Tag: Vulnerabilities
This year’s leading news stories (so far) include the ongoing AI wave that’s remaking the IT industry, the impact of three multi-billion-dollar acquisition deals, the contrasting fortunes of two of the industry’s leading semiconductor companies – and what was likely the biggest IT system failure to date. AI Highs, Service Failure Lows The top news…
Read More
A zero-day vulnerability in Versa Director has reportedly been exploited by Chinese government hackers to target internet service providers and MSPs. Internet service providers and MSPs are the main targets of a cyberattack campaign exploiting a Versa Networks SD-WAN vulnerability and linked to the Chinese government, according to security researchers and media reports. The attacks…
Read More
‘Nothing is safe anymore. The more layers of protection we can have, the better I sleep,’ Randy Jorgensen, managing member of South Jordan, Utah-based RJNetworks, tells CRN. Microsoft will take a phased approach to its requirement that all Azure users adopt multi-factor authentication, starting with Azure portal, Microsoft Entra administration center and Intune admin center…
Read More
‘These types of vulnerabilities are frequent attack vectors,’ CISA says in a post online. A government agency is warning about threat actors exploiting a Java deserialization remote code execution vulnerability in SolarWinds Web Help Desk. The U.S. Cybersecurity and Infrastructure Security Agency has added the exploit to its Known Exploited Vulnerabilities Catalog under the code…
Read More
Iranian hackers tied to recent U.S. presidential campaign cyberattacks abuse services like Google Workspace, Dropbox and OneDrive, says Google in a new cybersecurity report. Google’s Theat Analysis Group found an Iranian government-backed hacking group, known as APT42, has conducted phishing cyberattacks targeting “accounts associated with the U.S. presidential election.” “In May and June, APT42 targets…
Read More
New disclosures Monday pointed to attacks exploiting vulnerabilities in the three vendors’ platforms. New disclosures Monday revealed attacks exploiting vulnerabilities in widely used platforms from VMware, ServiceNow and Acronis. The attacks have included exploits of two critical-severity vulnerabilities in ServiceNow’s Now Platform as well as a critical vulnerability affecting Acronis Cyber Infrastructure. [Related: SentinelOne CEO:…
Read More
New data from cloud insurance firm Parametrix sheds light on the financial cost of the massive CrowdStrike outage last week that affected millions of Microsoft devices. The massive CrowdStrike outage that affected millions of Microsoft devices is predicted to cost U.S. Fortune 500 companies $5.4 billion in total direct financial loss, with an average loss…
Read More
‘We did send these to our teammates and partners who have been helping customers through this situation,’ according to a CrowdStrike spokesperson. CrowdStrike has confirmed to CRN that it sent partners Uber gift cards that stopped working – a gesture of appreciation mocked online as the cybersecurity vendor and solution providers deal with the fallout…
Read More
‘It reinforced that [Desktop-as-a-Service] technology has its benefits to quickly recover from situations like this,’ says Nerdio co-founder and CEO Vadim Vladimirskiy. The recent faulty CrowdStrike update that downed about 8.5 million Microsoft Windows machines helped show the power of virtualization when it comes to recovering from cybersecurity incidents and outages, said Nerdio co-founder and…
Read More
‘As a follow-up to the CrowdStrike Falcon agent issue impacting Windows clients and servers, Microsoft has released an updated recovery tool with two repair options to help IT admins expedite the repair process,’ Microsoft says. Following the faulty CrowdStrike update that caused chaos for millions of Microsoft customers and businesses, the software giant has now…
Read More