Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates: Security update available for Adobe Media Encoder | APSB24-53 Security…
Read More
CRN breaks down six significant recent executive departures and hires at Google Cloud, including the exit of Google’s Kubernetes leader and the hiring of Microsoft’s former corporate vice president. From the departure of Google Cloud’s Kubernetes and serverless general manager to the hiring of Microsoft’s former corporate vice president, Google Cloud’s top executive lineup continues…
Read More
The outage Thursday morning had prevented some AT&T users from accessing Microsoft 365 and Azure services. AT&T said that “connections are operating normally” as of mid-morning Thursday, EDT, following reports that Microsoft 365 and Azure services were inaccessible for AT&T users earlier in the morning. Microsoft also confirmed that the issues that caused the outage…
Read More
Transport for London (TfL) has determined that the cyberattack on September 1 impacts customer data, including names, contact details, email addresses, and home addresses. The urban transportation agency had informed the public on September 2 about an ongoing cybersecurity incident, assuring customers that at the time there was no evidence of data being compromised. Last Friday, TfL staff…
Read More
GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions. The release is for versions 17.3.2, 17.2.5, and 17.1.7 for both GitLab Community Edition (CE) and Enterprise Edition (EE), and patches a total of 18 security issues as part of the bi-monthly…
Read More
‘We’re investigating an issue where users may be unable to access multiple Microsoft 365 services,’ the tech giant said. Microsoft reported an outage that prevented some users from accessing Azure and Microsoft 365 services starting Thursday morning, EDT. The Microsoft 365 X account disclosed the outage at 8:38 a.m., EDT, on Thursday. “We’re investigating an…
Read More
Sep 12, 2024Ravie LakshmananMalware / IoT Security Nearly 1.3 million Android-based TV boxes running outdated versions of the operating system and belonging to users spanning 197 countries have been infected by a new malware dubbed Vo1d (aka Void). “It is a backdoor that puts its components in the system storage area and, when commanded by…
Read More
Sep 12, 2024Ravie LakshmananCryptocurrency / Network Security Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and proxyjacking campaigns. “Selenium Grid is a server that facilitates running test cases in parallel across different browsers and versions,” Cado Security researchers Tara Gould and Nate Bill said in an analysis published today.…
Read More
Sep 12, 2024Ravie LakshmananRegulatory Compliance / Data Protection The Irish Data Protection Commission (DPC) has announced that it has commenced a “Cross-Border statutory inquiry” into Google’s foundational artificial intelligence (AI) model to determine whether the tech giant has adhered to data protection regulations in the region when processing the personal data of European users. “The…
Read More
Iraqi government networks have emerged as the target of an “elaborate” cyber attack campaign orchestrated by an Iran state-sponsored threat actor called OilRig. The attacks singled out Iraqi organizations such as the Prime Minister’s Office and the Ministry of Foreign Affairs, cybersecurity company Check Point said in a new analysis. OilRig, also called APT34, Crambus,…
Read More