Patch Tuesday, December 2024 Edition
Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks. The zero-day seeing exploitation involves CVE-2024-49138, a security weakness in the Windows Common Log File System (CLFS) driver - used by applications to write transaction logs - that could let an authenticated attacker gain "system" level privileges on a vulnerable Windows device. READ MORE...
446,000 Impacted by Center for Vein Restoration Data Breach
Vein care provider Center for Vein Restoration is notifying over 446,000 individuals that their personal, medical, and financial information was compromised in a recent cyberattack. Headquartered in Greenbelt, Maryland, Center for Vein Restoration provides patient-centered treatment options for venous insufficiency, including varicose veins and spider veins. The incident was identified on October 6, and involved unauthorized access to files containing the information of employees and patients. READ MORE...
US subsidiary of global water treatment firm probes November cyberattack after data encrypted
Kurita America, the North American subsidiary of Tokyo-based Kurita Water Industries, said Monday it is investigating a cyberattack, which was detected by its security monitoring system in late November. The Minnesota-based company said an unauthorized actor gained access to its servers and encrypted company data in the Nov. 29 attack. The company disconnected the compromised servers to prevent further spread of malware, but later restored the main servers. READ MORE...
Krispy Kreme cyberattack impacts online orders and operations
US doughnut chain Krispy Kreme suffered a cyberattack in November that impacted portions of its business operations, including placing online orders. Krispy Kreme is an American multinational doughnut and coffeehouse chain operating 1,521 shops and 15,800 points of access and employing 22,800 people as of late 2023. The company has an active partnership with McDonalds to offer its products to thousands of additional locations. READ MORE...
US names Chinese national it alleges was behind 2020 attack on Sophos firewalls
The US Departments of Treasury and Justice have named a Chinese business and one of its employees as the actors behind the 2020 exploit of a zero-day flaw in Sophos firewalls. The attack was made possible by a critical-rated SQL injection flaw known as CVE-2020-12271 that was exploited in the wild in April 2020. Sophos quickly published a hotfix to harden its XG firewalls and quash the zero-day attack. READ MORE...
Atlassian, Splunk Patch High-Severity Vulnerabilities
Atlassian and Splunk on Tuesday announced patches for more than two dozen vulnerabilities across their product portfolios, including multiple high-severity flaws in third-party components. Atlassian released fixes for 10 high-severity vulnerabilities in Bamboo Data Center and Server, Bitbucket Data Center and Server, and Confluence Data Center and Server, all rated high-severity and affecting third-party dependencies. READ MORE...
Ivanti Patches Critical Flaws in Connect Secure, Cloud Services Application
Ivanti on Tuesday announced patches for 11 vulnerabilities in its products, including five critical-severity bugs in Cloud Services Application, Connect Secure, and Policy Secure. The most severe of these issues is CVE-2024-11639 (CVSS score of 10/10), an authentication bypass affecting the Cloud Services Application (CSA) secure communication solution. Affecting the administrator web console of the enterprise solution, the flaw allows attackers to access CSA with administrative privileges. READ MORE...
'Termite' Ransomware Likely Behind Cleo Zero-Day Attacks
Ransomware group "Termite" - which recently claimed supply chain vendor Blue Yonder as a victim - may be behind widespread exploit activity targeting a previously fixed vulnerability in Cleo's LexiCom, VLTransfer, and Harmony file transfer software. Cleo is currently developing a new patch for the flaw but nothing is currently available for the issue, which means the vulnerability is a zero-day under active attack. READ MORE...
AMD's trusted execution environment blown wide open by new BadRAM attack
One of the oldest maxims in hacking is that once an attacker has physical access to a device, it's game over for its security. The basis is sound. It doesn't matter how locked down a phone, computer, or other machine is, if someone intent on hacking it gains the ability to physically manipulate it, the chances of success are all but guaranteed. In the age of cloud computing, this widely accepted principle is no longer universally true. READ MORE...
- ...in 1922, actress Maila Nurmi, best known as the original 1950s TV "horror host" Vampira, is born in Gloucester, MA.
- ...in 1926, rhythm and blues singer/songwriter Willie Mae Thornton, AKA Big Mama Thornton, the first artist to record "Hound Dog", is born in Ariton, AL.
- ...in 1968, the Rolling Stones put on the "Rock and Roll Circus" show in London, playing alongside Jethro Tull, the Who, Taj Mahal, and Marianne Faithfull.
- ...in 1974, pro wrestler and lucha libre ambassador Oscar Gutierrez (better known by his ring name, Rey Mysterio) is born in Chula Vista, CA.
