Category: Viral
Oct 07, 2024Ravie LakshmananOpen Source / Software Security A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible instances. The flaw, tracked as CVE-2024-47561, impacts all versions of the software prior to 1.11.4. “Schema parsing in…
Read MoreOct 07, 2024Ravie LakshmananData Privacy / Advertising Europe’s top court has ruled that Meta Platforms must restrict the use of personal data harvested from Facebook for serving targeted ads even when users consent to their information being used for advertising purposes, a move that could have serious consequences for ad-driven companies operating in the region.…
Read MoreVideo As highlighted by new ESET research this week, attributing a cyberattack to a specific threat actor is a complex affair 04 Oct 2024 Attributing a cyberattack to a specific threat actor is no easy task, as highlighted by new ESET research published this week. ESET experts recently uncovered a new China-aligned APT group that…
Read MoreOct 05, 2024Ravie LakshmananData Privacy / Mobile Security Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user’s passwords to be read out aloud by its VoiceOver assistive technology. The vulnerability, tracked as CVE-2024-44204, has been described as a logic problem in the new Passwords…
Read MoreFrom what enterprises are seeing around GenAI ROI and the most popular GenAI use cases today, to the majority of enterprises using ChatGPT for software development, CRN breaks down the biggest results from ISG’s new 2024 State of The Generative AI Market report. Enterprises are spending on average $2.6 billion on their single largest generative…
Read MoreGuy Guzner, a cybersecurity vet and CEO of SaaS identity security startup Savvy, tells CRN that adopting better security practices can also make life easier for workers. While few workers have ever enjoyed needing to interact with their cybersecurity team over a minor issue, the feeling is often mutual. The reality is that most security…
Read MoreThe networking giant has agreed to invest in Nvidia-backed cloud AI upstart CoreWeave, a company that’s currently valued at $23 billion. Cisco Systems is reportedly investing in cloud AI upstart CoreWeave, an emerging player that’s currently valued at $23 billion. CoreWeave is a cloud computing provider that’s among the hottest companies in the AI arena.…
Read MoreOct 04, 2024Ravie LakshmananPhishing Attack / Cybercrime Microsoft and the U.S. Department of Justice (DoJ) on Thursday announced the seizure of 107 internet domains used by state-sponsored threat actors with ties to Russia to facilitate computer fraud and abuse in the country. “The Russian government ran this scheme to steal Americans’ sensitive information, using seemingly…
Read More“So we’re focusing on the MSP partners: If we do what’s right by them, from a product, from a community point of view, that’s what we focus on. All that other stuff kind of takes care of itself.” N-able President and CEO John Pagliuca said the company is primed to take share from its competitors…
Read MoreOct 04, 2024Ravie LakshmananWebsite Security / Vulnerability A new high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable malicious actors to execute arbitrary JavaScript code under certain conditions. The flaw, tracked as CVE-2024-47374 (CVSS score: 7.2), has been described as a stored cross-site scripting (XSS) vulnerability impacting all…
Read MoreRecent Posts
- Bob Sullivan Discovers a Scam That Strikes Twice
- A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
- CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- Xerox To Buy Lexmark For $1.5B In Blockbuster Print Deal
- Vulnerability Summary for the Week of December 16, 2024 | CISA