Category: Viral
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8963 Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk…
Read More
Two months after the massive IT outage caused by a CrowdStrike update, ‘customers still want to consolidate on the Falcon platform,’ according to a Morgan Stanley analyst. Two months after the massive IT outage caused by a faulty CrowdStrike update, customers remain interested in expanding their usage of the company’s cybersecurity offerings, according to a…
Read More
Sep 19, 2024Ravie LakshmananCyber Attack / Hacking Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress. “Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product’s default credentials,” the cybersecurity company said. Targets of the emerging…
Read MoreOne of the common questions often asked of the IT team is “how many systems are missing patches and how many patches are missing on each system?” This dashboard uses the “Patch Report” plugin and organizes the current patch status for systems scanned with credentials. The IT team can now easily communicate the specific systems…
Read More
Sep 19, 2024Ravie LakshmananCryptojacking / Cloud Security The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastructures based on the CentOS operating system. “The initial access was accomplished via a Secure Shell (SSH) brute force attack on the victim’s assets, during which the threat…
Read More
‘Remember, I’ve been a part of Veeam in the past through [its] previous acquisition [of Kasten]. So when Veeam reached out, we knew the company, we knew the culture, we knew how we fit in. Internally, we’ve told the team this is a milestone for us on the journey for what we care about,’ new…
Read More
A previously undocumented malware called SambaSpy is exclusively targeting users in Italy via a phishing campaign orchestrated by a suspected Brazilian Portuguese-speaking threat actor. “Threat actors usually try to cast a wide net to maximize their profits, but these attackers are focused on just one country,” Kaspersky said in a new analysis. “It’s likely that…
Read More
From seamlessly migrating on-premise customers to AWS to helping businesses get off complex Microsoft licensing, ClearScale One is a new platform aimed at acceleration AWS cloud migration. ClearScale is making cloud migration to Amazon Web Services easier than ever by launching ClearScale One, which provides customers with an end-to-end migration and cloud modernization strategy without…
Read More
Business Security Proper disclosure of a cyber-incident can help shield your business from further financial and reputational damage, and cyber-insurers can step in to help 18 Sep 2024 • , 4 min. read ‘Seek legal advice’, this has to be my top recommendation if you have suffered a cyber-incident that could be deemed material, involves…
Read More
Cybersecurity in healthcare has never been more urgent. As the most vulnerable industry and largest target for cybercriminals, healthcare is facing an increasing wave of cyberattacks. When a hospital’s systems are held hostage by ransomware, it’s not just data at risk — it’s the care of patients who depend on life-saving treatments. Imagine an attack…
Read More