Security News

Password manager 1Password is warning that all Mac users running versions before 8.10.36 are vulnerable to a bug that allows attackers to steal vault items. Based on 1Password's description of the vulnerability, an attacker would need to develop and install a specific program on a victim's machine that targeted 1Password on Mac, either through social engineering or other means.

A critical security flaw impacting Progress Software WhatsUp Gold is seeing active exploitation attempts, making it essential that users move quickly to apply the latest. The vulnerability in question is CVE-2024-4885, an unauthenticated remote code execution bug impacting versions of the network monitoring application released before 2023.1.3.

Although endpoint anti-malware and other security controls are now standard at the operating system level, keeping all endpoint software up-to-date and secure remains an open issue for many organizations. Having worked with many enterprise security software, I noticed that established market players tend to accumulate substantial technical debt, which translates into bloated endpoints that spawn several processes and services bolted together as new functionalities get added, ultimately noticeably hitting endpoint performance and hampering employee productivity.

Livne explains the role of effective patch management in minimizing business risk and maintaining strong cybersecurity. Can you speak to the importance of a good patch management strategy in reducing business risk?

Coupled with an exploding ecosystem of third-party apps, endpoint management tools that aren't really designed to handle patch management, bandwidth issues, and architectural challenges, IT teams have "An overwhelming amount of work to do," Hewitt told us. Endpoint management biz Adaptiva revealed in its 2023 state of patch handling report [PDF] that the average organization manages around 2,900 software applications, and 69 percent of IT teams believe it's impossible to get all of them patched on schedule.

Not now, Microsoft Some Windows devices are presenting users with a BitLocker recovery screen upon reboot following the installation of July's Patch Tuesday update.…

Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code execution attacks. It has been described as a remote command execution flaw in the Gremlin graph traversal language API. "Users are recommended to upgrade to version 1.3.0 with Java11 and enable the Auth system, which fixes the issue," the Apache Software Foundation noted in late April 2024.

Netgear warned customers to update their devices to the latest available firmware, which patches stored cross-site scripting and authentication bypass vulnerabilities in several WiFi 6 router models. The stored XSS security flaw impacts the XR1000 Nighthawk gaming router.

Another new ransomware gang, this one dubbed EstateRansomware, is exploiting a Veeam vulnerability that was patched more than a year ago to drop file-encrypting malware, a LockBit variant, and extort payments from victims. Veeam fixed the flaw, tracked as CVE-2023-27532, in March 2023 for versions 12/11a and later of its backup and replication software.

Patch Tuesday Clear your Microsoft system administrator's diary: The bundle of fixes in Redmond's July Patch Tuesday is a doozy, with at least two bugs under active exploitation. The first of two vulnerabilities for sure under active exploit - CVE-2024-38080 - is a Windows Hyper-V elevation of privilege flaw with a 7.8-out-of-10 CVSS rating, which Microsoft deemed "Important."