15 Nov, 2024

Google fixes Chrome Password Manager bug that hides credentials

Google has fixed a bug in Chrome’s Password Manager that caused user credentials to disappear temporarily for more than 18 hours. The outage began on Wednesday, affecting users worldwide who rely on Chrome’s built-in tool to store and autofill their passwords. In a Google Workspace incident report, the company says the issue affected approximately 2% of […]

2 mins read

CrowdStrike: ‘Content Validator’ bug let faulty update pass checks

CrowdStrike released a Preliminary Post Incident Review (PIR) on the faulty Falcon update explaining that a bug allowed bad data to pass its Content Validator and cause millions of Windows systems to crash on July 19, 2024. The cybersecurity company explained that the issue was caused by a problematic content configuration update meant to gather telemetry on […]

3 mins read

Microsoft releases Windows repair tool to remove CrowdStrike driver

Microsoft has released a custom WinPE recovery tool to find and remove the faulty CrowdStrike update that crashed an estimated 8.5 million Windows devices on Friday. On Friday, CrowdStrike pushed out a faulty update that caused millions of Windows devices worldwide to suddenly crash with a Blue Screen of Death (BSOD) and enter reboot loops. This glitch […]

3 mins read

MHTML Exploited By APT Group Void Banshee

Security experts have uncovered a critical remote code execution (RCE) vulnerability, identified as CVE-2024-38112, within the MHTML protocol handler.  This vulnerability, dubbed ZDI-CAN-24433, was reported from CVE-2024-38112 to Microsoft upon discovery (and later patched by the tech giant), with evidence suggesting it was actively exploited by the advanced persistent threat (APT) group Void Banshee.  Known […]

2 mins read

Microsoft Fixes Four Zero-Days in July Patch

Sysadmins have a busy time ahead this month after Microsoft issued updates for over 140 CVEs, including four zero-day vulnerabilities. The zero-days are as follows: RCE Vulnerabilities Microsoft patched five critical RCE vulnerabilities in this July’s Patch Tuesday. First, a SharePoint vulnerability CVE-2024-38023 has been identified. “[It] could allow an authenticated attacker with site owner […]

2 mins read

Internet Explorer still used as a malware vehicle by threat actors

Microsoft’s notorious Internet Explorer has been brought out of retirement by threat actors using its security holes to serve malware. The team at Check Point Research said it spotted a new attack in the wild which uses the ancient web browser as the delivery vehicle for malware infections. The process involves the use of a […]

2 mins read

Has your VPN failed to connect recently? Microsoft says the latest Windows security update may provide a fix

If you’ve been experiencing VPN issues, Windows may have been to blame up until now. Microsoft’s April security updates for Windows 11 and Windows 10, KB5036893 and KB5036892 respectively, were previously identified by the company as causing VPN disconnection issues for some users, leaving some without a way to hide their IP address or change […]

2 mins read

Microsoft patents a technique to display encrypted documents so only you can see them

It seems to be a better system than AMD’s Privacy View feature but like all of them, it can’t solve one key issue. If you’re working on an important document in a busy environment and don’t want people to see what you’re doing at a glance, then you could use a privacy screen on the […]

3 mins read

0Patch promises Windows 10 support until 2030

While Microsoft plans to end support for Windows 10 in late 2025, 0patch comes with the promise of supporting Windows 10 v22H2 with critical security patches until 2030 and even further if there is enough demand. Fortunately, the $25-per-year or $35-per-year Pro and Enterprise subscriptions are also accompanied by a free plan. On October 14, […]

1 min read