 in Manhattan following a lengthy investigation led by the IRS, HSI, and the FBI, which managed to recover roughly 80% of the…

Read More

For the week ending Nov. 15, CRN takes a look at the companies that brought their ‘A’ game to the channel, including Presidio, Secuvy, CoreWeave, SAS and Snyk. The Week Ending Nov. 15 Topping this week’s Came to Win list is solution provider superstar Presidio for a strategic acquisition that will expand its expertise and…

Read More

Microsoft has paused the November 2024 Exchange security updates released during this month’s Patch Tuesday because of email delivery issues on servers using custom mail flow rules. The company announced it pulled the updates from Windows Update and the Download Center following widespread reports from admins saying that email had stopped flowing altogether. This issue…

Read More

Palo Alto Networks is warning that a critical zero-day vulnerability on Next-Generation Firewalls (NGFW) management interfaces, currently tracked as ‘PAN-SA-2024-0015,’ is actively being exploited in attacks. The flaw was originally disclosed on November 8, 2024, with Palo Alto Networks warning customers to restrict access to their next-generation firewalls because of a “potential” remote code execution (RCE)…

Read More

​Microsoft has shut down the Windows 10 Beta Channel and will move all enrolled Windows Insiders to the Release Preview Channel. This comes after the company reopened the Windows 10 beta channel in early June, releasing the first Beta build three years after the last such build was rolled out to Windows 10 Insiders in…

Read More

​Microsoft has shut down the Windows 10 Beta Channel and will move all enrolled Windows Insiders to the Release Preview Channel. This comes after the company reopened the Windows 10 beta channel in early June, releasing the first Beta build three years after the last such build was rolled out to Windows 10 Insiders in…

Read More

A financially motivated Chinese threat actor dubbed “SilkSpecter” is using thousands of fake online stores to steal the payment card details of online shoppers in the U.S. and Europe. The fraud campaign started in October 2024, offering steep discounts for the upcoming Black Friday shopping period that usually sees elevated shopping activity. EclecticIQ threat researcher…

Read More

CISA warned today that two more critical security vulnerabilities in Palo Alto Networks’ Expedition migration tool are now actively exploited in the wild. Attackers can use the two unauthenticated command injection (CVE-2024-9463) and SQL injection (CVE-2024-9465) vulnerabilities to hack into unpatched systems running the company’s Expedition migration tool, which helps migrate configurations from Checkpoint, Cisco,…

Read More