Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers. OFBiz is a suite of customer relationship management (CRM) and enterprise resource planning (ERP) business applications that can also be used as a Java-based web framework…
Read More
Microsoft announced today that it has partnered with StopNCII to proactively remove harmful intimate images and videos from Bing using digital hashes people create from their sensitive media. StopNCII is a project operated by the Revenge Porn Helpline that allows people to create digital hashes of their intimate pictures and videos without uploading the media from…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-096 DATE(S) ISSUED: 09/05/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Veeam Products, the most severe of which could allow for remote code execution. Veeam Backup & Replication is a proprietary backup app. Veeam ONE is a solution for managing virtual and data protection environments. Veeam Service Provider Console provides centralized monitoring…
Read More
HPE CEO Antonio Neri said HPE GreenLake is an “important component” of HPE’s AI strategy because it provides customers “confidence and control of their data which is the fundamental value when it comes to AI.” Hewlett Packard Enterprise CEO Antonio Neri said HPE’s GreenLake pay-per-use on premise cloud service is helping fuel AI server sales…
Read More
Additions to the Couchbase Capella database-as-a-service boost its ability to handle both operational and analytical workloads and leverage vector search capabilities – critical for AI applications – from anywhere. Couchbase is boosting the combined operational and analytical capabilities of its Capella database-as-a-service with expanded columnar and vector search functionality for developing next-generation “adaptive” applications –…
Read More
Yet, another critical severity vulnerability has been discovered in LiteSpeed Cache, a caching plugin for speeding up user browsing in over 6 million WordPress sites. The flaw, tracked as CVE-2024-44000 and categorized as an unauthenticated account takeover issue, was discovered by Patchstack’s Rafie Muhammad on August 22, 2024. A fix was made available yesterday with the…
Read More
‘Our goal is to continue our aggressive growth trajectory and leverage the expanding market to benefit both our company and our partners,’ says Kaseya’s Mike Sanders. ‘I’ve spent my entire career in this space because I find it incredibly fulfilling. We’re dedicated to helping our partners build successful businesses and serve their clients effectively. It’s…
Read More
Image: MidjourneyThe United States and its allies have linked a group of Russian military intelligence hackers (tracked as Cadet Blizzard and Ember Bear) to Unit 29155 of Russia’s Main Directorate of the General Staff of the Armed Forces. In a joint advisory published today, the Russian hackers, known for deploying WhisperGate data-wiping malware in Ukraine…
Read More
Sep 05, 2024Ravie LakshmananThreat Prevention / Software Security Veeam has shipped security updates to address a total of 18 security flaws impacting its software products, including five critical vulnerabilities that could result in remote code execution. The list of shortcomings is below – CVE-2024-40711 (CVSS score: 9.8) – A vulnerability in Veeam Backup & Replication…
Read More
Hackers are targeting other hackers with a fake OnlyFans tool that claims to help steal accounts but instead infects threat actors with the Lumma stealer information-stealing malware. The operation, discovered by Veriti Research, constitutes a characteristic example of the blurred lines between being a predator or prey in the world of cybercrime, where ironic twists…
Read More