Tech News
General news about the tech industry, trends, and major events.
Windows 11 KB5048667 & KB5048685 cumulative updates released
Microsoft has released the Windows 11 KB5048667 and KB5048685 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. Both KB5048667 and KB5048685 are mandatory cumulative updates as they contain the December 2024 Patch Tuesday security updates for vulnerabilities discovered in previous months. Windows 11 users can install today’s update by going to Start > Settings > Windows Update and clicking on ‘Check for Updates.’ You can […]
US sanctions Chinese firm for hacking firewalls in ransomware attacks
The U.S. Treasury Department has sanctioned Chinese cybersecurity company Sichuan Silence and one of its employees for their involvement in a series of Ragnarok ransomware attacks targeting U.S. critical infrastructure companies and many other victims worldwide in April 2020. According to the Department’s Office of Foreign Assets Control (OFAC), Sichuan Silence is a Chengdu-based cybersecurity […]
New Cleo zero-day RCE flaw exploited in data theft attacks
Hackers are actively exploiting a zero-day vulnerability in Cleo managed file transfer software to breach corporate networks and conduct data theft attacks. The flaw is found in the company’s secure file transfer products, Cleo LexiCom, VLTrader, and Harmony, and is a remote code execution flaw tracked as CVE-2023-34362. The Cleo MFT vulnerability affects versions 5.8.0.21 […]
Microsoft 365 outage takes down Office web apps, admin center
Microsoft is investigating a widespread and ongoing Microsoft 365 outage impacting Office web apps and the Microsoft 365 admin center. Since this incident started hours ago, Downdetector has received user reports complaining about problems connecting to Outlook, OneDrive, and other Office 365 apps and services. Affected customers see “We’re experiencing a service outage. All of your open […]
Chinese hackers use Visual Studio Code tunnels for remote access
Chinese hackers targeting large IT service providers in Southern Europe were seen abusing Visual Studio Code (VSCode) tunnels to maintain persistent remote access to compromised systems. VSCode tunnels are part of Microsoft’s Remote Development feature, which enables developers to securely access and work on remote systems via Visual Studio Code. Developers can also execute command […]
Ransomware attack hits leading heart surgery device maker
Artivion, a leading manufacturer of heart surgery medical devices, has disclosed a November 21 ransomware attack that disrupted its operations and forced it to take some systems offline. The Atlanta-based company employs over 1,250 people worldwide and has sales representatives in more than 100 countries. It also operates manufacturing facilities in Atlanta, Georgia; Austin, Texas; […]
OpenWrt Sysupgrade flaw let hackers push malicious firmware images
A flaw in OpenWrt’s Attended Sysupgrade feature used to build custom, on-demand firmware images could have allowed for the distribution of malicious firmware packages. OpenWrt is a highly customizable, open-source, Linux-based operating system designed for embedded devices, particularly network devices like routers, access points, and other IoT hardware. The project is a popular alternative to a manufacturer’s […]
Romanian energy supplier Electrica hit by ransomware attack
Electrica Group, a key player in the Romanian electricity distribution and supply market, is investigating a ransomware attack that was still “in progress” earlier today. The company serves over 3.8 million users with nationwide coverage for electricity supply, maintenance, and energy services, distributing electricity to customers across Transilvania and Muntenia. Electrica was established as a […]
Cybercrime gang arrested after turning Airbnbs into fraud centers
Eight members of an international cybercrime network that stole millions of Euros from victims and set up Airbnb fraud centers were arrested in Belgium and the Netherlands. The action was announced by Europol, which coordinated the operation, involving 17 simultaneous searches in the two countries, taking place on December 3. The arrests were the culmination of investigations […]
Outdated Google Workspace Sync blocks Windows 11 24H2 upgrades
Microsoft now blocks the Windows 11 24H2 update on computers with outdated Google Workspace Sync installs because they’re causing Outlook launch issues. Google Workspace Sync for Microsoft Outlook (GWSMO) enables users to manage their Google Workspace emails, calendar events, contacts, notes, and tasks directly in Outlook. Users will see “Cannot Start Microsoft Outlook. Cannot Open […]