Blog – Page 1054 – Cyber Mike

Google Pixel Devices Shipped with Vulnerable App, Leaving Millions at Risk

A large percentage of Google’s own Pixel devices shipped globally since September 2017 included dormant software that could be used to stage nefarious attacks and deliver various kinds of malware.
The issue manifests in the form of a pre-installed Android app called “Showcase.apk” that comes with excessive system privileges, including the ability to remotely execute code and install arbitrary

Microsoft removes FAT32 partition size limit in Windows 11

Microsoft removed today an arbitrary 32GB size limit for FAT32 partitions in the latest Windows 11 Canary build, now allowing for a maximum size of 2TB. […]

Ransomware gang deploys new malware to kill security software

RansomHub ransomware operators have been spotted deploying new malware to disable Endpoint Detection and Response (EDR) security software in Bring Your Own Vulnerable Driver (BYOVD) attacks […]

Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw

Security experts are ratcheting up the urgency for Windows admins to patch a wormable, pre-auth remote code execution vulnerability in the Windows TCP/IP stack.

The post Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw appeared first on SecurityWeek.

Microsoft disables BitLocker security fix, advises manual mitigation

Microsoft has disabled a fix for a BitLocker security feature bypass vulnerability due to firmware incompatibility issues that were causing patched Windows devices to go into BitLocker recovery mode. […]

Microsoft shares temp fix for Outlook, Word crashes when typing

Microsoft has shared a temporary fix for a known issue that causes Microsoft 365 apps like Outlook, Word, and OneNote to unexpectedly crash while typing or spell-checking a text. […]

Ransomware Attacks on Industrial Firms Surged in Q2 2024

Dragos has seen a significant increase in ransomware attacks on industrial organizations in Q2 2024 compared to the previous quarter.

The post Ransomware Attacks on Industrial Firms Surged in Q2 2024 appeared first on SecurityWeek.

SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software

SolarWinds has released patches to address a critical security vulnerability in its Web Help Desk software that could be exploited to execute arbitrary code on susceptible instances.
The flaw, tracked as CVE-2024-28986 (CVSS score: 9.8), has been described as a deserialization bug.
“SolarWinds Web Help Desk was found to be susceptible to a Java deserialization remote code execution vulnerability

SolarWinds Issues Hotfix for Critical Web Help Desk Vulnerability

SolarWinds has released a hotfix for a critical Java deserialization remote code execution vulnerability in Web Help Desk.

The post SolarWinds Issues Hotfix for Critical Web Help Desk Vulnerability appeared first on SecurityWeek.

Google Disrupts Iranian Hacking Activity Targeting US Presidential Election

Google says it blocked Iranian APT42 hackers from accessing the personal email accounts of individuals affiliated with the US elections.

The post Google Disrupts Iranian Hacking Activity Targeting US Presidential Election appeared first on SecurityWeek.

Cyber News