Security News
Microsoft has resolved a known issue caused by the June 2024 KB5039302 preview update, causing update problems when using Windows Update automation scripts on Windows 11 systems. "After installing the June 2024 Windows preview update, released June 25, 2024 and later updates, you might face issues using Windows Update Agent API from your script while searching for Windows updates," Microsoft explained on Friday.
American telecom service provider AT&T has confirmed that threat actors managed to access data belonging to "Nearly all" of its wireless customers as well as customers of mobile virtual network operators using AT&T's wireless network. This comprises telephone numbers with which an AT&T or MVNO wireless number interacted - including telephone numbers of AT&T landline customers and customers of other carriers, counts of those interactions, and aggregate call duration for a day or month.
CDK Global reportedly paid a $25 million ransom in Bitcoin after its servers were knocked offline by crippling ransomware. Last week, CDK restored services to car dealerships across the US after a two-week outage caused by a "Cyber incident" that looked a lot like a ransomware infection.
In 1994, Hewlett-Packard released a miracle machine: the HP 200LX pocket-size PC. In the depths of the device, among the MS-DOS productivity apps built into its fixed memory, there lurked a first-person maze game called Lair of Squid. In Lair of Squid, you're trapped in an underwater labyrinth, seeking a way out while avoiding squid roaming the corridors.
Censys warns that over 1.5 million Exim mail transfer agent instances are unpatched against a critical vulnerability that lets threat actors bypass security filters. Tracked as CVE-2024-39929 and patched by Exim developers on Wednesday, the security flaw impacts Exim releases up to and including version 4.97.1.
Two House committee chairs have sent a public letter to the White House asking it to look into a deal between AI R&D outfit G42 and Microsoft. The missive [PDF] to National Security Adviser Jake Sullivan is authored by Reps Michael McCaul and John Moolenaar, respectively the chairs of the House Foreign Affairs Committee and the House Committee on Strategic Competition with the Chinese Communist Party.
Pharmacy giant Rite Aid confirmed a data breach after suffering a cyberattack in June, which was claimed by the RansomHub ransomware operation. The company told BleepingComputer on Friday that it's currently investigating a cyberattack detected in June and working on sending data breach notifications to customers affected by the resulting data breach.
A wave of coordinated DNS hijacking attacks targets decentralized finance (DeFi) cryptocurrency domains using the Squarespace registrar, redirecting visitors to phishing sites hosting wallet...
The US Cybersecurity and Infrastructure Security Agency says a red team exercise at a certain unnamed federal agency in 2023 revealed a string of security failings that exposed its most critical assets. The agency's dedicated red team picks a federal civilian executive branch agency to probe and does so without prior notice - all the while trying to simulate the maneuvers of a long term hostile nation-state threat group.
Netgear warned customers to update their devices to the latest available firmware, which patches stored cross-site scripting and authentication bypass vulnerabilities in several WiFi 6 router models. The stored XSS security flaw impacts the XR1000 Nighthawk gaming router.