Reddit is investigating a major outage blocking users worldwide from accessing the social network’s websites and mobile apps. Users now see “502 Bad Gateway” and “Unknown server error” errors when accessing the Reddit website. Mobile users also report seeing an “Error: Choose failed Missing field ‘user_id’” error or an outage icon with the Reddit alien…
Read MoreWhat’s going on? A wave of cheap, crude, amateurish ransomware has been spotted on the dark web – and although it may not make as many headlines as LockBit, Rhysida, and BlackSuit, it still presents a serious threat to organizations. What’s “junk gun” ransomware? It’s a name coined by Sophos researchers for unsophisticated ransomware that…
Read MoreOver 1,400 CrushFTP servers exposed online were found vulnerable to attacks currently targeting a critical severity server-side template injection (SSTI) vulnerability previously exploited as a zero-day. While CrushFTP describes CVE-2024-4040 as a VFS sandbox escape in its managed file transfer software that enables arbitrary file reading, unauthenticated attackers can use it to gain remote code execution…
Read MoreAI, Azure and security are just some of the biggest topics expected to come up Thursday on the company’s third fiscal quarter earnings call. Updates on Microsoft’s artificial intelligence and Copilot offerings. Growth in the cloud and Azure business. And the tech giant’s position in the ever-competitive security market. These are some of the biggest…
Read MoreCISA released eight Industrial Control Systems (ICS) advisories on April 25, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-116-01 Multiple Vulnerabilities in Hitachi Energy RTU500 Series ICSA-24-116-02 Hitachi Energy MACH SCM ICSA-24-116-03 Siemens RUGGEDCOM APE1808 Devices Configured with Palo Alto Networks Virtual NGFW ICSA-24-116-04 Honeywell Experion PKS,…
Read MoreThe new module quantifies the risk of ransomware and data exfiltration for third-party vendors, while combining the signals with first-party and SaaS risk, Safe Security CEO Saket Modi tells CRN. Safe Security is taking a new approach to quantifying third-party cyber risk with the debut of a new tool that represents a “massive” opportunity for…
Read MorePart 7 of CRN’s Big Data 100 takes a look at the startup companies solution providers should know in the big data arena. Big Data, Big Plans The majority of the companies on the CRN 2024 Big Data 100 are either major IT vendors like Amazon Web Services, Microsoft and Oracle, or younger – albeit…
Read More‘You can search incentives by product. You can search for it by country. The partners are absolutely loving that we’re showing how we can make their businesses more transparent, more readily to understand our profitability, by letting them use AI,’ Colleen Kapase, vice president of channels and partner programs at Google Cloud, tells CRN. Google…
Read MoreHackers have started to target a critical severity vulnerability in the WP Automatic plugin for WordPress to create user accounts with administrative privileges and to plant backdoors for long-term access. Currently installed on more than 30,000 websites, WP Automatic lets administrators automate content importing (e.g. text, images, video) from various online sources and publishing on…
Read MoreSecurity researchers have discovered a new Android banking trojan they named Brokewell that can capture every event on the device, from touches and information displayed to text input and the applications the user launches. The malware is delivered through a fake Google Chrome update that is shown while using the web browser. Brokewell is under active development…
Read More