#ITSupport

No Doughnuts Today? Cyberattack Puts Krispy Kreme in a Sticky Situation

by

December 11, 2024 at 01:23PM Krispy Kreme confirmed a cyberattack that disrupted operations, including online ordering, referencing a “cybersecurity incident.” The company took immediate steps with cybersecurity experts to investigate and mitigate the impact. The incident, likely a data-extortion ransomware attack, is expected to materially affect business operations until resolved. ### Meeting Takeaways: Krispy Kreme … Read more

Windows 10 KB5048652 update fixes new motherboard activation bug

by

December 10, 2024 at 01:46PM Microsoft released the KB5048652 cumulative update for Windows 10 22H2, addressing six issues, notably one that prevented Windows 10 from activating after a motherboard change. **Meeting Takeaways:** 1. **Release Update**: Microsoft has released the KB5048652 cumulative update for Windows 10 version 22H2. 2. **Number of Fixes**: The update includes a … Read more

Blue Yonder SaaS giant breached by Termite ransomware gang

by

December 6, 2024 at 11:37AM The Termite ransomware gang has taken responsibility for the November breach affecting Blue Yonder, a software as a service (SaaS) provider. **Meeting Takeaways:** 1. **Incident Confirmation**: The Termite ransomware group has taken responsibility for the November breach involving Blue Yonder, a software as a service (SaaS) provider. 2. **Focus on … Read more

Name That Edge Toon: Shackled!

by

December 2, 2024 at 02:09PM Submit your best cybersecurity-related captions by December 31 for a chance to win a $25 gift card. Post your ideas on X, Facebook, or LinkedIn. Last month’s winner, Matthew Tompkins, received the prize for his creative caption. Thank you to all who participated! **Meeting Takeaways:** 1. **Caption Contest:** Participants are … Read more

Novel phising campaign uses corrupted Word documents to evade security

by

December 2, 2024 at 05:49AM A new phishing attack exploits Microsoft Word’s file recovery feature by distributing corrupted documents as email attachments. These files bypass security software due to their damaged condition while remaining recoverable by users, posing a significant security risk. ### Meeting Takeaways: – **Phishing Attack Overview**: A new phishing attack leverages a … Read more

New Windows Server 2012 zero-day gets free, unofficial patches

by

November 29, 2024 at 12:00PM Unofficial security patches have been released on the 0patch platform to fix a two-year-old zero-day vulnerability in the Windows Mark of the Web (MotW) security mechanism. **Meeting Takeaways:** 1. **Security Update Release**: Free unofficial security patches are now available via the 0patch platform. 2. **Vulnerability Addressed**: These patches target a … Read more

UK hospital network postpones procedures after cyberattack

by

November 28, 2024 at 05:15AM Wirral University Teaching Hospital (WUTH) in the UK faced a cyberattack causing a systems outage, leading to postponed appointments and procedures. The hospital has reverted to manual operations while working to restore IT systems. Although emergency services continue, delays are expected, with no estimated recovery time available yet. **Meeting Takeaways: … Read more

Windows 10 KB5046714 update fixes bug preventing app uninstalls

by

November 22, 2024 at 05:37PM Microsoft has introduced the KB5046714 Preview cumulative update for Windows 10 22H2, featuring six bug fixes. Notably, it addresses an issue that hindered users from uninstalling or updating packaged applications. **Meeting Notes Takeaways:** – Microsoft has released an optional cumulative update **KB5046714** for Windows 10 **22H2**. – This update is … Read more

Over 2,000 Palo Alto firewalls hacked using recently patched bugs

by

November 21, 2024 at 02:47PM Hackers have compromised thousands of Palo Alto Networks firewalls by exploiting two recently patched zero-day vulnerabilities. **Meeting Takeaways:** 1. **Security Breach**: A significant number of Palo Alto Networks firewalls have been compromised by hackers. 2. **Exploited Vulnerabilities**: The attacks are utilizing two recently patched zero-day vulnerabilities. 3. **Urgency for Action**: … Read more

After CrowdStrike Outage, Microsoft Debuts ‘Quick Machine Recovery’ Tool

by

November 21, 2024 at 09:23AM Microsoft has launched the Quick Machine Recovery tool, which enables users to apply fixes remotely on machines that cannot boot, eliminating the need for physical access. This release comes in the wake of a recent CrowdStrike outage. **Meeting Notes Takeaways:** 1. **Introduction of Quick Machine Recovery Tool**: Microsoft has launched … Read more