‘Now more clearly than ever, we are seeing that public AI alone cannot address the increasing needs of either individuals or enterprises,’ Lenovo CEO Yuanqing Yang said in announcing first quarter earnings on Thursday. ‘Hybrid AI, which is formed by personal AI, enterprise AI, together with public AI, is indeed the way forward.’ Lenovo said…
Read More
Microsoft removed today an arbitrary 32GB size limit for FAT32 partitions in the latest Windows 11 Canary build, now allowing for a maximum size of 2TB. “When formatting disks from the command line using the format command, we’ve increased the FAT32 size limit from 32GB to 2TB,” the Windows Insider team said today. Previously, despite…
Read More
How does this lead to misconfigurations? Let’s assume an administrator creates a CRT with “No Permissions Required.” In adding custom fields, he wants some fields to be readable by unauthenticated users, so he sets their Default Access Level to View; other fields that should not be readable, he sets Default Access Level to None, assuming…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-28986 SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk…
Read More
RansomHub ransomware operators are now deploying new malware to disable Endpoint Detection and Response (EDR) security software in Bring Your Own Vulnerable Driver (BYOVD) attacks. Named EDRKillShifter by Sophos security researchers who discovered it during a May 2024 ransomware investigation, the malware deploys a legitimate, vulnerable driver on targeted devices to escalate privileges, disable security…
Read More
When tech companies look for ways to optimize operations, respond to changing market conditions, re-adjust priorities, or even shut down their operation, the impact on employee livelihood can be big. CRN looks at 10 of the most significant tech layoffs that have made their mark so far in 2024. IT Sector Layoffs Still Happening In…
Read More
However, researchers noted in the FAQ that the Repository does have several limitations, including being limited to risks from the 43 taxonomies, so it “may be missing emerging, domain-specific risks, and unpublished risks, and has potential for errors and subject bias; we used a single expert reviewer for extraction and coding.” Despite those shortcomings, the…
Read MoreNIST Releases First Post-Quantum Encryption Algorithms From the Federal Register: After three rounds of evaluation and analysis, NIST selected four algorithms it will standardize as a result of the PQC Standardization Process. The public-key encapsulation mechanism selected was CRYSTALS-KYBER, along with three digital signature schemes: CRYSTALS-Dilithium, FALCON, and SPHINCS+. These algorithms are part of three…
Read More
‘With the acquisition of Morpheus Data, we will take the next major leap to make HPE GreenLake cloud the de facto platform for innovating across hybrid IT,’ says HPE’s Fidelma Russo. HPE is making the “next major leap” in HPE GreenLake with the planned acquisition of hybrid cloud management and automation all-star Morpheus Data. “With…
Read More
Microsoft has disabled a fix for a BitLocker security feature bypass vulnerability due to firmware incompatibility issues that were causing patched Windows devices to go into BitLocker recovery mode. Tracked as CVE-2024-38058, this important severity security flaw can let attackers bypass the BitLocker Device Encryption feature and access encrypted data with physical access to the…
Read More