Category: Viral
‘We’re not sure why they don’t list [the vulnerability] as being under active attack, but you should treat it as though it were,’ writes Trend Micro’s Dustin Childs. Microsoft’s monthly release of security fixes addresses five zero-day vulnerabilities that are seeing active exploitation, despite the company only listing four zero days in its disclosure Tuesday,…
Read More
Microsoft addresses 79 CVEs with seven critical vulnerabilities and four zero-day vulnerabilities, including three that were exploited in the wild. Microsoft patched 79 CVEs in its September 2024 Patch Tuesday release, with seven rated critical, 71 rated as important, and one rated as moderate. Elevation of privilege (EoP) vulnerabilities accounted for 38% of the vulnerabilities…
Read More
The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses (SMBs) in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub. “CosmicBeetle replaced its previously deployed ransomware, Scarab, with ScRansom, which is continually improved,” ESET researcher Jakub…
Read More
The vulnerability in the vendor’s SonicOS firmware affects a wide array of SonicWall firewalls. A critical-severity vulnerability affecting a wide array of SonicWall firewalls has been exploited by threat actors to deploy ransomware, according to security researchers. The access control flaw (tracked at CVE-2024-40766) impacts firewalls running multiple versions of the vendor’s SonicOS firmware—SOHO (Gen…
Read More
Azure users can now deploy Cribl Stream’s data routing and processing on the Azure platform to better manage IT and security data in the cloud. Data processing platform developer Cribl is extending its Cribl Stream data telemetry pipeline capabilities to Microsoft Azure, making it easier for partners and businesses to manage IT and security data…
Read More
Oracle and AWS unveiled the partnership just ahead of Oracle’s first fiscal quarter earnings call, during which Oracle Chairman and CTO Larry Ellison gave a bullish account of the AI market. Oracle has inked a partnership with Amazon Web Services, creating Oracle Database@AWS, and revealed the general availability of Oracle Database@Google Cloud as the artificial…
Read More
‘Those kinds of really significant productivity savings deliver material cost savings to the business,’ Amy Lokey, ServiceNow CXO, tells CRN. Agentic artificial intelligence. Improvements to the Now Assist AI assistant offering. And a pro edition of RaptorDB. These are some of the biggest changes ServiceNow has revealed Tuesday as part of its Now Platform Xanadu…
Read More
“I’ll lead our referral, resale, distribution, and strategies, all aimed at expanding Zoom’s impact and empowering our partners to achieve even greater success,” said Nick Tidd, Zoom’s new go-to-market global channel leader. Channel veteran Nick Tidd has left Hewlett Packard’s hybrid work subsidiary Poly to join videoconferencing rival Zoom as its new head of global…
Read More
Sep 10, 2024Ravie LakshmananMalware / Cyber Espionage A trio of threat activity clusters linked to China has been observed compromising more government organizations in Southeast Asia as part of a renewed state-sponsored operation codenamed Crimson Palace, indicating an expansion in the scope of the espionage effort. Cybersecurity firm Sophos, which has been monitoring the cyber…
Read More
A new side-channel attack dubbed PIXHELL could be abused to target air-gapped computers by breaching the “audio gap” and exfiltrating sensitive information by taking advantage of the noise generated by the pixels on the screen. “Malware in the air-gap and audio-gap computers generates crafted pixel patterns that produce noise in the frequency range of 0…
Read More