Oct 08, 2024Ravie LakshmananMalware / Cybercrime Users searching for game cheats are being tricked into downloading a Lua-based malware that is capable of establishing persistence on infected systems and delivering additional payloads. “These attacks capitalize on the popularity of Lua gaming engine supplements within the student gamer community,” Morphisec researcher Shmuel Uzan said in a…
Read MoreMicrosoft has released the KB5044273 cumulative update for Windows 10 22H2 and Windows 10 21H2, which includes nine changes and fixes, including a new Windows Update opt-in notification shown when you log in to the operating system. The Windows 10 KB5044273 update is mandatory as it contains Microsoft’s October 2024 Patch Tuesday security updates. Windows users…
Read More‘Rather than filling out data centers ourselves or building, buying and running equipment, we instead leverage equipment that is already being run, powered and controlled around the world,’ says Storj CEO Ben Golub. Distributed cloud object storage technology developer Storj Tuesday unveiled the acquisition of PetaGene, which offers distributed file storage technology. The acquisition of…
Read MoreMicrosoft has released the KB5044284 and KB5044285 Windows 11 cumulative updates for versions 24H2 and 22H2/23H2 to fix security vulnerabilities and resolve 27 bugs and performance issues. Both are mandatory cumulative updates containing the October 2024 Patch Tuesday security updates for vulnerabilities discovered in previous months. Windows 11 users can install them by going to…
Read MoreOct 08, 2024Ravie LakshmananZero-Day / Vulnerability Ivanti has warned that three new security vulnerabilities impacting its Cloud Service Appliance (CSA) have come under active exploitation in the wild. The zero-day flaws are being weaponized in conjunction with another flaw in CSA that the company patched last month, the Utah-based software services provider said. Successful exploitation…
Read MoreFrom personalized attacks and malware evasion to audio deepfakes, here’s what you need to know on five of the GenAI-powered threats that security experts are watching right now. GenAI Threats To Know While it’s not always possible to pinpoint exactly where generative AI has played a role in a cyberattack, organizations can assume it’s now…
Read MoreAn APT hacking group known as GoldenJackal has successfully breached air-gapped government systems in Europe using two custom toolsets to steal sensitive data, like emails, encryption keys, images, archives, and documents. According to an ESET report, this happened at least two times, one against the embassy of a South Asian country in Belarus in September…
Read MoreImage: MidjourneyAmerican IT software company Ivanti has released security updates to fix three new Cloud Services Appliance (CSA) zero-days tagged as actively exploited in attacks. As Ivanti revealed on Tuesday, attackers are chaining the three security flaws with another CSA zero-day patched in September. Successful exploitation of these vulnerabilities can let remote attackers run SQL…
Read More‘Infrastructure is our biggest problem here right now, for customers, for people personally,’ says Ed Tatsch, owner and president of North Carolina MSP ETS Networks. More than 10 days after Hurricane Helene made landfall in Florida and then hit the Southeast, Ed Tatsch, owner and president of Arden, N.C.-based family-run MSP ETS Networks, could call…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-45519 Synacor Zimbra Collaboration Command Execution Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known…
Read More