CISA has added a critical Jenkins vulnerability that can be exploited to gain remote code execution to its catalog of security bugs, warning that it’s actively exploited in attacks. Jenkins is a widely used open-source automation server that helps developers automate the process of building, testing, and deploying software through continuous integration (CI) and continuous delivery…
Read More
From AMD seeking to win new AI data center share from Nvidia to ZT Systems’ business with cloud hyperscalers, here are five big reasons why AMD’s planned $4.9 billion acquisition of ZT Systems could put pressure on rival Nvidia. From ZT Systems signing a new partnership with Nvidia in 2024 to AMD’s data center and…
Read More
Intel’s partner-centric Sales and Marketing Group plans to cut jobs and ‘simplify programs’ as part of a directive to slash costs by more than 35 percent by the end of the year, CRN has learned. The chipmaker says it remains ‘deeply committed to the channel.’ Intel’s partner-centric Sales and Marketing Group (SMG) plans to cut…
Read More2j-slideshow–Slideshow, Image Slider by 2J The Slideshow, Image Slider by 2J plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘post’ parameter in versions up to, and including, 1.3.54 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute…
Read More
New details are emerging about a breach at National Public Data (NPD), a consumer data broker that recently spilled hundreds of millions of Americans’ Social Security Numbers, addresses, and phone numbers online. KrebsOnSecurity has learned that another NPD data broker which shares access to the same consumer records inadvertently published the passwords to its back-end…
Read More
Suspected hackers behind the heist of $14,000,000 worth of cryptocurrency from blockchain tech firm Holograph was arrested in Italy after living a lavish lifestyle for weeks in the country. As announced over the weekend by Italy’s national police force (Polizia di Stato), four individuals suspected of cybercrime and money laundering have been living in a…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-23897 Jenkins Command Line Interface (CLI) Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk…
Read More
‘Our aim is to be more valuable to our clients tomorrow than we are today,’ says Rich Falcone, president of Ahead. ‘If we can achieve that, growth will naturally follow.’ Nearly six months after Ahead acquired CDI, the combined company is ready to drive significant value for customers and reshape its go-to-market strategy. “Now that…
Read More
Flight tracking platform FlightAware is asking some users to reset their account login passwords due to a data security incident that may have exposed personal information. The technology company is based in Houston, Texas and provides real-time as well as historical flight tracking data. FlightAware is considered the world’s largest flight-tracking platform with a network…
Read More
CRN breaks down Forrester’s new report on the 10 most important cloud trends right know, which include Nvidia significantly aiding AI cloud startups, VMware customers migrating to the public cloud and the converging of AI and edge computing. From VMware migrations to the public cloud and Nvidia helping cloud AI startups win market share, Forrester’s…
Read More