Recent Security News
-
Brave: Sharp increase in installs after iOS DMA update in EU
March 12, 2024 at 06:29PM Brave Browser gains more users on iPhones in the EU after Apple introduces new default browser selection screen to comply with the Digital Markets Act. The update prompts users to choose from a list of popular browsers, leading to a noticeable increase in Brave installations. Brave advocates for fair competition…
-
Windows KB5035849 update failing to install with 0xd000034 errors
March 12, 2024 at 06:29PM The KB5035849 cumulative update released on Patch Tuesday fails to install on Windows 10 and Windows Server systems with error 0xd0000034. Reports indicate that it won’t install when checking online for updates, affecting systems running Windows Server 2019 or Windows 10 Enterprise LTSC 2019. Microsoft claims no awareness of issues…
-
GAO: CISA’s OT Teams Inadequately Staffed
March 12, 2024 at 06:27PM The GAO study found that some teams at CISA were inadequately staffed in providing OT products and services. While most entities had positive experiences, there were complaints about insufficient staff, such as four federal employees and five contractors for threat hunting and incident response. Staff shortages resulted in unmet requests,…
-
Microsoft Discloses Critical Hyper-V Flaws in Low-Volume Patch Update
March 12, 2024 at 06:13PM Microsoft’s March Patch Tuesday update addresses 60 unique CVEs, with only two rated as “critical”. Both affect Windows Hyper-V: CVE-2024-21407, a remote code execution (RCE) bug, and CVE-2024-21408, a denial-of-service (DoS) vulnerability. The update also includes fixes for 18 RCE and two dozen elevation-of-privilege vulnerabilities, requiring immediate attention. Notably, this…
-
‘Magnet Goblin’ Exploits Ivanti 1-Day Bug in Mere Hours
March 12, 2024 at 04:11PM Threat actors targeted Ivanti edge devices earlier this year. One-day exploit CVE-2024-21887 in Ivanti Connect Secure and Policy Secure gateways, rated 9.1/10, was quickly capitalized on by “Magnet Goblin.” Known for exploiting one-days in public-facing services, this group deploys malware capable of flying under the radar, emphasizing the need for…