May 22, 2024NewsroomData Security / Vulnerability Taiwanese company QNAP has rolled out fixes for a set of medium-severity flaws impacting QTS and QuTS hero, some of which could be exploited to achieve code execution on its network-attached storage (NAS) appliances. The issues, which impact QTS 5.1.x and QuTS hero h5.1.x, are listed below – CVE-2024-21902…
Read More
May 22, 2024NewsroomEnterprise Security / Vulnerability Users of Veeam Backup Enterprise Manager are being urged to update to the latest version following the discovery of a critical security flaw that could permit an adversary to bypass authentication protections. Tracked as CVE-2024-29849 (CVSS score: 9.8), the vulnerability could allow an unauthenticated attacker to log in to…
Read More
Veeam warned customers today to patch a critical security vulnerability that allows unauthenticated attackers to sign into any account via the Veeam Backup Enterprise Manager (VBEM). VBEM is a web-based platform that enables administrators to manage Veeam Backup & Replication installations via a single web console. It helps control backup jobs and perform restoration operations across…
Read More
A malicious crypto mining campaign codenamed ‘REF4578,’ has been discovered deploying a malicious payload named GhostEngine that uses vulnerable drivers to turn off security products and deploy an XMRig miner. Researchers at Elastic Security Labs and Antiy have underlined the unusual sophistication of these crypto-mining attacks in separate reports and shared detection rules to help defenders identify and stop them. However, neither…
Read More
Today, the LockBit ransomware gang claimed they were behind the April cyberattack on Canadian pharmacy chain London Drugs and is now threatening to publish stolen data online after allegedly failed negotiations. London Drugs has over 9,000 employees who provide healthcare and pharmacy services in over 80 stores across Alberta, Saskatchewan, Manitoba, and British Columbia. An…
Read More
IBM CEO Arvind Krishna’s boldest statements during his keynote at IBM Think 2024 Tuesday revolved around IBM’s new product launches, AI and his vision for quantum computing. IBM Chairman and CEO Arvind Krishna took to the stage Tuesday at IBM Think 2024 to give his bullish thoughts on IBM’s new products, his vision for quantum…
Read More
Mandia told Mandiant employees he will remain as an advisor at the esteemed cyber incident response and threat intelligence firm that he founded in 2004. With Mandiant now well along in its integration into Google Cloud, founder Kevin Mandia plans to step down at the end of the month but will remain involved as an…
Read More
Qualcomm is stepping up the competition against Intel and AMD in the PC processor space with its new Snapdragon X chips, which it says enable faster performance, better on-device AI processing and longer battery life in several high-end laptops from HP, Dell and Lenovo. Microsoft is signaling the dawn of a new era for personal…
Read More
Threat actors were found breaching AWS accounts using authentication secrets leaked as plaintext in Atlassian Bitbucket artifact objects. The issue was discovered by Mandiant, who was investigating a recent exposure of Amazon Web Services (AWS) secrets that threat actors used to gain access to AWS. Although the issue was discovered in the context of an investigation, it illustrates how data previously…
Read More
Western Sydney University (WSU) has notified students and academic staff about a data breach after threat actors breached its Microsoft 365 and Sharepoint environment. WSU is an educational institute in Australia offering a wide range of undergraduate, postgraduate, and research programs across various disciplines. It has 47,000 students and over 4,500 regular and seasonal staff, and it…
Read More