Security researchers at Tenable have discovered a potentially critical memory corruption vulnerability in Fluent Bit, a core component in the monitoring infrastructure of many cloud services. The vulnerability, dubbed Linguistic Lumberjack and tracked as CVE-2024-4323, stems from coding flaws within Fluent Bit’s built-in HTTP server. Left unresolved the vulnerability could lead to denial of service,…

Cyberattackers are hiding behind the QuickBooks brand to disguise their malicious activity, researchers are warning. The effort is a “double-spear” approach that packs a one-two punch: Stealing phone numbers and making off with cash via bogus credit-card payments. The popular accounting software allows customers to sign up for cloud accounts, from which they can send…

It’s time. If they weren’t already invested, the events of the last year have clearly forced the hands of organizations to embrace the world of cloud-delivered services. The global rise in remote work is a big driver; it has forced organizations to think more progressively about everything from their office space to their infrastructure. It’s…

Last Thursday (April 15th), Rosenworcel made a statement on future priorities by reestablishing the Communications, Security, Reliability, and Interoperability Council (CSRIC) with a focus on 5g networks and software and cloud services vulnerabilities. “I am committed to working with our federal partners and the private sector to increase the security and resiliency of our nation’s…