Category: Kamban
Apple’s macOS Sequoia, now in beta testing, will make it harder to bypass Gatekeeper warnings and add system alerts for potential stalkerware threats. Gatekeeper is a security feature that checks all apps downloaded from the Internet to see if they’re developer-signed (approved by Apple) and notarized by checking an extended attribute named com.apple.quarantine that is…
Read More
SafeBreach security researcher Alon Leviev revealed at Black Hat 2024 that two zero-days could be exploited in downgrade attacks to “unpatch” fully updated Windows 10, Windows 11, and Windows Server systems and reintroduce old vulnerabilities. Microsoft issued advisories on the two unpatched zero-days (tracked as CVE-2024-38202 and CVE-2024-21302) in coordination with the Black Hat talk,…
Read More
The UK’s Information Commissioner’s Office (ICO) has announced a provisional decision to impose a fine of £6.09M ($7.74 million) on Advanced Computer Software Group Ltd (Advanced) for its failure to protect the personal information of tens of thousands when it was hit by ransomware in 2022. Advanced, an IT service and hosting provider contracted by…
Read More
Image: MidjourneyOn Tuesday, IT and phone systems at McLaren Health Care hospitals were disrupted following an attack linked to the INC Ransom ransomware operation. McLaren is a non-profit healthcare system with annual revenues of over $6.5 billion, which operates a network of 13 hospitals across Michigan supported by a team of 640 physicians. It also…
Read More
Welcome to this week’s edition of the “Bi-Weekly Cyber Roundup” by Canary Trap. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity and this bi-weekly publication is your gateway to the latest news. In this week’s round-up, we look into the significant implications…
Read More
Threat actors are actively attempting to exploit a recently fixed Progress WhatsUp Gold remote code execution vulnerability on exposed servers for initial access to corporate networks. The vulnerability leveraged in these attacks is CVE-2024-4885, a critical-severity (CVSS v3 score: 9.8) unauthenticated remote code execution flaw impacting Progress WhatsUp Gold 23.1.2 and older. Proof-of-concept (PoC) exploits for CVE-2024-4885…
Read More
‘The acquisition of CX Effect significantly expands our portfolio by incorporating over 40 new suppliers,’ says Drew Lydecker, co-founder and president of Avant. ‘This accelerates Avant’s success as we continue to address the rapidly growing cybersecurity, cloud infrastructure and AI markets.’ Avant has acquired technology distributor CX Effect in a move to grow its business,…
Read More
From among more than 320 applicants, CRN staff evaluated and selected products spanning the IT industry – including AI and AI infrastructure, cloud management, data analytics, networking, security and storage categories – that offer ground-breaking functionality and new opportunities for partners. Tech Innovators 2024 The wave of development around artificial intelligence and generative AI in…
Read More
Google has confirmed plans to implement Web Monetization in Chrome, allowing website owners to receive micro-payments as tips or rewards for their content as an additional way to generate revenue. “Web Monetization is a web technology that enables website owners to receive micro payments from users as they interact with their content,” Google explained in…
Read More
A global stop-payment mechanism created by INTERPOL successfully recovered over $40 million stolen in a BEC attack on a company in Singapore. INTERPOL says this is the largest recovery of funds stolen through a business email compromise (BEC) scam. BEC scams are a type of cyberattack in which cybercriminals attempt to redirect legitimate corporate payments to an…
Read More