3 – Breaking News & Latest Updates 2026
Skip to main content
The homepageThe VergeThe Verge logo.
The homepageThe VergeThe Verge logo.

Cyber Security Archive

Archives for August 2024

Tom Warren
Tom Warren
CrowdStrike explains root cause of its giant IT outage.

CrowdStrike blamed testing software for taking down 8.5 million Windows machines last month, but now a full root cause analysis offers more details. The main issue was a mismatch between the input fields expected by CrowdStrike’s Falcon driver and the ones supplied in a content update. CrowdStrike is now promising to better test updates and is using two independent third-party software security vendors to review its sensor code and release processes.

Falcon Content Update Remediation and Guidance Hub

[crowdstrike.com]

Wes Davis
Wes Davis
How far would you go to open an unsigned Mac app?

If you update to macOS Sequoia, you’ll have to go to Settings > Security & Privacy and approve the app on first open, because Apple is taking away the current right-click (ctrl-click) workaround.

The warning signifies the developer never had Apple malware scan and notarize the app. Sensible security step or not, I’ll still grumble every time I have to open Settings to run something.

A screenshot warning that an app can’t be verified.
I just want to open my apps.
Screenshot: macOS
Microsoft says Delta ignored Satya Nadella’s offer of CrowdStrike helpMicrosoft says Delta ignored Satya Nadella’s offer of CrowdStrike help
Richard Lawler
Richard Lawler
Android’s August security patch fixes a zero-day flaw that may be under “targeted” attack.

BleepingComputer points out the notes for this month’s Android security patch, with fixes for flaws that could allow someone to take over your device. The 2024-08-05 patch level specifically addresses a kernel flaw tagged CVE-2024-36971 which “may be under limited, targeted exploitation” already, so be sure to update your devices ASAP.

Android Security Bulletin—August 2024  |  Android Open Source Project

[Android Open Source Project]

Every Microsoft employee is now being judged on their security workEvery Microsoft employee is now being judged on their security work
CrowdStrike says it’s not to blame for Delta’s days-long outageCrowdStrike says it’s not to blame for Delta’s days-long outage
Jennifer Pattison Tuohy
Jennifer Pattison Tuohy
Consumer Reports is naming and shaming smart home companies without proper security vulnerability reporting.

Level, Chamberlain, Moen, Aqara, and Lutron are just some of the manufacturers the publication reports lack a dedicated way for security researchers to flag vulnerabilities — meaning a malicious hacker could potentially take advantage of a flaw before the company knows about it.

Check out the full report to see who’s on the naughty list — and who made the nice list.

Who Ya’ Gonna Call? Why IoT Companies Should Embrace Vulnerability Disclosure Programs

[Innovation at Consumer Reports]

Delta CEO: ‘When was the last time you heard of a big outage at Apple?’Delta CEO: ‘When was the last time you heard of a big outage at Apple?’
Sarah Jeong
Sarah Jeong
The Cybersecurity and Infrastructure Security Agency has hired its first Chief AI Officer.

This was mandated for all federal agencies back in March, so expect more of these kinds of announcements.

CISA’s general ambit means this hire is a tad bit more significant than the average Chief AI Officer — the agency deals with foreign influence operations and election cybersecurity, for instance. (In 2020, the agency’s head was yeeted by Trump for saying that the election had in fact been safe and secure.)

CISA Names First Chief Artificial Intelligence Officer | CISA

[Cybersecurity and Infrastructure Security Agency CISA]

Most Popular

Most Popular
  1. Trump fires the entire National Science Board
  2. The US gets the worst phones
  3. Alex Jones has uncovered another massive conspiracy
  4. 360-degree cameras have a new superpower
  5. The most exciting laptop I’ve seen in forever