August 2, 2024 at 10:34AM Investors have filed a lawsuit against cybersecurity firm CrowdStrike, alleging false claims about its Falcon platform. A faulty security update resulted in a significant global IT outage, leading to a 38% drop in stock price. Based on the meeting notes, the key takeaway is that cybersecurity company CrowdStrike is facing … Read more
July 24, 2024 at 10:36AM CrowdStrike’s faulty security content configuration update for their Falcon sensor caused a global incident last Friday, impacting global IT teams, and disrupting business continuity. The update, designed to provide new security content to its software, triggered a Windows operating system crash. CrowdStrike released a preliminary Post Incident Review, apologized for … Read more
July 11, 2024 at 10:48AM GitLab has released security updates to address six vulnerabilities in GitLab CE and EE, including a critical-severity bug (CVE-2024-6385) allowing an attacker to trigger a pipeline as another user. The updates also address a medium-severity bug and four low-severity flaws. Users are advised to update their instances promptly due to … Read more
July 10, 2024 at 11:30AM Microsoft resolved a known issue causing restart loops and taskbar problems on Windows 11 systems after installing the June KB5039302 preview update. The issue affects Windows 11 23H2 and 22H2 systems, with a recommendation to install the latest security update for fixes, particularly affecting virtualization environments. The update was paused … Read more
July 9, 2024 at 05:13PM July’s Microsoft security update addresses 139 CVEs, including actively exploited vulnerabilities and a public Intel microprocessor issue. Notably, two zero-day bugs were identified, posing a moderate threat. Additionally, critical vulnerabilities affecting Windows Remote Desktop Licensing Service require immediate attention, with a recommendation to disable the service if not in use. … Read more
July 8, 2024 at 02:59PM Microsoft has announced that multiple editions of Windows 11, version 22H2, including Home, Pro, and Education, will reach end of servicing on October 8, 2024. This means they will no longer receive monthly security updates after this date. Windows 11 21H2 Enterprise, Education, and IoT Enterprise editions will also reach … Read more
June 30, 2024 at 11:21AM Juniper Networks released an emergency update to address a critical vulnerability, tracked as CVE-2024-2973, which could lead to an authentication bypass in Session Smart Router, Conductor, and WAN Assurance Router products. The affected versions and recommended patches were listed, highlighting the need for immediate action due to active exploitation of … Read more
June 27, 2024 at 07:06PM The BlackSuit ransomware gang cyberattacked KADOKAWA corporation, demanding ransom in exchange for not publishing stolen data, which includes employee details, financial information, and business plans. The Japanese media conglomerate’s operations, including Niconico services, continue to be impacted. BlackSuit, a rebrand of the Royal ransomware operation, has been linked to numerous … Read more
June 25, 2024 at 11:13PM Summary: Apple ID HT214111 released update on 2024-06-25 addressing CVE-2024-27867, improving state management for Bluetooth. The update is available for AirPods (2nd gen and later), AirPods Pro, AirPods Max, Powerbeats Pro, and Beats Fit Pro to prevent an attacker in Bluetooth range from gaining access to headphones during connection requests. … Read more
June 13, 2024 at 01:25PM A proof-of-concept exploit for Veeam Recovery Orchestrator vulnerability tracked as CVE-2024-29855 has been released by security researcher Sina Kheirkha. The exploit allows unauthenticated access to the web UI with administrative privileges due to a hardcoded JWT secret. Veeam’s security bulletin suggests upgrading to patched versions and provides conditions required to … Read more