Tag: Vulnerabilities
IT systems are moving beyond the data center with edge computing and Internet of Things devices playing an increasingly important role in distributed data collection remote computing. As part of CRN’s Stellar Startups for 2024, here are two edge computing/IoT startups, founded in 2018 or later, that solution providers should be aware of. Spread Out!…
Read More
The vulnerability affects Palo Alto Networks’ Expedition migration tool and was originally disclosed in July. A critical-severity vulnerability affecting a Palo Alto Networks tool — originally disclosed in July — is now known to have been exploited in cyberattacks, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). CISA released an advisory Thursday mentioning…
Read More
Left unchecked, ‘generative AI in the software development process is going to produce worse outcomes from a software security perspective,’ says software security pioneer and Veracode Co-Founder Chris Wysopal. While generative AI continues to deliver massive boosts to workplace productivity as adoption climbs, the trade-offs for security are becoming increasingly evident, as well, according to…
Read More
‘Our acquisition of Adaptive Shield takes us another step forward in giving our customers the best possible protection against modern cyberattacks with the Falcon platform,’ said CrowdStrike President Michael Sentonas. Cybersecurity all-star CrowdStrike is significantly boosting its Falcon platform with the acquisition of SaaS security startup Adaptive Shield. CrowdStrike President Michael Sentonas said the purchase…
Read More
CRN staff compiled the top partner-friendly products that launched or were significantly updated over the last year. Now it’s up to solution providers to choose the winners. Application Performance and Observability As more applications run in hybrid-cloud and multi-cloud environments, maintaining application performance has becoming a more complex task. Application performance management and observability tools…
Read More
A suspected nation-state campaign has been targeting FortiManager customers — likely including MSPs — since at least late June, according to security researchers. The attacks exploiting a critical-severity vulnerability in Fortinet FortiManager are likely targeting MSPs in a nation-state espionage campaign, according to a security researcher. In a post Tuesday, well-known researcher Kevin Beaumont noted…
Read More
The vulnerability—which has been exploited in attacks compromising more than 50 FortiManager devices, according to Mandiant researchers—was disclosed by Fortinet Wednesday. A critical-severity FortiManager vulnerability publicly disclosed by Fortinet this week has been exploited in attacks dating back to late June, according to Mandiant researchers. The attacks exploiting the flaw (tracked at CVE-2024-47575) has compromised…
Read More
‘Reports have shown this vulnerability to be exploited in the wild,’ the security vendor says in an advisory Wednesday. Fortinet disclosed Wednesday that a critical-severity vulnerability affecting numerous versions of FortiManager has seen exploitation in attacks. The flaw is tracked at CVE-2024-47575 and can enable remote execution of code by an unauthenticated threat actor, according…
Read More
It’s the third time in 2024 that has seen Microsoft’s monthly patch release consist of fixes for more than 100 vulnerabilities, according to Trend Micro’s Dustin Childs. For the third time in 2024, Microsoft’s monthly patch release has included fixes for more than 100 vulnerabilities, according to a Trend Micro researcher. The tech giant disclosed…
Read More
The vendor disclosed that some customers have been attacked through exploitation of the newly discovered flaws in its Cloud Service Appliance. Ivanti disclosed Tuesday that some customers have been attacked through exploitation of three newly discovered vulnerabilities in its Cloud Service Appliance (CSA) gateway. The vendor said the flaws have been exploited in conjunction with…
Read More