Enterprise, Workstation, Data Center, Cloud, Networking, Software News And Reviews
In-depth product reviews and news of enterprise, workstation, networking, cloud, SMB, data center and software products and services.
Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published a joint cybersecurity advisory warning network defenders about phishing attacks that leverage remote monitoring and management...
Read more...
In a collective "I told you so" moment, security experts were proven right as California's newly-minted digital license plates have been hacked by a group of security/vulnerability researchers. The team was able to track the plate by GPS or even change the vehicle status to "Stolen." Even as the state legalized the...
Read more...
If you have a Chick-fil-A account and notice suspicious activity or unapproved purchases, take action now, because with the fast food chain has been hacked, affecting an unknown number of user accounts.
As early as the beginning of January, there have been Reddit posts stating that their Chick-fil-A accounts have...
Read more...
Gemini, the cryptocurrency exchange founded by the Winklevoss twins, published a blog post this week warning about phishing campaigns targeting its customers. These phishing campaigns are likely related to a previously undisclosed data breach that exposed the email addresses of the exchange’s 5.7 million customers...
Read more...
Last week, Google began pushing out an update to its Chrome browser that fixes a critical security vulnerability in the browser’s JavaScript engine. Google noted in its blog post about the update that an exploit for this vulnerability is out in the wild. Then, on Monday, the Cybersecurity and Infrastructure Security...
Read more...
Researchers at the cybersecurity firm Zimperium have discovered a botnet made up of web browsers infected by malware. The malware in question is known as Cloud9 and takes the form of browser extensions. When installed, these browser extensions take control of infected browsers to steal valuable information and perform...
Read more...
Researchers at the cybersecurity firm Trellix have been keeping tabs on a sophisticated phishing campaign, known as BazarCall, since it first drew attention in 2020. This campaign evolved over time, pioneering a social engineering technique called "callback phishing" that is now employed by many different threat...
Read more...
Last year, Cloudflare, a company that provides DDoS mitigation, content delivery network (CDN) services, and many others, published a blog post declaring its intention to kill CAPTCHAs. Now about a year and a half later, the company is introducing an alternative to standard CAPTCHAs that should be much faster and...
Read more...
Threat intelligence firm Recorded Future has published a report concerning a long-term credential theft campaign targeting humanitarian, think tank, and government organizations. A hacking group known as RedAlpha is carrying out this ongoing campaign, and is known to have been active as far back as 2015. However, it...
Read more...
Cloudflare says that it was hit by the same smishing (sms phishing) attack that recently resulted in a user data breach at Twilio. However, unlike Twilio, Cloudflare managed to prevent the attack from escalating to a data breach thanks to its strong security measures. While the attackers managed to steal login...
Read more...
Last year, a hacker who goes by the name “pompompurin” managed to breach a Federal Bureau of Investigation (FBI) web portal and send out thousands of hoax emails from an official FBI email address. Just a couple weeks prior, pompompurin gained unauthorized access to the internal network of the stock trading app...
Read more...
Shortly after hitting Parker Hannifin Corporation, a major component supplier for Boeing and Lockheed Martin, the Conti ransomware group abandoned the Conti name and split off into smaller groups that coordinate with the larger group’s leadership. This move came after Conti targeted the government of Costa Rica with...
Read more...
Google has begun rolling out another update to its Chrome browser on all the major desktop platforms (Windows, Linux, and Mac) and there are at least 32 reasons why you should apply it sooner rather than later. That's the number of security fixes the latest update includes. If you're looking for just one very good...
Read more...
Earlier this month, Clearview AI reached a settlement agreement with the American Civil Liberties Union (ACLU) over the company’s usage of Illinois citizens' biometric data without their consent. Clearview AI sells its recently patented facial recognition technology to both private companies and government agencies...
Read more...
In what seems to be the year of security breaches and threat actors thieving or or holding data for ransom, defenders, or blue teamers, cannot seem to catch a break. However, just after announcing that it had hit a major component supplier for Boeing and Lockheed Martin, it appears that the Conti ransomware gang as we...
Read more...
The beginning of the year saw a flurry of stories about security breaches as the cybercriminal gang known as LAPSUS$ stole data from an alarming number of big name companies in a short period of time. However, while LAPSUS$ is no longer in operation, after the London police arrested all seven members of the group...
Read more...
When Coca-Cola started its “Share A Coke” campaign in the early 2010s, it was certainly not thinking of this. A ransomware group dubbed “Stormous” has reportedly stolen 161GB of data from Coca-Cola. The data is currently for sale on the dark web, although Coca-Cola has not confirmed the breach.
The data includes...
Read more...
If you use Cash App, some of your personal details may have been exposed. In a filing with the US Securities and Exchange Commission (SEC), Cash App developer Block (formerly Square) revealed it suffered a data breach last December in which a former employee downloaded financial reports for millions of US...
Read more...
If you wait long enough, your software programs, utilities, and operating system will all take the initiative to apply any applicable updates, depending on how you have things configured. Even if you rely on automatic updates, though, sometimes you should still take matters into your own hands. Such is the case now if...
Read more...
We reported a week ago on a security vulnerability in Windows that multiple publicly available exploits can leverage to gain elevated privileges. We advised readers to apply the patch for this vulnerability as soon as possible, and now the Cybersecurity and Infrastructure Security Agency (CISA) is ordering federal...
Read more...
A new Security Advisory from Cisco has outlined a huge number of security-related vulnerabilities and issues that have been patched in their latest firmware update. The security advisory says to run updates on the devices affected immediately.
The advisory, which was first published on February 2 and updated again...
Read more...
If you're not a Linux sysadmin, you might not be familiar with Control Web Panel, but if you are a Linux sysadmin, you almost certainly are at least aware of the app. Control Web Panel, or CWP, is a free Linux control panel for various web services. It used to be called CentOS Web Panel, but these days it's supported...
Read more...
