Jada's Tech Tips

New Vulnerability Added in Windows 10 Software List of Exploited Security Weak Spots CISA recently came out with an announcement that Microsoft COM contains a deserialization of untrusted data vulnerability that allowed for privilege escalation and remote code execution.  It was recommended that users should stop using the software or to utilize a patch through windows. Criminals are preying on Windows users because of this vulnerability, and some peoples goals are to install keyloggers to steal credentials and take screenshots. The most common keylogger is found on a Russian crime forums, and spread through emails that include docx, xlsx, and pdfs. Read more here: https://www.usatoday.com/story/tech/news/2024/08/06/windows-vunerabilities-hackers/74694219007/

 Biden's Impact On Cybersecurity With Bidens presidential term coming to an end, there are plenty of articles about what went right and what went wrong. This week I found an article on how the current president affected the nations information-security shields. In 2021 Biden issued an executive order on cybersecurity that contained goals, tasks, and deadlines for many agencies. A main goal of this executive order is to stop putting the burden of security on customers, and to put more focus on the companies making these products. I think this is a great idea, given that most people do not recognize many of the flaws within software/technology. Biden had also been able to upgrade security standards for government contracts and has set up a cybersafety review board. Overall, I think he has done at least a couple good things for the tech world. You can read more here: https://www.fastcompany.com/91167716/biden-administration-cybersecurity-improvements-executive-order-analysis...

 CrowdStrike Sued! Following the recent global cyber outage, the company in which caused it is getting sued by shareholders. The lawsuit claims that CrowdStrike made false and misleading claims about its software testing. This is a big deal because the issue that caused the outage was a faulty software update If the company did make these false claims, the shareholders will probably win the lawsuit, but CrowdStrike is sticking to their word that these claims are not true. The outage crashed over eight million computers, causing the whole world to be effected, but now all computers should be back to normal. CrowdStrike claims there was problematic content data within a file that went undetected, and that their testing of software is functioning and was not the issue. CrowdStrike also claims they would be able to prevent this from happening again, but I don't know if they are trustworthy at this point. Read more here: https://www.bbc.com/news/articles/cy08ljxndr4o