The FBI says that 2023 was a record year for cryptocurrency fraud, with total losses exceeding $5.6 billion, based on nearly 70,000 reports received through the Internet Crime Complaint Center (IC3). This marks a 45% increase in losses compared to the previous year, driven primarily by investment fraud, which accounted for 71% of the total…

Read More

A threat actor accessed ‘a limited number of files stored on Fortinet’s instance of a third-party cloud-based shared file drive,’ the security vendor says. Fortinet confirmed Thursday that it suffered a breach of its cloud storage environment that impacted customer data. The cybersecurity vendor characterized the incident as having minimal impact, however, saying the number…

Read More

Cybersecurity giant Fortinet has confirmed it suffered a data breach after a threat actor claimed to steal 440GB of files from the company’s Microsoft Sharepoint server. Fortinet is one of the largest cybersecurity companies in the world, selling secure networking products like firewalls, routers, and VPN devices. The company also offers SIEM, network management, and EDR/XDR…

Read More

‘With our technology, AI can only access and analyze data if our customers have opted in,’ says Nicole Reineke, distinguished product manager of AI strategy at N-able. ‘If you haven’t opted in, we’re not touching it. This is our baseline for ensuring data privacy and customer trust.’ N-able has created four pillars of AI with…

Read More

Sep 12, 2024Ravie LakshmananDevSecOps / Vulnerability GitLab on Wednesday released security updates to address 17 security vulnerabilities, including a critical flaw that allows an attacker to run pipeline jobs as an arbitrary user. The issue, tracked as CVE-2024-6678, carries a CVSS score of 9.9 out of a maximum of 10.0 “An issue was discovered in…

Read More

Sep 12, 2024Ravie LakshmananMobile Security / Financial Fraud Bank customers in the Central Asia region have been targeted by a new strain of Android malware codenamed Ajina.Banker since at least November 2024 with the goal of harvesting financial information and intercepting two-factor authentication (2FA) messages. Singapore-headquartered Group-IB, which discovered the threat in May 2024, said…

Read More

‘At every turn, we’re putting partners first because we cannot succeed without you,’ ServiceNow Channel Chief Erica Volini said. Major changes to who qualifies as an Elite partner, growing the percentage of partner-sourced net-new annual contract value for ServiceNow Now Assist artificial intelligence tools, and a leadership team that is all in on partners are…

Read More

Hackers have been leveraging publicly available exploit code for two critical vulnerabilities in the WhatsUp Gold network availability and performance monitoring solution from Progress Software. The two flaws exploited in attacks since August 30 are SQL injection vulnerabilities tracked as CVE-2024-6670 and CVE-2024-6671 that allow retrieving encrypted passwords without authentication. Despite the vendor addressing the security issues…

Read More

U.K.’s National Crime Agency says it arrested a 17-year-old teenager who is suspected of being connected to the cyberattack on Transport for London, the city’s public transportation agency. “A teenager has been arrested in Walsall by the National Crime Agency, as part of the investigation into a cyber security incident affecting Transport for London (TfL),”…

Read More

Cisco released security updates to address vulnerabilities in Cisco ISO XR software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following advisories and apply the necessary updates:  Source link lol

Read More