Category: Viral
Sep 11, 2024Ravie LakshmananEnterprise Security / Vulnerability Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical vulnerabilities that could result in remote code execution. A brief description of the issues is as follows – CVE-2024-29847 (CVSS score: 10.0) – A deserialization of untrusted data vulnerability that allows…
Read More
Sep 11, 2024Ravie LakshmananWindows Security / Vulnerability Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024. The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are rated Important,…
Read More
In an Oracle CloudWorld keynote, the Oracle founder and CTO also held up the company’s new alliance with Amazon Web Services as the start of the “open multi-cloud era.” Oracle’s next-generation network security technology, which leverages AI and biometric authentication to thwart cyber threats, is now available in the Oracle Cloud, Oracle founder, chairman and…
Read More
Microsoft Corp. today released updates to fix at least 79 security vulnerabilities in its Windows operating systems and related software, including multiple flaws that are already showing up in active attacks. Microsoft also corrected a critical bug that has caused some Windows 10 PCs to remain dangerously unpatched against actively exploited vulnerabilities for several months…
Read More
‘We’re not sure why they don’t list [the vulnerability] as being under active attack, but you should treat it as though it were,’ writes Trend Micro’s Dustin Childs. Microsoft’s monthly release of security fixes addresses five zero-day vulnerabilities that are seeing active exploitation, despite the company only listing four zero days in its disclosure Tuesday,…
Read More
Microsoft addresses 79 CVEs with seven critical vulnerabilities and four zero-day vulnerabilities, including three that were exploited in the wild. Microsoft patched 79 CVEs in its September 2024 Patch Tuesday release, with seven rated critical, 71 rated as important, and one rated as moderate. Elevation of privilege (EoP) vulnerabilities accounted for 38% of the vulnerabilities…
Read More
The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses (SMBs) in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub. “CosmicBeetle replaced its previously deployed ransomware, Scarab, with ScRansom, which is continually improved,” ESET researcher Jakub…
Read More
The vulnerability in the vendor’s SonicOS firmware affects a wide array of SonicWall firewalls. A critical-severity vulnerability affecting a wide array of SonicWall firewalls has been exploited by threat actors to deploy ransomware, according to security researchers. The access control flaw (tracked at CVE-2024-40766) impacts firewalls running multiple versions of the vendor’s SonicOS firmware—SOHO (Gen…
Read More
Azure users can now deploy Cribl Stream’s data routing and processing on the Azure platform to better manage IT and security data in the cloud. Data processing platform developer Cribl is extending its Cribl Stream data telemetry pipeline capabilities to Microsoft Azure, making it easier for partners and businesses to manage IT and security data…
Read More
Oracle and AWS unveiled the partnership just ahead of Oracle’s first fiscal quarter earnings call, during which Oracle Chairman and CTO Larry Ellison gave a bullish account of the AI market. Oracle has inked a partnership with Amazon Web Services, creating Oracle Database@AWS, and revealed the general availability of Oracle Database@Google Cloud as the artificial…
Read More