Category: Viral
Apr 23, 2024NewsroomEnd-to-End Encryption / Privacy European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is at risk due to end-to-end encryption (E2EE). They called on the industry and governments to take urgent action to ensure public safety across social media platforms. “Privacy measures currently being rolled out,…
Read More
This is the second part of a two-part series based on firsthand research into pig butchering scams from the end of 2022 into early 2024. In this post, we delve into the types of investment scams perpetrated by pig butchers to steal hundreds of millions of dollars from victims, including in the form of cryptocurrency…
Read More
In part one of a two-part series on Pig butchering, we detail the pervasive scam that has impacted thousands of victims around the world, resulting in the loss of hundreds of millions of dollars. This blog highlights the who and the how of pig butchering scams, and details the pig butchering playbook. Background Pig butchering…
Read More
Frequently asked questions about two vulnerabilities affecting ConnectWise ScreenConnect Update February 23: The blog has been updated to include information about ransomware attacks involving vulnerable ScreenConnect servers. View Change Log Background The Tenable Security Response Team has put together this blog to answer Frequently Asked Questions (FAQ) regarding two vulnerabilities impacting ScreenConnect, a Remote Monitoring…
Read More
Two vulnerabilities with publicly available exploit code in JetBrains TeamCity on-premises software could result in attackers bypassing authentication and achieving code execution. Update March 7: The blog has been updated to include information in-the-wild exploitation of CVE-2024-27198. View Change Log Background On March 4, JetBrains published a blog post regarding two security issues affecting TeamCity…
Read More
Microsoft addresses 59 CVEs in its March 2024 Patch Tuesday release with no zero-day or publicly disclosed vulnerabilities. Microsoft patched 59 CVEs in its March 2024 Patch Tuesday release, with 2 rated critical and 57 rated as important. Elevation of privilege (EoP) vulnerabilities accounted for 40.7% of the vulnerabilities patched this month, followed by Remote…
Read More
Fortinet warns of a critical SQL Injection vulnerability that could allow an unauthenticated attacker to execute arbitrary code on vulnerable FortiClientEMS software. Update March 21: The Analysis section has been updated to include confirmation by Fortinet that in-the-wild exploitation of this flaw has been observed. View Change Log Background On March 12, Fortinet published an…
Read More
‘We’re not trying to do everything and be a jack of all trades. There’s so much growth and so much opportunity with ServiceNow now. And even in the past few years, when I wasn’t fully focused on ServiceNow, I lived in that world. Literally, I found that I kept turning my clients to ServiceNow,’ Astrica…
Read More
Frequently asked questions about CVE-2024-3094, a supply-chain attack responsible for a backdoor in XZ Utils, a widely used library found in multiple Linux distributions. Update April 1: The “What Linux distributions are affected?” section has been updated to include additional affected and not affected distributions. In addition, updates to the “Has Tenable released any product…
Read More
Part 2 of CRN’s Big Data 100 takes a look at the vendors solution providers should know in the database systems space. Running The Bases By 2025 the total amount of digital data generated, gathered, copied and consumed is expected to be in the range of 175 to 180 zettabytes. And more of that data…
Read More