disruption Archives

Tech Optimizer

February 22, 2025

How Mindbody improved query latency and optimized costs using Amazon Aurora PostgreSQL Optimized Reads

Mindbody utilizes a cloud-based platform for the fitness and wellness industry, offering services such as client booking, scheduling, payments, marketing, and analytics. Their email marketing platform is built on an Aurora PostgreSQL cluster, currently at version 13.8, with a size of approximately 17 TB and a workload distribution of 80% reads and 20% writes. Mindbody faced scaling and performance challenges due to architectural limitations and increasing data demands, leading to all workloads being directed to the writer node. The average BufferCacheHitRatio was below 80%, indicating frequent disk access rather than cache hits, contributing to higher query latencies and I/O costs. To address these issues, Mindbody adopted Aurora Optimized Reads, which enhances caching capacity and improves latency and throughput for I/O-intensive workloads. Transitioning required upgrading the database cluster to version 14.9 or higher, and extensive testing was conducted in a proof-of-concept environment. The upgrade process involved a blue/green deployment strategy to minimize production disruption. After implementing Aurora Optimized Reads, Mindbody experienced significant performance improvements, including a 50% reduction in average daily CPU utilization and a 90% reduction in ReadIOPS. The AuroraOptimizedReadsCacheHitRatio indicated that 85% of read requests were served from the optimized cache. Cost analysis revealed a 23% reduction in monthly Aurora costs post-transition, with potential for further savings by downsizing instances.

Winsage

February 18, 2025

New patch for Windows 11 24H2 reportedly plays havoc with File Explorer, and some folks are claiming it’s broken their PC

Microsoft's cumulative update for Windows 11, patch KB5051987, has caused significant issues for users of the 24H2 version. Problems include File Explorer failing to open essential folders like Documents and Pictures, difficulties accessing File Explorer through search or shortcuts, and widespread installation failures. Users report the update process stalling, prolonged installation times, critical system errors, and instances of Blue Screens of Death, which can render Windows 11 inoperable. The issues persist even in clean installations of Windows 11, and there are currently no widely recognized workarounds, though disabling Windows Sandbox has been suggested for Pro edition users. Reports of installation failures and system crashes continue, leading to caution among users regarding the update.

Winsage

February 14, 2025

Windows Server 2022 KB5051979 released, direct download .msu

The February 2025 security patch for Windows Server 2022, KB5051979, resolves issues with Digital-to-Analog Converter (DAC) devices and USB peripherals that previously displayed error code 10. It upgrades the system to Build 20348.3207, fixing a memory leak related to predictive input ideas and issues with the Device Health Attestation service. The update also addresses crashes related to symbolic links and acknowledges lingering harmless errors from the January 2025 update, specifically concerning the System Guard Runtime Monitor Broker Service. Users of OpenSSH and Citrix may face conflicts due to the January update. Some fixes are also applied to Windows 10 with KB5051974. Additionally, Microsoft has resolved a boot error in Windows Server 2025 and released cumulative updates KB5051989 and KB5051987 for Windows 11.

Tech Optimizer

February 14, 2025

XELERA Ransomware Attacking Job Seekers With Weaponized Word Documents

Job seekers are targeted by a ransomware campaign called "XELERA," which uses counterfeit job offers from the Food Corporation of India (FCI) to lure victims. The campaign begins with spear phishing emails containing a malicious Word document named “FCEI-job-notification.doc.” This document hides an OLE object that extracts a compressed PyInstaller executable called “jobnotification2025.exe,” which is designed to evade antivirus detection. The malware's structure includes a core script (mainscript.pyc) and supporting libraries for system monitoring and network operations. A Discord bot serves as a Command-and-Control server, allowing remote command execution, including privilege escalation, system control, credential theft, and visual disruption. The final stage of the attack involves deploying the XELERA ransomware, which demands a ransom in Litecoin and includes functions to terminate Windows Explorer and download a tool for MBR corruption.

Winsage

February 13, 2025

Russian state threat group shifts focus to US, UK targets

A report from Microsoft reveals that the Russian state-sponsored threat group known as Seashell Blizzard has shifted its operational focus to exploiting public vulnerabilities in internet-facing systems. This subgroup, associated with the Russian Military Intelligence Unit 74455 (GRU), has been conducting operations under the "BadPilot campaign," allowing them to maintain long-term access to compromised systems since at least 2021. They have been responsible for at least three destructive cyberattacks in Ukraine since 2023 and are now targeting a broader range of industries globally, including energy, telecommunications, and government sectors. Since early 2024, they have exploited vulnerabilities in software such as ConnectWise ScreenConnect and Fortinet FortiClientEMS, indicating a "spray and pray" approach to achieve compromises at scale. The group has adapted to exploit various public vulnerabilities, including critical issues in applications like Microsoft Exchange and Zimbra Collaboration, demonstrating their capability to leverage weaknesses in essential systems. Microsoft describes Seashell Blizzard as a key component of Russia's cyber strategy, particularly in efforts to destabilize Western institutions.

Winsage

February 12, 2025

Windows 10 KB5051974 update adds a new app without asking

Microsoft has released the KB5051974 cumulative update for Windows operating systems versions 22H2 and 21H2, which includes essential security fixes and addresses a memory leak issue. This mandatory update introduces the new Outlook for Windows app, which can run alongside the classic version, allowing users to transition at their own pace. The update resolves several issues, including: - Fixing the code 10 error message stating, “This device cannot start,” after the January 2025 security update. - Removing automatic suggestions from Bing in the search box for alternative search engines like Baidu. - Restoring functionality for USB audio devices using a digital-to-analog converter (DAC). - Correcting a problem where USB cameras failed to recognize when powered on. - Mitigating an issue that drained virtual memory, potentially causing applications to malfunction. The classic Outlook app is set to be retired in April 2026, prompting Microsoft's push towards the new app.

AppWizard

February 12, 2025

Facebook Messenger down and out for over an hour

On February 11, 2025, Facebook Messenger experienced a significant outage starting around 2 p.m. local time in Vietnam, affecting users' ability to send and receive messages, particularly on the desktop version. Reports of issues surged to nearly 1,000 cases within an hour, according to Downdetector. Users reported slow and unstable service, with some unable to access the desktop version at all. By 3:10 p.m., some users began to regain access, but new outage reports continued to be logged. This incident followed previous outages affecting Meta's services, including a December 12, 2024 outage lasting over four hours, a March 2024 disruption lasting about an hour, a global outage in 2021 lasting six hours due to a configuration error, and a 24-hour connectivity loss in 2019.

AppWizard

February 12, 2025

Users complain about Messenger crash: what problems are reported

Facebook Messenger is experiencing significant disruptions, with 91% of user complaints related to difficulties in sending messages, 6% concerning app issues, and 3% regarding voice messaging features. The problems began around 8:30 a.m. on February 11, with reports from Ukrainian users emerging after 9:30 a.m. The peak of the outage occurred at 9:39 a.m.

Winsage

February 10, 2025

Windows 11: Microsoft sets status of issue to resolved without providing a solution

In late December 2024, Microsoft acknowledged an issue affecting the installation of updates on certain Windows 11 devices, specifically those set up using installation media containing the October or November 2024 security updates. The affected devices are those running Windows 11, version 24H2, installed via media that included these updates. Microsoft proposed a workaround involving the reinstallation of Windows 11 using updated installation media that includes the December 2024 security updates or later. As of February 6, 2025, Microsoft marked the issue as resolved, but did not provide a definitive solution for impacted users, leaving them with concerns about data loss and limited options for restoring update functionality.

Winsage

February 9, 2025

Are you unable to get security updates for Windows 11 24H2? Here’s the likely reason why, and the fix to get your PC safe and secure again

Users of Windows 11 24H2 who installed the OS via USB drives may face issues receiving security updates due to flawed installation packages from Microsoft based on updates released in October and November 2024. Microsoft acknowledged that devices installed with these packages might not accept further security updates. This problem does not affect users who installed Windows 11 24H2 through the Windows Update feature. Microsoft first recognized the issue on December 24, 2024, and it has since been marked as 'resolved.' Affected users are advised to reinstall Windows 11 24H2 using the December 2024 version or later, while backing up their files beforehand.