Windows TCO Leftovers
-
Silicon Angle ☛ CrowdStrike shares fall 5% after fourth-quarter outlook misses expectations
Shares in CrowdStrike Holdings Inc. fell nearly 5% in late trading today after the cybersecurity company reported solid fiscal 2025 third-quarter results but fell short of expectations with its fourth-quarter outlook.
-
Cyble Inc ☛ RomCom Exploits Firefox & Windows Zero-Day Vulnerabilities
The first vulnerability, CVE-2024-9680, is a critical use-after-free bug discovered in Firefox’s animation timeline feature. This flaw, which has a CVSS score of 9.8, affects several versions of Mozilla browsers, including Firefox, Thunderbird, and Tor Browser. The flaw allows attackers to execute arbitrary code in the restricted context of the browser, which can lead to the installation of malware. Mozilla swiftly patched this vulnerability on October 9, 2024, addressing the issue for affected browsers.
Further analysis revealed a second, previously unknown vulnerability in Windows, assigned CVE-2024-49039. This privilege escalation vulnerability in the Windows Task Scheduler received a CVSS score of 8.8. When combined with the Firefox vulnerability, this flaw allows attackers to execute code in the context of the logged-in user. This means that, even without any interaction from the user, malicious code can be run, giving threat actors control over the affected system. Microsoft released a patch for CVE-2024-49039 on November 12, 2024.
-
Security Week ☛ Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets
The hacking group, tracked as RomCom, Storm-0978, Tropical Scorpius, and UNC2596, has been conducting opportunistic and targeted campaigns against various sectors, as part of both espionage and cybercrime operations.
Following the exploitation of a Microsoft Office zero-day last year, RomCom was recently caught exploiting two other zero-days, namely CVE-2024-9680, a critical-severity flaw affecting Firefox, Thunderbird, and Tor browser, along with CVE-2024-49039, a high-severity Windows Task Scheduler bug.
-
Bitdefender ☛ Data leaks from websites built on Microsoft Power Pages, including 1.1 million NHS records
A security researcher has blamed misconfigured implementations of Microsoft Power Pages for a slew of data breaches from web portals - including the leak of 1.1 million NHS employee records.
It's the latest discovery by Dublin-based security researcher Aaron Costello, who previously discovered the health and personal details of over a million citizens had been accidentally exposed by Ireland's HSE Covid vaccination portal.
-
AppOmni ☛ Microsoft Power Pages: Data Exposure Reviewed
However, the ability for Microsoft customers to easily deploy these data-driven web applications can come at a great cost to security if mismanaged from a security perspective. During my research, I’ve uncovered several million records of sensitive data being exposed to the public internet from authorized testing alone. The primary nature of this data are internal organization files and sensitive PII belonging to both internal organization users and other users registered on the website. In the majority of these cases, the PII uncovered included full names, email addresses, phone numbers, and home addresses.
-
Scoop News Group ☛ Starbucks, UK grocers impacted by ransomware attack on Blue Yonder
A ransomware attack on supply chain management software provider Blue Yonder has impacted global operations at various companies in the United States and United Kingdom, affecting major retailers such as Starbucks and several UK-based supermarket chains.
Starbucks has reported difficulties in processing payroll and managing employee schedules due to the incident, telling the Wall Street Journal that locations have resorted to manual calculations for employee pay. While the situation does not affect customer service, Starbucks assured its employees that they would receive their due compensation for all hours worked.
-
The Record ☛ RansomHub gang says it broke into networks of Texas city, Minneapolis agency
On Monday, the RansomHub operation took credit for damaging attacks on the city of Coppell, Texas, and the Minneapolis Park and Recreation Board.
Both organizations have reported widespread technology issues in recent weeks that caused significant problems for local residents.
-
The Record ☛ British hospital group declares ‘major incident’ following cyberattack | The Record from Recorded Future News
The NHS Trust responsible for a group of hospitals in northwest England has declared a “major incident” following a cyberattack, invoking the crisis management status for events that pose a serious risk to public health.