The Network Company Blog

We Keep you Connected

The Network Company Blog

CrowdStrike chaos
A major disruption to Windows PCs in the U.S., U.K., Australia, South Africa and other countries was caused by an error in a CrowdStrike update, the cloud security company announced on Friday. Emergency services, airports and law enforcement reported downtime, which is ongoing. “This is not a security incident or cyberattack,” CrowdStrike said in a statement. Blue Screen of Death widespread due to CrowdStrike outage Affected organizations saw the infamous Blue Screen of Death, the
search google and create an image representing GPT-4o mini
  Jaque Silva/SOPA Images/LightRocket via Getty Images OpenAI on Thursday unveiled a stripped-down version of its GPT-4o large language model, GPT-4o mini, which it said has better accuracy than GPT-4 on tasks, and costs dramatically less than GPT-3.5 “Turbo” when used by developers, which it said can boost the construction of applications that use the AI model extensively. The company touts the new AI model as “the most cost-efficient small model in the market,” although,
search google and create an image representing Cloud Migration Security
Cloud migration security refers to the safe execution of standard security procedures when transitioning data and apps to the cloud. It includes pre-migration preparation, cloud migration security strategies, and security management and maintenance post-migration. Effective cloud migration security preserves data confidentiality, integrity, and continuous application performance, shielding businesses from potential breaches and operational disruptions. How Cloud Migration Security Works A complete cloud migration security strategy consists of three main stages: pre-migration, migration, and post-migration. Pre-migration
AI MagicX
TL;DR: A lifetime subscription to AI MagicX is on sale for just $99.99 and can help with all of your design needs and bring your imagination to life. For small business owners, creating things like professional logos can be daunting, especially without design expertise. However, a strong, memorable logo is essential to establishing a brand identity. Enter AI MagicX. It features multiple AI tools designed to simplify the creation process. For just $99.99 (reg. $972),
SAP AI
Jul 18, 2024NewsroomCloud Security / Enterprise Security Cybersecurity researchers have uncovered security shortcomings in SAP AI Core cloud-based platform for creating and deploying predictive artificial intelligence (AI) workflows that could be exploited to get hold of access tokens and customer data. The five vulnerabilities have been collectively dubbed SAPwned by cloud security firm Wiz. “The vulnerabilities we found could have allowed attackers to access customers’ data and contaminate internal artifacts – spreading to related services
  Joan Cros/NurPhoto via Getty Images Microsoft is about to make a significant change in the way it delivers security updates and new features for Windows 11. You can still expect to see a single update package on the second Tuesday of each month (aka Patch Tuesday). But instead of being delivered as a single update file that grows larger every month, Microsoft is introducing what it calls “checkpoint cumulative updates”. In a post on
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-34102 Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability CVE-2024-28995 SolarWinds Serv-U Path Traversal Vulnerability CVE-2022-22948 VMware vCenter Server Incorrect Default File Permissions Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the
Worm-Like Attack
Later months of postmortem investigation, Fujitsu now says the malware that affected its techniques in a cyberattack ultimate March used to be now not ransomware as in the past speculated — and famous that the binary self-propagated, worming its method during the corporate’s inner networks in Japan. In its rundown of the investigative findings this moment, the patron electronics and networking gigantic showed that the malware first established a beachhead on one in every of
Jul 11, 2024NewsroomCyber Espionage / Network Security The China-linked advanced persistent threat (APT) group codenamed APT41 is suspected to be using an “advanced and upgraded version” of a known malware called StealthVector to deliver a previously undocumented backdoor dubbed MoonWalk. The new variant of StealthVector – which is also referred to as DUSTPAN – has been codenamed DodgeBox by Zscaler ThreatLabz, which discovered the loader strain in April 2024. “DodgeBox is a loader that proceeds
CISA and FBI Release Secure by Design Alert
Today, CISA and FBI are releasing their newest Secure by Design Alert in the series, Eliminating OS Command Injection Vulnerabilities, in response to recent well-publicized threat actor campaigns that exploited OS command injection defects in network edge devices (CVE-2024-20399, CVE-2024-3400, CVE-2024-21887) to target and compromise users. These vulnerabilities allowed unauthenticated malicious actors to remotely execute code on network edge devices. OS command injection vulnerabilities have long been preventable by clearly separating user input from the contents of a
Shopify Data Leak
Millions of online shoppers may be at risk after a data leak allegedly compromised customer information on Shopify, a leading e-commerce platform trusted by many businesses worldwide. Reports suggest nearly 180,000 users — 179,873 rows of users’ information — were impacted, with details like names, emails, and even purchase history potentially exposed. This incident highlights a growing concern in the e-commerce world: the security of user data entrusted to these platforms. While the news of
mercenary spyware attacks to iPhone users
Maria Diaz/ZDNET Apple is sounding a new round of alarm bells over a wave of sophisticated and destructive spyware attacks against specific people across 92 countries. As spotted by TechCrunch on Wednesday, Apple sent an email warning individuals in the crosshairs that they “are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID.” The email also listed the specific ID for each individual who
WordPress Plugins
Millions of WordPress websites are under threat after a critical security breach involving several popular plugins. Security researchers discovered malicious code injected into these plugins, granting hackers the ability to create unauthorized administrator accounts. This compromise can lead to severe consequences for website owners, including data breaches and total website takeovers. The specific number of affected plugins and websites is still under investigation. However, initial reports suggest prominent plugins with thousands of active installations might
Jun 28, 2024NewsroomSoftware Security / DevOps GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any user. The weaknesses, which affect GitLab Community Edition (CE) and Enterprise Edition (EE), have been addressed in versions 17.1.1, 17.0.3, and 16.11.5. The most severe of the vulnerabilities is CVE-2024-5655 (CVSS score: 9.6), which could permit a malicious actor to
  Jonathan Raa/NurPhoto via Getty Images One of the biggest complaints about ChatGPT is that it provides information, but the accuracy of that information is uncertain. Those complaints exist because ChatGPT doesn’t provide sources, footnotes, or links to where it derived information used in its answers. While that is true for the GPT-3.5 model, the GPT-4 and GPT-4o models provide more citation resources. While GPT-4 is only for paid subscribers, GPT-4o is available to both

GET THE LATEST UPDATES, OFFERS, INFORMATION & MORE