Category: Kamban
‘The strategy behind acquiring both SkyKick and Axcient was to further expand our cybersecurity and data protection portfolios,’ said Ameer Karim, executive vice president and general manager at ConnectWise. ‘As cyber threats evolve, data protection and cybersecurity must go hand-in-hand.’ In a move to bolster its cybersecurity and data protection capabilities, ConnectWise has acquired Axcient…
Read More
Microsoft says this month’s Patch Tuesday cumulative updates also fix a known issue causing Windows Server 2019 boot problems, freezes, and performance issues after installing the August 2024 security updates. Redmond first confirmed this known issue on August 21, following widespread reports from Windows admins that their servers were experiencing performance issues and becoming unusable…
Read More
Ivanti has fixed a maximum severity vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers gain remote code execution on the core server. Ivanti EPM helps admins manage client devices that run various platforms, including Windows, macOS, Chrome OS, and IoT operating systems. The security flaw (CVE-2024-29847) is caused by a deserialization…
Read More
A novel acoustic attack named ‘PIXHELL’ can leak secrets from air-gapped and audio-gapped systems, and without requiring speakers, through the LCD monitors they connect to. In a PIXHELL attack, malware modulates the pixel patterns on LCD screens to induce noise in the frequency range of 0-22 kHz, carrying encoded signals within those acoustic waves that can…
Read More
The RansomHub ransomware gang has been using TDSSKiller, a legitimate tool from Kaspersky, to disable endpoint detection and response (EDR) services on target systems. After taking down the defenses, RansomHub deployed the LaZagne credential-harvesting tool to extract logins from various application databases that could help move laterally on the network. TDSSKiller abused in ransomware attacks Kaspersky…
Read More
Microsoft has released the KB5043064 cumulative update for Windows 10 22H2 and Windows 10 21H2, which includes 6 changes and fixes, including a fix for Bluetooth devices that stop working due to a memory leak. The Windows 10 KB5043064 update is mandatory as it contains Microsoft’s September 2024 Patch Tuesday security updates, which fix 142 vulnerabilities.…
Read More
Microsoft has fixed a Windows Smart App Control and SmartScreen flaw that has been exploited in attacks as a zero-day since at least 2018. On vulnerable systems, threat actors have abused the vulnerability (now tracked as CVE-2024-38217) to circumvent Smart App Control and the Mark of the Web (MotW) security feature to launch untrusted or potentially…
Read More
Microsoft has released the mandatory Windows 11 23H2 KB5043076 cumulative update to fix security vulnerabilities and make 19 improvements. KB5043076 is a mandatory Windows 11 cumulative update containing the September 2024 Patch Tuesday security updates that fix 79 vulnerabilities and four actively exploited zero-days. Windows 11 users can install today’s update by going to Start > Settings > Windows Update and clicking on ‘Check for Updates.’…
Read More
‘Our program is unique because it integrates three distinct roles, each addressing a critical aspect of partnership success,’ says Todyl CEO John Nellen. ‘We’re excited about the potential this program has to scale our partners’ businesses and enhance their security capabilities.’ Todyl has launched its revamped partner program “from the ground up” to better align…
Read More
Today is Microsoft’s September 2024 Patch Tuesday, which includes security updates for 79 flaws, including four actively exploited and one publicly disclosed zero-days. This Patch Tuesday fixed seven critical vulnerabilities, which were either remote code execution or elevation of privileges flaws. The number of bugs in each vulnerability category is listed below: 30 Elevation of…
Read More