Category: Viral
Apr 24, 2024NewsroomMalware / Endpoint Security Cybersecurity researchers have discovered an ongoing attack campaign that’s leveraging phishing emails to deliver malware called SSLoad. The campaign, codenamed FROZEN#SHADOW by Securonix, also involves the deployment of Cobalt Strike and the ConnectWise ScreenConnect remote desktop software. “SSLoad is designed to stealthily infiltrate systems, gather sensitive information and transmit…
Read More
‘Everybody else translates to risk right now. We are, right now, the company in networking. Our vision is clear, our execution is clear. We’re not distracted with an acquisition or something else. That’s translating into a lot of interest from the broader partner space,’ Extreme Networks’ chief product and technology officer tells CRN. There’s a…
Read More
The planned acquisition of 17-year-old Egress will bring together AI-driven capabilities such as anti-phishing with KnowBe4’s widely used security training platform, according to the company. KnowBe4 announced Wednesday it has reached an agreement to acquire Egress, a 17-year-old company focused on providing AI-powered email security. Terms of the acquisition were not disclosed. Egress has 318…
Read More
A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed GuptiMiner targeting large corporate networks. Cybersecurity firm Avast said the activity is the work of a threat actor with possible connections to a North Korean hacking group…
Read More
A report on the Terraform creator and cloud infrastructure tools vendor exploring a sale first emerged in March. IBM is close to a deal to purchase Terraform creator and cloud infrastructure tools vendor HashiCorp, according to multiple media outlets. Armonk, N.Y.-based cloud and mainframe giant IBM could announce the deal Wednesday, according to Bloomberg. That…
Read More
Part 4 of CRN’s 2024 Big Data 100 includes a look at the vendors solution providers should know in the big data management and integration tools space. Managerial Perogative By 2025 the total amount of digital data generated, gathered, copied and consumed globally is expected to be in the range of 175 to 180 zettabytes.…
Read More
A zero-day vulnerability in CrushFTP was exploited in the wild against multiple U.S. entities prior to fixed versions becoming available as the vendor recommends customers upgrade as soon as possible. Background On April 19, CrushFTP published an advisory for a zero-day vulnerability in its file transfer tool which bears the same name. CVE Description CVSSv3…
Read More
“The statement that came back to me from Broadcom was, ‘We appreciate that with these changes VMware is not for everybody,’” says Tom Smyth, head of technical solutions as Misco, a U.K.-based solution provider. “Everyone else can use it. Broadcom is not going to gear its decisions towards them anymore. … I can appreciate that.…
Read More
Apr 23, 2024NewsroomSupply Chain Attack / Application Security Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion attacks take place owing to the fact that package managers check the public repositories before private registries, thus allowing a threat actor to publish a malicious package with the…
Read More
The data stolen from prescription processor Change Healthcare includes ‘files containing protected health information (PHI) or personally identifiable information (PII),’ UnitedHealth says. UnitedHealth Group said in a statement Monday it’s confirming that a potentially significant amount of data belonging to Americans may have been stolen in the Change Healthcare cyberattack earlier this year. The stolen…
Read More