Microsoft rolls out Windows security changes to prevent another CrowdStrike meltdown
Last summer’s CrowdStrike meltdown was a nightmare for network administrators worldwide, disrupting healthcare systems, cutting off access to banking systems, and grounding aircraft. All in all, the event caused billions of dollars in direct and indirect damages, and it was entirely preventable. In response, Microsoft convened a security summit, bringing together technical experts from CrowdStrike and its competitors in the endpoint security software business. That meeting led to an announcement late last year of a new set of Safe Deployment practices and some changes to the architecture of Windows desktop and server products, with the goal of preventing a similar incident from ever happening again.
Millions of Brother Printers Hit by Critical, Unpatchable Bug
Hundreds of printers from the hardware manufacturer Brother are affected by a critical security vulnerability that cannot be patched through firmware. The disclosure comes as part of research published today by security firm Rapid7, concerning eight vulnerabilities affecting 748 models of printer, scanner, and label-maker devices from five device vendors. The lion’s share of the models affected — 689 of them — come from Brother, a Japan-based electronics manufacturer.
Microsoft 365 ‘Direct Send’ abused to send phishing as internal users
An ongoing phishing campaign abuses a little‑known feature in Microsoft 365 called “Direct Send” to evade detection by email security and steal credentials. Direct Send is a Microsoft 365 feature that allows on‑premises devices, applications, or cloud services to send emails through a tenant’s smart host as if they originated from the organization’s domain. It’s designed for use by printers, scanners, and other devices that need to send messages on behalf of the company. However, the feature is a known security risk, as it doesn’t require any authentication, allowing remote users to send internal‑looking emails from the company’s domain.
PACER electronic filing system under attack by hackers, federal judge warns lawmakers
The federal judge overseeing efforts to modernize electronic case filing technology for U.S. courts told a congressional committee this week that the nation’s court system is under constant attack by increasingly sophisticated hackers. Michael Scudder, who chairs the Committee on Information Technology for the federal courts’ national policymaking body, told members of the House Judiciary Committee that about 200 million harmful cyber “events” were prevented from penetrating court local area networks in fiscal 2024.
Microsoft is moving antivirus providers out of the Windows kernel
It’s been nearly a year since a faulty CrowdStrike update took down 8.5 million Windows-based machines around the world, and Microsoft wants to ensure such a problem never happens again. After holding a summit with security vendors last year, Microsoft is poised to release a private preview of Windows changes that will move antivirus (AV) and endpoint detection and response (EDR) apps out of the Windows kernel. The new Windows endpoint security platform is being built in cooperation with CrowdStrike, Bitdefender, ESET, Trend Micro, and many other security vendors. “We’ve had dozens of partners supply papers to us, some of them hundreds of pages long, on how they’d like it to be designed and what the requirements are,” explains David Weston, vice president of enterprise and OS security at Microsoft, in an interview with The Verge.
Hawaiian Airlines Hit by Cybersecurity Incident
Hawaiian Airlines has been hit by a cybersecurity incident, impacting some of its IT systems. The US airline disclosed the “cybersecurity event” in two updates posted on its website on June 26. The company said it has taken steps to safeguard operations and that flights are operating safely and as scheduled. “As we navigate the ongoing event, we remain in contact with the appropriate experts and federal authorities. We will provide updates as more information is available,” a statement at 16.00 PST on June 26 read.
