Category: Viral
Marks, who was most recently vice president of global channels at SentinelOne, tells CRN that he sees a ‘tremendous’ opportunity ahead for MSP and MSSP partners working with the cybersecurity vendor. Cynomi, an MSP-focused startup whose vCISO platform is tailored toward securing small and medium-sized enterprises, announced Tuesday it has hired a veteran of the…
Read More
The provider of power management technologies confirmed that a developer platform was impacted by ‘unauthorized access.’ Schneider Electric confirmed Monday that a developer platform used by the company was impacted by a “cybersecurity incident” that is now under investigation. According to a BleepingComputer report, a threat actor has claimed, during a conversation with the media…
Read More
Nov 05, 2024Ravie LakshmananMobile Security / Cyber Attack Over 1,500 Android devices have been infected by a new strain of Android banking malware called ToxicPanda that allows threat actors to conduct fraudulent banking transactions. “ToxicPanda’s main goal is to initiate money transfers from compromised devices via account takeover (ATO) using a well-known technique called on-device…
Read More
Zero Trust security changes how organizations handle security by doing away with implicit trust while continuously analyzing and validating access requests. Contrary to perimeter-based security, users within an environment are not automatically trusted upon gaining access. Zero Trust security encourages continuous monitoring of every device and user, which ensures sustained protection after successful user authentication.…
Read More
Nov 05, 2024Ravie LakshmananVulnerability / Data Security Taiwanese network-attached storage (NAS) appliance maker Synology has addressed a critical security flaw impacting DiskStation and BeePhotos that could lead to remote code execution. Tracked as CVE-2024-10443 and dubbed RISK:STATION by Midnight Blue, the zero-day flaw was demonstrated at the Pwn2Own Ireland 2024 hacking contest by security researcher…
Read More
Nov 05, 2024Ravie LakshmananData Breach / Cybercrime Canadian law enforcement authorities have arrested an individual who is suspected to have conducted a series of hacks stemming from the breach of cloud data warehousing platform Snowflake earlier this year. The individual in question, Alexander “Connor” Moucka (aka Judische and Waifu), was apprehended on October 30, 2024,…
Read More
Nov 05, 2024Ravie LakshmananMalware / Blockchain An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to trick them into running cross-platform malware. The attack is notable for utilizing Ethereum smart contracts for command-and-control (C2) server address distribution, according to independent findings from Checkmarx, Phylum, and…
Read More
Nov 05, 2024Ravie LakshmananMobile Security / Vulnerability Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw in the Android Framework component that could result in unauthorized access to “Android/data,” “Android/obb,” and…
Read More
Shannon Poulin, the COO of Intel programmable chip business Altera, says he has retired from the company as Intel seeks to sell a stake in the independent subsidiary ahead of a planned initial public offering. The COO of Intel programmable chip business Altera said he has retired from the company as the parent company seeks…
Read More
The third installation of Channel Women in Security podcast, Cass is joined by the “mother of hackers.” As the founder of Black Girls Hack, Tennisha Martin is on a mission to close the ethical hacker’s skills gap by building the next generation of cybersecurity leaders. In episode 3 of the Channel Women in Security podcast,…
Read More