CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-7028 Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of…
Read More
As UnitedHealth’s CEO gets grilled by a U.S. Senate committee, the folly of acquiring a company with outdated cybersecurity practices is on display. Among the many lessons from the Change Healthcare cyberattack, one that’s come into clearer focus this week goes something like this: Companies that ignore cybersecurity as part of an M&A process, do…
Read More
With its own MongoDB Atlas development platform at the core, the new MAAP initiative pulls together expertise and technology from cloud hyperscalers, leading GenAI tech providers such as Anthropic and LangChain, and MongoDB consulting/SI partners. MongoDB has launched a program that provides a complete technology stack, services and other resources to help businesses develop and…
Read More
Microsoft has confirmed customer reports of NTLM authentication failures and high load after installing last month’s Windows Server security updates. According to a new entry added to the Windows health dashboard on Tuesday, this known issue will only affect Windows domain controllers in organizations with a lot of NTLM traffic and few primary DCs. The…
Read More
‘I can’t imagine a better leader, he’s got terrific vision, he’s got the fire in his belly that I share with him and he’s ready to take it to a whole new level. I’m looking forward to plugging in and being on the ride, but I don’t need to steer the ship,’ Pax8’s John Street…
Read More
New Hewlett Packard Enterprise VP of Worldwide Distribution Michael Bernhardt told CRN among his top priorities will be to “increase engagement and participation” in the “under-utilized” HPE distribution led service provider program. Hewlett Packard Enterprise Director of Worldwide Distribution Michael Bernhardt, a 28-year HPE and HP channel veteran, has been promoted to vice president of…
Read More
May 01, 2024NewsroomFinancial Crime / Forensic Analysis A forensic analysis of a graph dataset containing transactions on the Bitcoin blockchain has revealed clusters associated with illicit activity and money laundering, including detecting criminal proceeds sent to a crypto exchange and previously unknown wallets belonging to a Russian darknet market. The findings come from Elliptic in…
Read More
Microsoft has confirmed that the April 2024 Windows security updates break VPN connections across client and server platforms. The company explains on the Windows health dashboard that “Windows devices might face VPN connection failures after installing the April 2024 security update or the April 2024 non-security preview update.” “We are investigating user reports, and we…
Read More
May 01, 2024NewsroomMalware / Android Cybersecurity researchers have discovered a previously undocumented malware targeting Android devices that uses compromised WordPress sites as relays for its actual command-and-control (C2) servers for detection evasion. The malware, codenamed Wpeeper, is an ELF binary that leverages the HTTPS protocol to secure its C2 communications. “Wpeeper is a typical backdoor…
Read More
‘For us, it’s about being focused on executing where there’s high demand in IT spend. And recovery, resilience, cyber, AI are the areas where companies are still spending, and that’s where we play,’ says Commvault CFO Gary Merrill. Growth in Commvault’s subscription business led to the data protection technology developer’s overall growth for fiscal 2024.…
Read More