Adminer–Adminer Adminer and AdminerEvo are vulnerable to SSRF via database connection fields. This could allow an unauthenticated remote attacker to enumerate or access systems the attacker would not otherwise have access to. Adminer is no longer supported, but this issue was fixed in AdminerEvo version 4.8.4. 2024-06-24 not yet calculated CVE-2023-451959119a7d8-5eab-497f-8521-727c672e3725 Adminer–Adminer Adminer and AdminerEvo allow…
Read More
Google has hired two top AWS and Microsoft former vice presidents who will lead the company’s newly formed Cloud AI business unit. Google Cloud has hired two vice presidents from rivals Amazon Web Services and Microsoft to lead its artificial intelligence cloud business as the three IT titans battle for AI market leadership. Google’s $38…
Read More
Data extortion and ransomware attacks have had a massive impact on businesses during the first half of 2024. Biggest Cyberattacks And Breaches If the pace of major cyberattacks during the first half of 2024 has seemed to be nonstop, that’s probably because it has been: The first six months of the year have seen organizations…
Read More
Modern Intel processors, including chips from the Raptor Lake and the Alder Lake generations are susceptible to a new type of a high-precision Branch Target Injection (BTI) attack dubbed ‘Indirector,’ which could be used to steal sensitive information from the CPU. Indirector exploits flaws in Indirect Branch Predictor (IBP) and Branch Target Buffer (BTB), two…
Read More
Cisco has patched an NX-OS zero-day exploited in April attacks to install previously unknown malware as root on vulnerable switches. Cybersecurity firm Sygnia, who reported the incidents to Cisco, linked the attacks to a Chinese state-sponsored threat actor it tracks as Velvet Ant. “Sygnia detected this exploitation during a larger forensic investigation into the China-nexus cyberespionage group…
Read More
The software maker says it’s continuing to restore systems nearly two weeks after it was struck by a ransomware attack. CDK Global said Monday that it expects to complete the recovery from its recent ransomware attack by later this week, with a projection that all car dealerships will be reconnected to its platform by July…
Read More
‘This funding is going to help us with our globalization strategy,’ says Tiffany Ricks, founder and CEO of HacWare. ‘Our goal is to leverage AI to make sure we take the guesswork out of training your employees on the evolving threats.’ Cybersecurity education firm HacWare Inc. is one of 20 Black- and Latino-led companies that…
Read MoreJul 01, 2024NewsroomSupply Chain / Software Security A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks. The vulnerabilities allow “any malicious actor to claim ownership over thousands of unclaimed…
Read More
‘By combining our best-in-class software with Metrics’ cloud-based simulation as a service, we are excited to bring this groundbreaking technology to our EDA [electric design automation] and semiconductor customers,’ says Altair CEO James Scapa. AI cloud specialist Altair is acquiring Metrics Design Automation in a move to transform the semiconductor market by making top-notch automation…
Read More
Auvik CEO Doug Murray tells CRN he is aiming to put more muscle behind sales, channel marketing and a go-to-market strategy to grow the channel business — and making it one of the fastest-growing parts of the company is ‘top of mind.’ In the last year, Auvik has seen 45 percent year-over-year growth, which CEO…
Read More