Gary Langston

  The latest Windows 11 cumulative updates (24H2 and 25H2) released since July 2025 have introduced a bug that can cause the Taskbar, Start Menu, and File Explorer to crash or fail to load, especially in enterprise or managed environments. Microsoft has acknowledged the issue but has not yet released a permanent fix. What’s Happening Affected Versions: Windows 11 24H2 and 25H2 after updates like KB5062553 (July 2025) , KB5065789 (September 2025 preview) , and KB5066835 (October 2025) . Symptoms: Taskbar disappears or fails to render. Start Menu won’t open, sometimes showing critical error messages. File Explorer crashes immediately after login. Settings app silently fails to launch. Users may log into a blank desktop with no usable interface. Cause: A race condition during login prevents key XAML interface packages (MicrosoftWindows.Client.CBS, Microsoft.UI.Xaml.CBS, MicrosoftWindows.Client.Core) from registering in time. Since these packages are required for the Wind...

Cyber Monday brings incredible deals—but it also attracts cybercriminals looking to exploit shoppers . Fraudsters use fake websites, phishing emails, and misleading ads to steal money, personal information, or identities. Common Scams Fake retailer sites : Look-alike domains with odd spellings or missing security (no HTTPS). Phishing emails & texts : “Exclusive deals” or “delivery issues” that link to malicious sites. Too-good-to-be-true offers : Deep discounts on electronics, gift cards, or luxury items. Charity scams : Fraudulent donation sites targeting Giving Tuesday generosity. How to Stay Safe Shop only on trusted, secure websites (look for HTTPS). Type retailer URLs directly— don’t click links in emails or ads. Use credit cards for stronger fraud protection. Compare prices across trusted platforms to spot fake “discounts.” Verify charities before donating. Report Fraud If you suspect a scam: Contact your bank or credit card provider immediately . Report ...

  CodeRED emergency alert system is currently down across many regions in the U.S. following a ransomware attack on its vendor, Crisis24. The incident has disrupted critical emergency communications and exposed user data. What Happened Attack Type : Ransomware Threat Actor : INC ransomware group Target : OnSolve CodeRED platform (owned by Crisis24) Impact : Emergency alerts (weather, missing persons, terror threats) are unavailable in many municipalities. Personal data compromised : names, addresses, emails, phone numbers, and passwords used to create CodeRED accounts. Key Details Date of Outage : Began in early November 2025, publicly confirmed Nov 26 Scope : Hundreds of municipalities affected nationwide Response : Crisis24 is migrating customers to a new CodeRED platform hosted in a separate, hardened environment. Some cities (e.g., Douglas County, CO) have terminated their CodeRED contracts and are seeking replacements. Others are using social media, door-...

  Microsoft is enhancing Entra ID authentication security by enforcing a stricter Content Security Policy (CSP) that blocks external script injection starting in mid-to-late October 2026. This change will prevent unauthorized scripts from executing during browser-based sign-ins. What’s Changing in Entra ID Authentication As part of Microsoft’s Secure Future Initiative , Entra ID will implement a hardened Content Security Policy (CSP) for sign-in pages hosted at login.microsoftonline.com . This update will: Block external script injection , including inline scripts from untrusted sources. Allow only scripts from Microsoft-trusted domains (e.g., Microsoft CDN). Mitigate cross-site scripting (XSS) and other injection-based attacks during authentication. This change does not affect Microsoft Entra External ID or non-browser-based sign-in experiences. What Admins Should Do To prepare for the rollout: Stop using browser extensions or tools that inject scripts into the En...

  Microsoft is currently experiencing an Exchange Online outage today (Nov 25, 2025). The issue is preventing many users from connecting to their mailboxes via the classic Outlook desktop client, with impact reported across Asia Pacific and North America. Microsoft has acknowledged the incident under ID EX1189820 and is actively investigating.  As a workaround, users can still access mailboxes through Outlook on the Web (OWA) Details of Today’s Exchange Outage Incident ID : EX1189820 Start Time : 09:57 AM UTC (Nov 25, 2025) Impact : Users unable to connect to Exchange Online mailboxes in the classic Outlook desktop client. Login and server connection failures reported. Regions Affected : Asia Pacific and North America. Workaround : Microsoft advises using Outlook on the Web (OWA) until the issue is resolved. Additional Issue : A separate incident is also affecting search functionality in the Outlook desktop client, acknowledged earlier today at 05:05 AM UTC. ...

  What Happened? On November 12, 2025 , SitusAMC detected unauthorized access to its systems. Hackers exfiltrated sensitive corporate and client-related data. The attack did not involve ransomware or encrypting malware , suggesting the goal was data theft rather than disruption. [techcrunch.com] Data Impacted Corporate data : Accounting records, legal agreements, and internal contracts. Client-related data : Information tied to residential mortgage loans, which may include personally identifiable information (PII) such as Social Security numbers and financial details. The exact scope and number of affected individuals is still under investigation. [ibtimes.co.uk] Who Is Affected Major U.S. banks including JPMorgan Chase, Citigroup, and Morgan Stanley were notified that their data may have been exposed. SitusAMC works with hundreds of lenders, so the potential ripple effect across the financial sector is significant. [webpronews.com] SitusAMC has contained the breach,...

What is Ghost Tapping? Imagine you have a magic card that buys things when you tap it on a special machine. That magic works because the card and the machine can “talk” when they’re really close—like whispering secrets. Ghost Tapping is when a sneaky person uses that magic without asking you. How do they do it? Bump-and-Scan: Picture someone with a secret machine hiding in their pocket. If they bump into you in a busy place, their machine can “whisper” to your card and take a little bit of money—without you even noticing. Fake Seller: They act like they’re selling something or collecting donations. They might charge way more than you agreed. Or they rush you so you don’t see the real price before you tap. How can you stay safe? Use a Shield: Keep your card in a special wallet that blocks signals (called RFID protection). Be Alert: Don’t use tap-to-pay in crowded places and keep your card close. Turn on Alerts: Make sure your bank sends you a message every tim...

Type: OS Command Injection vulnerability (CWE-78) Affected Product: Fortinet FortiWeb (Web Application Firewall) Affected Versions: 8.0.0 – 8.0.1 7.6.0 – 7.6.5 7.4.0 – 7.4.10 7.2.0 – 7.2.11 7.0.0 – 7.0.11 [nvd.nist.gov] , [cvedetails.com] Description The vulnerability is caused by improper neutralization of special elements used in OS commands . An authenticated attacker can exploit this flaw by sending crafted HTTP requests or CLI commands , allowing them to execute arbitrary code on the underlying system. This can compromise the integrity, confidentiality, and availability of the device. [nvd.nist.gov] , [cvedetails.com] Severity CVSS v3.1 Base Score: 7.2 (High) Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction: None Impact: High on Confidentiality, Integrity, and Availability [cvedetails.com] Exploitation Status Actively Exploited: Yes. Fortinet confirmed expl...

  Chrome Type Confusion Zero-Day vulnerability What Happened Google released an emergency security update for Chrome to patch a zero-day vulnerability actively exploited in the wild . The flaw is tracked as CVE-2025-13223 , rated High severity (CVSS 8.8) , and affects the V8 JavaScript and WebAssembly engine used by Chrome and other Chromium-based browsers (Edge, Brave, Opera, Vivaldi). [thehackernews.com] , [bleepingcomputer.com] , [gbhackers.com] Nature of the Vulnerability Type Confusion occurs when the browser misinterprets an object’s type, leading to memory corruption . Attackers can exploit this via a crafted HTML page , potentially achieving: Heap corruption Arbitrary code execution Full system compromise if chained with other exploits. [computerworld.com] , [theregister.com] Active Exploitation Google confirmed that an exploit for CVE-2025-13223 exists in the wild . Evidence suggests commercial spyware vendors or nation-state actors may be behin...

  What Happened Cloudflare, a major internet infrastructure provider, experienced a global outage early Tuesday morning. The issue began around 6:00 AM ET and caused widespread HTTP 500 errors , impacting Cloudflare’s Dashboard, API , and services that rely on its network. Popular platforms like X (Twitter), ChatGPT, Spotify, Uber, Canva, League of Legends , and even Downdetector (which tracks outages) were affected. Some government and transit services also reported disruptions. [engadget.com] , [pcmag.com] , [securityweek.com] Cloudflare confirmed the outage was not a cyberattack . The root cause was a latent bug in its bot mitigation service , triggered by a routine configuration change . This bug cascaded into a broad network degradation, affecting multiple services globally. [pcmag.com] , [securityweek.com] , [techcrunch.com] Initially, Cloudflare also observed an unusual traffic spike , which contributed to the errors, but the main culprit was the bug. [cnbc.com] , ...

  Why Tiering Mission Data Matters 1. Cloud is resilient — but not invincible. Even with Azure’s robust DDoS mitigation, a 15+ Tbps attack shows that single-point cloud dependencies can be risky. Tiering lets you isolate critical workloads from public exposure. 2. Hybrid and on-prem tiers offer latency and control. For banking, fraud prevention, and compliance workloads, on-prem or hybrid tiers can: Reduce exposure to internet-based threats Improve response times for internal systems Ensure data sovereignty and auditability 3. Tiering enables graceful degradation. If public cloud services are throttled or disrupted, local tiers can maintain core operations — especially for authentication, transaction processing, or alerting systems. 4. Strategic segmentation supports incident response. By separating tiers (e.g., public-facing apps vs. internal fraud engines), you can: Limit blast radius Prioritize recovery Maintain foren...

  A critical Fortinet FortiWeb vulnerability is currently being exploited in the wild using a public proof-of-concept (PoC) . Here are the key details: What is the flaw? It’s an authentication bypass / path traversal vulnerability in FortiWeb WAF. Exploitation allows attackers to create new admin accounts without authentication , giving full control of the device. The vulnerable endpoint is: /api/v2.0/cmdb/system/admin%3F/../../../../../cgi-bin/fwbcgi Attackers send crafted HTTP POST requests to this path with payloads that create admin-level accounts. Example usernames seen: Testpoint , trader1 , trader Example passwords: 3eMIXX43 , AFT3$tH4ck , AFT3$tH4ckmet0d4yaga!n . [bleepingcomputer.com] Affected Versions FortiWeb 8.0.1 and earlier are vulnerable. Fixed in 8.0.2 (released end of October 2025). No official CVE or advisory yet from Fortinet, but multiple security researchers confirmed the exploit works on older versions. [thehackernews.com] Public Explo...

Microsoft’s November 2025 Patch Tuesday addresses 63 vulnerabilities, including one actively exploited zero-day in the Windows Kernel. It also introduces key updates for Windows 11 and extended support for Windows 10. Security Fixes Overview Total vulnerabilities patched: 63 flaws Zero-day vulnerability: CVE-2025-62215 — Windows Kernel Elevation of Privilege Exploited via a race condition to gain SYSTEM privileges Critical vulnerabilities (4 total): 2 Remote Code Execution (RCE) flaws 1 Elevation of Privilege 1 Information Disclosure Windows 11 Enhancements (KB5068861) Start Menu redesign: Scrollable “All apps” section Grid/category views Phone Link integration Taskbar battery icon: Color-coded status (green/yellow/red) Optional battery percentage display Task Manager fix: Resolves issue where Task Manager stayed running after being closed Gaming device improvements: Fixes battery drain and controller lag on handhelds Storage Spaces fix: Resolves cluster se...

  Cisco UCCX Vulnerability (CVE-2025-20354) Cisco recently patched a critical vulnerability in its Unified Contact Center Express (UCCX) software that could allow unauthenticated remote attackers to execute arbitrary commands with root privileges on affected systems.   How the Exploit Works There are two major flaws involved: 1.            CVE-2025-20354 – Java RMI Remote Code Execution •             Component Affected: Java Remote Method Invocation (RMI) process in Cisco UCCX. •             Root Cause: Improper authentication mechanisms tied to specific UCCX features. •             Exploit Method: An attacker can upload a crafted file via the Java RMI interface. •             Impact: The file ...

   Key Change: Annual Release Cadence Starting with version 2609 in September 2026 , Microsoft Configuration Manager will shift from a semi-annual to an annual release cycle . This change is now officially confirmed and documented by Microsoft. [techcommun...rosoft.com] Upcoming Release Timeline Here’s what the roadmap looks like: 2509 (December 2025) : Focus on stability and quality , including ARM64 support . 2603 (March 2026) : Emphasis on enhanced security , aligned with the Microsoft Secure Future Initiative . 2609 (September 2026) : First official annual release . 2709 (September 2027) : Future-focused release (details TBD). Why the Change? Microsoft is aligning Configuration Manager with the Windows client security and stability cadence (H2) . The goal is to: Improve predictability for IT teams. Prioritize security and reliability over frequent feature updates. Encourage a gradual transition to Microsoft Intune , which is now the primary platform for i...

  Security Advisory: Preventing Data Leaks in Azure Cloud Environments   Overview Cloud misconfigurations—especially in storage services like Azure Blob Storage—are among the most common causes of data leaks. This advisory outlines key steps to secure your Azure environment and avoid accidental exposure of sensitive data. Best Practices for Azure Cloud Security 1. Storage Access Controls Disable public access to Blob Storage unless explicitly required. Use Shared Access Signatures (SAS) for temporary, scoped access. Apply role-based access control (RBAC) to restrict permissions. 2. Data Encryption Enable encryption at rest using Azure-managed keys or customer-managed keys. Use TLS encryption in transit for all data transfers. 3. Configuration Management Implement Infrastructure as Code (IaC) tools (e.g., Terraform, Bicep) with version control. Use Azure Policy to enforce compliance (e.g...

 A major data exposure incident involving Microsoft Azure occurred in late October 2025, when Ernst & Young (EY) —one of the Big Four accounting firms— inadvertently left a 4-terabyte SQL Server backup file publicly accessible on Azure Blob Storage. Here's a breakdown of what happened: Incident Summary What was exposed : A .BAK file containing a full SQL Server database backup. Size : 4 terabytes—equivalent to millions of documents. Contents : Database schemas and stored procedures API keys, session tokens, user credentials Authentication tokens and service account passwords Potentially sensitive financial and audit data. [cybersecur...tynews.com] How It Happened The exposure was not due to a hack , but a cloud misconfiguration : During a cloud migration , an engineer mistakenly set the backup file to public instead of private. The file was unencrypted , compounding the risk. [sdxcentral.com] Neo Security , a cybersecurity firm, discovered the file dur...

  Today’s disruptions across Microsoft Azure and Amazon Web Services (AWS) were significant, but they’re not signs of cloud computing’s demise. Instead, they underscore the risks of centralization and the importance of designing systems that can withstand provider-level failures. What happened today? • Microsoft Azure outage: Azure’s Front Door service suffered a major disruption due to a misconfiguration, impacting services like Outlook, Xbox, Microsoft 365, and even third-party platforms like Starbucks and Alaska Airlines. The Azure website states a little more than disruption. "Azure Front Door - Connectivity issues - Observing recovery Starting at approximately 16:00 UTC on 29 October 2025, customers and Microsoft services leveraging Azure Front Door (AFD) may have experienced latencies, timeouts, and errors. We have confirmed that an inadvertent configuration change was the trigger event for this issue. Affected Azure services may have included, but were not limited to: App S...

 Microsoft has just released an emergency out-of-band (OOB) update for Windows 11 to fix critical issues introduced in the October 2025 Patch Tuesday update (KB5066835). Here's what you need to know:  What Went Wrong • Broken Localhost Connections: The update disrupted HTTP/2 connections to , affecting developers and apps relying on local servers like IIS and ASP.NET. • WinRE Failure: USB keyboards and mice stopped working in the Windows Recovery Environment (WinRE), leaving users unable to troubleshoot or recover their systems. • Peripheral Issues: Logitech devices and File Explorer previews were also affected.  Emergency Fix: KB5070773 Microsoft has issued KB5070773 to resolve these problems: • Restores USB functionality in WinRE for Windows 11 versions 24H2 and 25H2. • Fixes the localhost regression caused by HTTP.sys mishandling HTTP/2 handshakes.  How to Get the Update • Automatic Installation: The update is rolling out via Windows Update and will in...

  Don't throw out that old computer just yet, give that older model system a make over while keeping up with security and free application cross overs.  🧩 Best for Windows Users (Easy Transition) These look and feel most like Windows. Zorin OS 🖥️ Interface similar to Windows 10/11. 🧰 Preinstalled software (LibreOffice, browser, media player). 💪 Very stable (based on Ubuntu). 🎯 Great for general users, offices, and older hardware. Linux Mint (Cinnamon Edition) 🪟 UI is almost identical to Windows. 🧠 Simple learning curve, light on resources. 🔒 Secure and regularly updated. 💡 Perfect for replacing Windows 10 on older PCs. Ubuntu (with GNOME or Mate Desktop) 🌍 One of the most popular and supported distros. 🛠️ Tons of community help and documentation. 📦 Easy software installation via “Ubuntu Software Center.” ⚡ For Performance and Old Computers Great if you want something faster than Windows 10. Lubuntu 🪶 Lightweigh...