Featured Story
Bad CrowdStrike Update Linked to Major IT Outages Worldwide
Organizations worldwide are reporting major outages that appear to be caused by a bad update pushed out by cybersecurity giant CrowdStrike (NASDAQ: CRWD).
CrowdStrike launched an investigation after receiving widespread reports of Windows hosts experiencing a Blue Screen of Death (BSOD). The BSOD appears to be caused by a recent CrowdStrike Falcon sensor update, reportedly putting affected devices into inoperable BSOD loops.
This incident reveals a significant breach of the third pillar of information security: availability. Although not a cyberattack, this disruption highlights how software failures can incapacitate essential systems. The recommended workaround: boot into Safe Mode, delete the file matching “C-00000291*.sys” under C:\Windows\System32\drivers\CrowdStrike, then reboot normally.
Other Stories
Oracle Releases Critical Patch Update Advisory for July 2024
Oracle has issued its quarterly Critical Patch Update (CPU) for July 2024, addressing vulnerabilities across a broad range of its products. Some of the flaws could allow attackers to take control of affected systems.
Oracle’s quarterly updates are vital for securing enterprise applications. Organizations should review the CPU and apply patches promptly to reduce their exposure and meet compliance standards.
SolarWinds Patches 11 Critical Flaws in Access Rights Manager Software
SolarWinds has patched 11 security flaws in Access Rights Manager (ARM), with seven rated critical (CVSS 9.6) and four rated high severity. Exploiting these flaws could lead to information theft or remote code execution.
SolarWinds ARM is deeply integrated into enterprise environments, making it an attractive target for attackers. Apply the patches without delay to avoid becoming a victim of lateral movement or ransomware.
WARNING: CRITICAL AUTHENTICATION BYPASS VULNERABILITY IN CISCO SMART SOFTWARE MANAGER (SSM) ON-PREM, PATCH IMMEDIATELY!
A flaw in Cisco SSM On-Prem allows attackers to reset any user’s password — including administrators — and gain full access. This flaw impacts software used by Cisco partners and service providers to manage licenses and accounts.
This critical vulnerability allows privilege escalation to admin rights. Apply the Cisco patch immediately, and conduct a thorough audit if exploitation is suspected.
Contact the Approach Cyber SOC team for tailored support and training programs.
