Category: Kamban
GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions. The release is for versions 17.3.2, 17.2.5, and 17.1.7 for both GitLab Community Edition (CE) and Enterprise Edition (EE), and patches a total of 18 security issues as part of the bi-monthly…
Read More
‘Throughout Fiscal 2025, we remain committed to disciplined cost management … We anticipate these actions will result in a continued reduction in our overall headcount,” the company stated in a quarterly business filing with the SEC. Layoffs at Dell Technologies are expected to be an ongoing part of business with more cuts expected before the…
Read More
Members of the North Korean hacker group Lazarus posing as recruiters are baiting Python developers with coding test project for password management products that include malware. The attacks are part of the ‘VMConnect campaign’ first detected in August 2023, where the threat actors targeted software developers with malicious Python packages uploaded onto the PyPI repository.…
Read More
Starting October 1st, WordPress.org accounts that can push updates and changes to plugins and themes will be required to activate two-factor authentication (2FA) on their accounts. The decision is part of the platform’s plugin review team effort to reduce the risk of unauthorized access, which could lead to supply-chain attacks. “Accounts with commit access can push…
Read More
A cybersecurity researcher is urging users to upgrade Adobe Acrobat Reader after a fix was released yesterday for a remote code execution zero-day with a public in-the-wild proof-of-concept exploit. The flaw is tracked as CVE-2024-41869 and is a critical use after free vulnerability that could lead to remote code execution when opening a specially crafted PDF…
Read More
Criminal IP (criminalip.io), a distinguished leader in Cyber Threat Intelligence (CTI) search engine developed by AI SPERA, announced that it has successfully integrated its IP address-related risk detection data with IPLocation.io, one of the most visited IP analysis and lookup tools on the internet. Through the integration, IPLocation.io (iplocation.io), a prominent IP address geolocation tracker…
Read More
Six Chinese nationals and a Singaporean have been arrested on Monday in Singapore for their alleged role in malicious cyber activities committed in connection with a “global syndicate.” During raids on Monday, the police arrested six of the men and seized electronic devices with hacking tools installed and ready for carrying out cyberattacks, stolen personally identifiable information (PII),…
Read More
5 Upcoming Ransomware Variants and Groups to Watch In 2024 Ransomware has continued to evolve with the emergence of new and sophisticated threats. While established groups like LockBit and BlackCat still dominate a significant portion of reported attacks, new players and variants are increasingly making their presence felt. This article looks into five notable ransomware…
Read More
‘The strategy behind acquiring both SkyKick and Axcient was to further expand our cybersecurity and data protection portfolios,’ said Ameer Karim, executive vice president and general manager at ConnectWise. ‘As cyber threats evolve, data protection and cybersecurity must go hand-in-hand.’ In a move to bolster its cybersecurity and data protection capabilities, ConnectWise has acquired Axcient…
Read More
Microsoft says this month’s Patch Tuesday cumulative updates also fix a known issue causing Windows Server 2019 boot problems, freezes, and performance issues after installing the August 2024 security updates. Redmond first confirmed this known issue on August 21, following widespread reports from Windows admins that their servers were experiencing performance issues and becoming unusable…
Read More