Tag: network security
Oct 30, 2024Ravie LakshmananCybercrim / Cryptocurrency Cybersecurity researchers have discovered a new malicious Python package that masquerades as a cryptocurrency trading tool but harbors functionality designed to steal sensitive data and drain assets from victims’ crypto wallets. The package, named “CryptoAITools,” is said to have been distributed via both Python Package Index (PyPI) and bogus…
Read More
‘We are committed to equipping MSPs with the most advanced tools to protect their clients’ data,’ says SaaS Alerts CEO Jim Lippie. ‘Integrating SaaS Alerts into Kaseya 365 User means MSPs can now deliver advanced threat detection and response capabilities specifically tailored to the user and application level.’ Kaseya announced today that it bought cybersecurity…
Read More
Oct 29, 2024Ravie LakshmananAI Security / Vulnerability A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) models, some of which could lead to remote code execution and information theft. The flaws, identified in tools like ChuanhuChatGPT, Lunary, and LocalAI, have been reported as part…
Read More
Oct 29, 2024Ravie LakshmananCybercrime / Malware The Dutch National Police, along with international partners, have announced the disruption of the infrastructure powering two information stealers tracked as RedLine and MetaStealer. The takedown, which took place on October 28, 2024, is the result of an international law enforcement task force codenamed Operation Magnus that involved authorities…
Read More
Sherlock Holmes is famous for his incredible ability to sort through mounds of information; he removes the irrelevant and exposes the hidden truth. His philosophy is plain yet brilliant: “When you have eliminated the impossible, whatever remains, however improbable, must be the truth.” Rather than following every lead, Holmes focuses on the details that are…
Read More
Oct 29, 2024Ravie LakshmananDigital Security / Data Privacy The U.S. government (USG) has issued new guidance governing the use of the Traffic Light Protocol (TLP) to handle the threat intelligence information shared between the private sector, individual researchers, and Federal Departments and Agencies. “The USG follows TLP markings on cybersecurity information voluntarily shared by an…
Read More
Oct 29, 2024Ravie LakshmananHardware Security / Vulnerability More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to speculative execution attacks. The attack, disclosed by ETH Zürich researchers Johannes Wikner and Kaveh Razavi, aims to…
Read More
The new Cisco 360 Partner Program was designed with value in mind, not transactions, to better align with Cisco’s larger goals to capture more mindshare in security, AI, software and services, Cisco’s Rodney Clark told CRN exclusively. The newly revealed Cisco 360 partner program will go live in February 2026 to give the tech giant’s…
Read More
‘The foundation of our program was hardware and transaction. That’s who we were as a company at the time and that served us well … but what it rewarded was a partner who transacts, and the way that we do business today is quite different. It’s the first material shift in how we evaluate partners…
Read More
Oct 28, 2024Ravie LakshmananCloud Security / Cyber Attack A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset codenamed CloudScout. “The CloudScout toolset is capable of retrieving data from various cloud services by leveraging stolen…
Read More