A vulnerability dubbed “CosmicSting” impacting Adobe Commerce and Magento websites remains largely unpatched nine days after the security update has been made available, leaving millions of sites open to catastrophic attacks. According to Sansec’s stats, roughly three out of four websites using the impacted e-commerce platforms have not patched against CosmicSting, which puts them at…
Read More
A newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo already releasing new firmware updates to resolve the flaw. The vulnerability, dubbed ‘UEFICANHAZBUFFEROVERFLOW,’ is a buffer overflow bug in the firmware’s Trusted Platform Module (TPM) configuration that could be exploited to perform code execution on…
Read More
In an interview with CRN, Qualcomm Global Channel Chief Kyle Houser says partners are ‘essential’ to aiding the chip designer in its goal to ‘revolutionize the PC’ and break up the Intel-AMD duopoly with the new Snapdragon X processors for Copilot+ laptops hitting the market now. Qualcomm is hoping to break up the Intel-AMD duopoly…
Read More
How do you ensure that your remote access is secure? Do you consider your servers protected as long as you have in place a virtual private network (VPN), virtual desktop infrastructure (VDI), Azure Virtual Desktop, desktop-as-a-service (DaaS), VDI-as-a-service (VDIaaS), or other forms of secure jump hosts? There is a misconception that having a secured intermediary…
Read More
The provider of software used by thousands of car dealerships reportedly says it has shut down most of its systems after a pair of attacks. CDK Global, a provider of software used by thousands of car dealerships, has reportedly shut down most of its systems after a pair of cyberattacks in recent days. The first…
Read More
On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The subjects of that piece are threatening to sue KrebsOnSecurity for…
Read More
TD Synnex CEO Rich Hume, who led Tech Data through the pandemic and the acquisition of rival Synnex, will retire Sept. 1. TD Synnex COO Patrick Zammit will take over. TD Synnex CEO Rich Hume, who led the company through six transformative years of massive growth through acquisition as well as running one of the…
Read More
In an interview with CRN, AMD executive Forrest Norrod talks about how the company is “dramatically” increasing investments in its Instinct data center GPUs to compete with Nvidia and when it plans to make a greater focus on enabling channel partners to sell Instinct-based systems for AI workloads. AMD’s top data center executive said the…
Read More
CDK Global, the provider of a software platform for auto dealerships, has had to shut down most of its systems due to what it described as “a cyber incident.” This had serious consequences for car dealers in the US, with reports saying that thousands of dealerships there were largely paralyzed for several hours on Wednesday.…
Read More
What is Qilin? Qilin (also known as Agenda) is a ransomware-as-a-service criminal operation that works with affiliates, encrypting and exfiltrating the data of hacked organisations and then demanding a ransom be paid. Qilin seems like a strange name. Where does it come from? The Qilin is a creature from Chinese mythology that combines the features…
Read More