A notorious hacker named USDoD, who is linked to the National Public Data and InfraGard breaches, has been arrested by Brazil’s Polícia Federal in “Operation Data Breach”. USDoD, aka EquationCorp, has a long history of high-profile data breaches where he stole data and commonly leaked it on hacking forums while taunting the victims. These breaches include those…
Read More
CISA has added three flaws to its ‘Known Exploited Vulnerabilities’ (KEV) catalog, among which is a critical hardcoded credentials flaw in SolarWinds Web Help Desk (WHD) that the vendor fixed in late August 2024. SolarWinds Web Help Desk is an IT help desk suite used by 300,000 customers worldwide, including government agencies, large corporations, and healthcare…
Read More
The United States Department of Justice unsealed an indictment today against two Sudanese brothers suspected of being the operators of Anonymous Sudan, a notorious and dangerous hacktivist group known for conducting over 35,000 DDoS attacks in a year. Since launching in 2023, Anonymous Sudan has been behind numerous high-profile DDoS attacks, causing widespread outages and the inability…
Read More
Welcome to this week’s edition of the “Bi-Weekly Cyber Roundup” by Canary Trap. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity and this bi-weekly publication is your gateway to the latest news. In this week’s round-up, we cover several critical cybersecurity developments…
Read More
An Intel spokesperson confirms to CRN that the layoffs, disclosed on Tuesday, are part of the plan announced by Intel CEO Pat Gelsinger in August to cut over 15,000 jobs and reduce costs by more than $10 billion in response to worsening financial conditions. Intel has begun mass layoffs as part of the chipmaker’s cost-cutting…
Read More
Hackers are always looking for new ways to crack passwords and gain access to your organization’s data and systems. So how can you ensure you’re taking the right steps to defend your business? In this post, we’ll explore the seven most common types of password attacks and provide tips on how to defend against them.…
Read More
A critical vulnerability in Kubernetes could allow unauthorized SSH access to a virtual machine running an image created with the Kubernetes Image Builder project. Kubernetes is an open-source platform that helps automate the deployment, scale, and operate virtual containers – lightweight environments for applications to run. With Kubernetes Image Builder, users can create virtual machine (VM) images…
Read MoreToday, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released joint guidance on Product Security Bad Practices, a part of CISA’s Secure by Design initiative. This joint guidance supplies an overview of exceptionally risky product security bad practices for software manufacturers who produce software in support of critical infrastructure…
Read More
Oct 16, 2024Ravie LakshmananEndpoint Security / Malware Threat actors are attempting to abuse the open-source EDRSilencer tool as part of efforts to tamper endpoint detection and response (EDR) solutions and hide malicious activity. Trend Micro said it detected “threat actors attempting to integrate EDRSilencer in their attacks, repurposing it as a means of evading detection.”…
Read More
‘We support the x86. The x86 is very important to us. We support it for PCs, workstations, data centers. And so the fact that the architecture was fragmenting isn’t good for the industry, so I love what they’re doing,’ Nvidia CEO Jensen Huang tells CRN about the formation of the Intel-AMD ecosystem advisory group. The…
Read More