I-TeamViewer Iqinisekisa Ukuphulwa Kwenethiwekhi, Ukuvuza Kwe-Microsoft Ngengozi: I-Cybersecurity Roundup Yakho

Isibhengezo sezindaba ze-Cybersecurity esinesihloko sokwephulwa kwenethiwekhi

I-TeamViewer Iqinisekisa Ukuphulwa Kwenethiwekhi Yenkampani Ngabagebengu Besifunda SaseRussia

I-TeamViewer, umhlinzeki ohamba phambili womhlaba wonke wesoftware yokufinyelela nokulawula ukude, iqinisekise ukuhlasela kwe-inthanethi okuhlosiwe endaweni yayo yangaphakathi ye-IT, okubangelwa iqembu elidume kabi lokugebenga elixhaswe nguhulumeni waseRussia i-APT29, elaziwa nangokuthi Midnight Blizzard.

Ukwephulwa komthetho, okutholwe ekuqaleni ngoJuni 26, 2024, kuhilela ukuchithwa kwe-akhawunti yesisebenzi, ukunikeza abahlaseli ukufinyelela kudatha yenkomba yesisebenzi, okuhlanganisa amagama, abathintwayo. Imininingwane, kanye namaphasiwedi abethelwe. Kodwa-ke, i-TeamViewer iqinisekisa ukuthi isigameko saqukethwe ngokushesha futhi asizange sidlulele endaweni yayo yomkhiqizo, inkundla yokuxhuma ye-TeamViewer, nanoma iyiphi idatha yekhasimende.

Lokhu kuhlasela kulandela iphethini ye-APT29 eqondise izinkampani zobuchwepheshe, ikakhulukazi i-Microsoft kanye ne-Hewlett Packard Enterprise, ukuze bathole ukufinyelela olwazini olubucayi futhi basebenzise amathuba okuhlinzeka. Iqembu laziwa ngamakhono alo obunhloli athuthukile kanye nemizamo eqhubekayo yokuhlala ngaphansi kwe-radar ngenkathi lenza imisebenzi enesibindi.

I-TeamViewer ithathe isinyathelo esisheshayo ukulungisa lesi sigameko, isebenzisana ne-Microsoft kanye Ukuphepha kwe-cyber ochwepheshe ukuze baphenye futhi balungise ukuphulwa. Inkampani iphinde yazisa iziphathimandla ezifanele futhi isebenzela ukuqinisa izinyathelo zayo zokuphepha zangaphakathi ukuze kuvinjelwe ukuhlaselwa okuzayo.

I-Microsoft Leak Yengozi Iveza Ikhodi ye-PlayReady DRM, Iphakamisa Ukukhathazeka Ngezinsizakalo Zokusakaza

Unjiniyela we-Microsoft uputshuze ngokungazi ikhodi yangaphakathi ehlobene ne-PlayReady, isistimu yokuphatha amalungelo edijithali yenkampani yamafayela emidiya, enkundleni yomphakathi. Lokhu kuvuza kwe-4GB kungase kuvumele ubunjiniyela obuhlehlayo noma ukuqhekeka kokubethela kwe-PlayReady, ukuvikela okukhiphayo, nezici ze-DRM, okungase kube nomthelela kumasevisi amakhulu okusakaza afana ne-Netflix ne-HBO Max. 

Ikhodi eputshuziwe itholwe efayeleni elinamathiselwe kokuthunyelwe mayelana nokuphahlazeka kwesevisi ye-Apple TV. Abacwaningi bakwazile ukwakha umtapo wezincwadi weWindows PlayReady DLL besuka kukhodi eputshuziwe, baphinde bahlonza ubungozi ezingxenyeni ze-PlayReady's Protected Media Path. Lobu bungozi bungase buvumele abahlaseli ukuthi basuse ukubhala phansi amamuvi anencazelo ephezulu futhi bafinyelele okhiye bokuqukethwe Windows 10 kanye nezinhlelo ze-11.

I-Microsoft isuse okuthunyelwe kwenkundla ngemuva kokwaziswa ngokuputshuka, kodwa isigameko siphakamisa ukukhathazeka okukhulu mayelana nokuphepha kwe-PlayReady namandla umthelela embonini yokusakaza amavidiyo. 

I-Google Chrome izonqamula Ubudlelwano Nezitifiketi Zokuphathisa Ngenxa Yokungaphumeleli Okuphindaphindiwe Kokuvikela

I-Google imemezele isinqumo esibalulekile sokungathembi izitifiketi ezikhishwe i-Entrust, isiphathimandla sezitifiketi esikhulu, kusiphequluli sayo se-Chrome kusukela ngoNovemba 1, 2024. Lesi sinyathelo siza ngemva kweminyaka yokukhathazeka okubhaliwe mayelana nokuhluleka kokuthobela kwe-Entrust kanye nokungaphenduli ngokwanele ezigamekweni zokuphepha.

Isinqumo sigqamisa indima ebalulekile edlalwa yiziphathimandla zezitifiketi ekugcineni ukuphepha nobuqotho be-inthanethi. Ukungakwazi kuka-Etrust ukukwazi ukusekela izindinganiso eziphakeme ezilindelwe ku-CA ethenjwayo kuqede ukuzethemba ekhonweni layo lokuvikela ukuxhumana okubethelwe phakathi kweziphequluli namawebhusayithi.

Ithimba lezokuphepha le-Chrome le-Google ligcizelele iphethini yokuphathelene nokuziphatha okuvela ku-Etrust, okuhlanganisa ukwehluleka ukufeza izibopho ezenziwe kunqubomgomo kanye nokuphendula izehlakalo ezidalulwe esidlangalaleni. Bathi, le phethini idala ubungozi ohlelweni olubanzi lwe-inthanethi ecosystem futhi idinga ukususwa kokuthenjwa okuzenzakalelayo kuzitifiketi ze-Entrust.

Nakuba lolu shintsho luzothinta ngokuyinhloko abasebenzisi be-Chrome ku-Windows, macOS, ChromeOS, Android, ne-Linux, labo abaku-iOS ne-iPadOS bazohlala bengathinteki ngenxa yezinqubomgomo ezithile ze-Apple. Abasebenzisi abafinyelela amawebhusayithi ngezitifiketi ze-Etrust bazohlangabezana nomlayezo oyisixwayiso obonisa uxhumano olungaphephile.

Abasebenzi bewebhusayithi abathembele kuzitifiketi ze-Entrust bayelulekwa ngokuqinile ukuthi badlulele esiphathimandla esihlukile sesitifiketi esithenjwe esidlangalaleni ngaphambi komnqamulajuqu wangomhla ka-1 Novemba ukuze bagweme ukuphazamiseka okungaba khona futhi bagcine ukuxhumana okuphephile kwabasebenzisi.