Crowdstrike’s latest update is causing “blue screens of death” on Windows systems, leading to chaos at airports, 911 centers, banks, and media outlets. If you need a laugh or a cry, follow their steps to delete a rogue file and revive your PC. Linux and MacOS users, enjoy your popcorn!

Philips Vue PACS vulnerabilities could allow unauthorized eavesdropping, data modification, and system access. Update to the latest version or follow mitigation steps to safeguard your system. Stay vigilant—your PACS might need more security than your fridge!

Attention, MELSOFT MaiLab users: A denial-of-service vulnerability could let remote attackers crash your system. CVE-2023-4807 packs a punch with a CVSS v4 score of 8.2. Update to version 1.06G or later, use a firewall, and avoid sketchy emails. Stay safe and keep those data science projects rolling!

CISA released three ICS advisories on July 18, 2024, highlighting critical security issues and vulnerabilities. Time to update those industrial control systems before hackers turn your factory into their personal playground!

CISA is addressing a major Microsoft Windows outage caused by a recent CrowdStrike update. Windows 10 and later systems are affected, while Mac and Linux remain untouched. Beware of phishing scams exploiting this incident.

AWS addresses CVE-2024-35198 and CVE-2024-35199 in PyTorch TorchServe. SageMaker and EKS users remain unaffected. Upgrading to TorchServe v0.11.0 resolves these issues.

AWS has patched critical vulnerabilities in AWS Client VPN. Users should upgrade to the latest versions to avoid risks.

D-Link NAS devices are under attack due to an OS command injection vulnerability. Hackers are using double obfuscation techniques to bypass filters and avoid honeypots. Time to update your devices—or just pray they don’t get turned into the next big botnet!

LabVIEW users, beware of opening suspicious VI files! National Instruments’ software has vulnerabilities that could allow attackers to execute arbitrary code. The CVSS score of 8.4 screams, “Pay attention!” Update now and avoid the digital chaos.

Attention, IT wizards! Hitachi Energy’s AFS/AFR series is facing vulnerabilities that could lead to a denial-of-service attack. Affected versions include AFS650, AFS660, AFS665, AFS670, AFS675, AFS677, and AFR677. Update your firmware ASAP to fend off any cyber shenanigans.

National Instruments I/O Trace is vulnerable to a stack-based buffer overflow, potentially allowing arbitrary code execution. With a CVSS v4 score of 8.4, this high-risk issue requires user interaction to exploit. National Instruments has issued a fix, and CISA recommends defensive measures. Remember, a VPN is only as secure as its connected devices.

CISA released four ICS advisories on July 23, 2024, detailing security issues, vulnerabilities, and exploits. Time to brush up on those technical details and mitigations!

CISA has added new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including CVE-2012-4792 and CVE-2024-39891. These pose significant risks and are frequent attack vectors.

CISA released two ICS advisories on July 25, 2024, detailing security vulnerabilities. Users and administrators are urged to review the advisories for technical details and recommended mitigations.

Palo Alto Networks’ Unit 42 researchers discovered 15 BOLA vulnerabilities in Easy!Appointments using an automated AI tool. The vulnerabilities allowed low-privileged users to manipulate data of higher-privileged users. After notifying the vendor, all issues were patched in version 1.5.0. This highlights the importance of continuous software scrutiny for API vulnerabilities.

Threat actors are leveraging the CrowdStrike outage for social engineering, embedding malicious VBA code in Word documents. Remarkably, a custom GrammarlyDocumentId appears in these files. Are cybercriminals using Grammarly for polished phishing? Not quite. It seems they’re just recycling old documents. But hey, even malware deserves good grammar!

Didier Stevens reveals on the StormCast podcast how running Hashcat with a NVIDIA GeForce RTX 3080 GPU can skyrocket your power consumption. His data shows that long Hashcat runs are real energy guzzlers.

Want to practice handling BSODs without risking your sanity? Use Sysinternals’ NotMyFault tool to trigger a Blue Screen of Death. Just don’t blame us if your computer starts seeing red!

Scammers are diving headfirst into the GenAI buzz! Since ChatGPT’s launch, a whopping 28.75% of GenAI-related domains have been flagged as suspicious. From malware to spam, cyber crooks are cashing in on the AI craze. Stay vigilant, folks—GenAI might just stand for “Generous AI Scammers.”

CVE-2024-27808 is a critical WebKit vulnerability. Improve your memory handling, or processing malicious web content might just lead to arbitrary code execution.