‘Our partners now are going to be able to have a much more comprehensive conversations with their customers on that hypervisor strategy topic,’ Dell Technologies executive Drew Schulke tells CRN. Dell Technologies and Nutanix are partnering on new storage device products and new go-to-market strategy that is taking dead aim at the market looking for…

Read More

Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems using IPv6, which is enabled by default. Tracked as CVE-2024-38063, this security bug is caused by an Integer Underflow weakness, which attackers could exploit to trigger buffer overflows that…

Read More

Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD workflows. Attackers stealing these tokens could gain unauthorized access to private repositories, steal source code, or inject malicious code into projects. The discovery by Palo Alto Networks’ Unit 42…

Read More

The U.S. National Institute of Standards and Technology (NIST) has released the first three encryption standards designed to resist future cyberattacks based on quantum computing technology. The agency encourages system administrators to start the transition to the new algorithms as soon as possible, since timely adoption is paramount for protecting sensitive information from attackers with a…

Read More

As interest in AI soars, security leaders are prioritizing an architecture framework that supports innovation and delivers end-to-end protection of sensitive data and models—all while mitigating data exfiltration, poisoning, and other nefarious use case risks. Inadvertent leaks of AI models trained on PII data, users sharing sensitive information via genAI prompts, and use of AI…

Read More

Microsoft has retired several Windows security updates released during the January 2024 Patch Tuesday that have been causing 0x80070643 errors when installing Windows Recovery Environment (WinRE) updates. Redmond first acknowledged this known issue in January, days after widespread reports from Windows users of 0x80070643 errors. The company released the problematic KB5034441 (Windows 10 21H2/22H2), KB5034440…

Read More

Aug 14, 2024Ravie LakshmananMalware / Network Security An ongoing social engineering campaign with alleged links to the Black Basta ransomware group has been linked to “multiple intrusion attempts” with the goal of conducting credential theft and deploying a malware dropper called SystemBC. “The initial lure being utilized by the threat actors remains the same: an…

Read More

Google Cloud partners discuss the impact of the landmark court ruling that found Google to be a monopoly in the online search market as well as potential penalties around AI and data sharing. As the U.S. Department of Justice looks at ways to deal with Google after a landmark court ruling found the $85 billion…

Read More

“There are at least two more confirmed CVEs that have yet to be patched, (both of) which lead to full NTLM [Network Trust Level Manager] compromise, so the risk is still there,” Gorelik told CSO Online on Wednesday.  The hole, which Microsoft has dubbed CVE-2024-38173, allows any email malware to be activated without the recipient…

Read More

Service Express, ECS, GuidePoint Security, Autodesk, HPE and SpaceX’s Starlink business are among the companies to list open positions for channel-related roles in August. This month, Service Express, ECS and GuidePoint Security are among the solution providers to list open positions while Autodesk, Hewlett Packard Enterprise and SpaceX are among the vendors to list open…

Read More