Category: Kamban
A recently fixed “Windows MSHTML spoofing vulnerability” tracked under CVE-2024-43461 is now marked as previously exploited after it was used in attacks by the Void Banshee APT hacking group. When first disclosed as part of the September 2024 Patch Tuesday, Microsoft had not marked the vulnerability as previously exploited. However, on Friday, Microsoft updated the CVE-2024-43461 advisory…
Read More
Image: MidjourneyPort of Seattle, the United States government agency overseeing Seattle’s seaport and airport, confirmed on Friday that the Rhysida ransomware operation was behind a cyberattack impacting its systems over the last three weeks. The agency revealed on August 24 that the attack forced it to isolate some of its critical systems to contain the…
Read More
Transport for London (TfL) says that all staff (roughly 30,000 employees) must attend in-person appointments to verify their identities and reset passwords following a cybersecurity incident disclosed almost two weeks ago. “Resetting 30,000 colleague passwords in person will take some time and we will be prioritising the allocation of appointments centrally,” TfL said on the…
Read More
DNA testing giant 23andMe has agreed to pay $30 million to settle a lawsuit over a data breach that exposed the personal information of 6.4 million customers in 2023. The proposed class action settlement, filed Thursday in a San Francisco federal court and awaiting judicial approval, includes cash payments for affected customers, which will be distributed…
Read More
Ivanti confirmed on Friday that a high-severity vulnerability in its Cloud Services Appliance (CSA) solution is now actively exploited in attacks. “At the time of disclosure on September 10, we were not aware of any customers being exploited by this vulnerability. At the time of the September 13 update, exploitation of a limited number of…
Read More
Larocque is officially retiring as president of TD Synnex North America on November 30 and moving into a special advisor role. When Peter Larocque graduated with an economics degree from the University of Western Ontario in 1983 he bought a one-way ticket to San Francisco, ran out of money and ended up getting a job…
Read More
Hackers are targeting Oracle WebLogic servers to infect them with a new Linux malware named “Hadooken, which launches a cryptominer and a tool for distributed denial-of-service (DDoS) attacks. The access obtained may also be used to execute ransomware attacks on Windows systems. Researchers at container security solution company Aqua Security observed such an attack on a…
Read More
Kawasaki Motors Europe has announced that it’s recovering from a cyberattack that disrupted service disruptions as the RansomHub ransomware gang threatens to leak stolen data. The company says the attack targeted its EU headquarters, and it is currently analyzing and cleaning any “suspicious material,” such as malware, that may still be lurking on systems. “At the…
Read More
For the week ending Sept. 13, CRN takes a look at the companies that brought their ‘A’ game to the channel including ConnectWise, Todyl, AWS, ServiceNow and Blue Mantis. The Week Ending Sept. 13 Topping this week’s Came to Win list is ConnectWise for its Axcient and SkyKick acquisitions that will boost its data protection…
Read More
Image: Midjourney Threat actors have infected over 1.3 million TV streaming boxes running Android with a new Vo1d backdoor malware, allowing the attackers to take full control of the devices. The Android Open Source Project (AOSP) is an open source operating system led by Google that can be used on mobile, streaming, and IoT devices. In…
Read More