Technology

Microsoft has admitted it lost more than two weeks of security logs for some of its cloud products, raising potentially concerning security risks.

Microsoft reportedly users about the problem, saying the loss was not due to a security incident or an attack, but rather came as a result of a software flaw.

“A bug in one of Microsoft’s internal monitoring agents resulted in a malfunction in some of the agents when uploading log data to our internal logging platform,” Microsoft was cited saying. The malfunction took place between September 2 and September 19.

Entra, Sentinel, and others

Logs are important because they help IT teams keep track of possible intrusions and other cyberattacks, so not having this information for more than two weeks puts the users at risk.

As per the reports, the malfunction affected a couple of products: Microsoft Entra, Sentinel, Defender for Cloud, and Purview. Affected customers “may have experienced potential gaps in security related logs or events, possibly affecting customers’ ability to analyze data, detect threats, or generate security alerts,” the company said in the notification.

TechCrunch reached out to John Sheehan, a Microsoft corporate vice president, who did not share more details about the bug, but did say that Microsoft fixed it: “We have mitigated the issue by rolling back a service change. We have communicated to all impacted customers and will provide support as needed,” he told the publication.

Logs are records of events and actions generated by applications or systems. They are used for debugging issues, monitoring performance, and auditing security. By capturing information about the system's operation, logs help developers troubleshoot problems, track system health, and identify potential security threats. That makes them a crucial tool in spotting and tackling cyberattacks.

Via TechCrunch

More from TechRadar Pro

• The difference between no-logs and zero-logs VPNs – and why it matters
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now

See what our CNET sleep experts think of Helix's latest mattress, the Helix Plus.

A critical vulnerability in the Kubernetes Image Builder has been detected allowing threat actors to access different Virtual Machine (VM) images with ease. A patch is already available, so if you’re using the image building tool, make sure to update it to the latest version as soon as possible.

Kubernetes Image Builder is a tool that helps build and maintain container images for Kubernetes environments. It simplifies the building, packaging, and deployment of containerized applications by generating optimized and reproducible images ready for Kubernetes clusters.

However, when one builds a Kubernetes VM image, it comes with a set of default credentials, which are the same for every user. As a result, crooks can easily access virtual machines with root privileges.

Randomly generated password

According to The Register, VM images built with the Proxmox provider are most at risk. The flaw on this platform is tracked as CVE-2024-9486, and carries a severity rating of 9.8/10, meaning it’s critical. Image Builder version 0.1.37, or earlier, are flawed, and it is recommended users migrate to Image Builder v0.1.38, or later, as soon as possible.

In this version, every new image build will be given a randomly generated password, with the builder account being terminated at the end of the build process.

Users that end up upgrading Image Builder should also re-deploy new images to any affected VMs, the publication stressed.

Besides Proxmox, there are other providers who are at risk, too - including Nutanix, OVA, QEMU, and others: However, in these instances, the severity rating is 6.3, since they disable the default credentials at the end of the image build process, and thus give the threat actor a much smaller window of opportunity.

Those that are unable to apply the patch at the moment should disable the builder account and thus mitigate the risk.

Via The Register

More from TechRadar Pro

• AWS has patched a rather embarrassing Kubernetes bug
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now

What was once one of the best Netflix movies is now about to become one of the new best Hulu movies in November 2024. Damien Chazelle's almost-best picture Oscar winner La La Land (2016) is making the switch from one of the best streaming services to the other, meaning you'll be able to stream it on Hulu from November 1 to witness the heart-wrenching Emma Stone and Ryan Gosling love story over and over again at your convenience.

Out of all the new titles new on Hulu in November 2024, La La Land is just one of the few movies that will be leaving Netflix in October 2024 for a new spot in Hulu's November schedule. Additionally, Hellboy (2019) and Sonic the Hedgehog (2020) are set to leave Netflix on October 31 and, like La La Land, will become part of Hulu's reshuffled catalog of movies on November 1. While we'd wish that they'd have a Rotten Tomatoes score as respectable as La La Land's 91% (Sonic the Hedgehog has 60%, and Hellboy a catastrophic 17%), I'm kind of living for the subtle shade on Hulu's part.

However that's not to say that Netflix won't see some of the best Hulu movies join its catalog, as it has everything in it to snag some of the titles that are leaving Hulu in November 2024. Netflix's schedule for next month has yet to be unveiled, and while we don't know what's coming to Netflix in November 2024 just yet, I can imagine that the platform will be preparing to welcome the holiday season – just as Hulu has planned.

Part of me has my fingers crossed behind my back in hopes that Netflix will recycle Hulu's rejected titles next month. But I have my eyes solely on Hustlers (2019) because, as I've mentioned in our roundup of titles leaving Hulu, Hustlers is one of my comfort movies and one of my favourites from that year. Bless the days when it was available on Prime Video.

You might also like

• Netflix teases Virgin River season 6's wedding of the year and I desperately need an invite
• Netflix’s Sweet Bobby: My Catfish Nightmare isn’t the only catfishing documentary worth streaming this week
• Hulu vs Netflix: which streaming platform do you choose in 2024?

We’ve recently seen the release of a major Windows 11 feature update, version 24H2, and now developer NTDEV, responsible for the development of projects like “Tiny11” and “Tiny10” (smaller slimmed down versions of Windows 11 and 10) has released an impressively lightweight, compact version of 24H2. NDTEV has been highlighted by publications for its efforts to make versions of Windows that use minimal resources on your device - both in terms of storage and system memory, which allows the operating system to run on older or underpowered machines.

Following 24H2’s release, Microsoft has announced details about Windows 11 Enterprise LTSC 2024 (also known as Windows 11 LTSC 24H2), a special version of the operating system (OS) designed for long-term use by businesses and organizations that don’t receive updates as frequently as other kinds of users. NDTEV’s newest update has modified this version of Windows to shrink it down to Tiny11 form.

NDTEV provided screenshots of their feat on X, claiming that you could make the Tiny11 version based on Windows 11 LTSC 24H2 fit on a DVD disc (if you remember those!). For context, a DVD can store about 4.7 GB of data, and NTDEV’s Tiny11 version only takes up 3.54 GB — leaving some extra space on the disc.

The team explains that they were able to achieve this using a method called LZX delta compression. Compression is a common computing process that makes files smaller while preserving essential information, and LZX is a method that relies on advanced compression techniques built into Windows 11’s NTFS file system.

Well ,the good news is that you can still make the entire tiny11 fit on a DVD! (with LZX compression, of course).Behold, tiny11 based on Windows 11 LTSC 24H2! pic.twitter.com/tXS3Z8KoSwOctober 12, 2024

Food for thought about hardware requirements

Versions of Windows like Tiny11 have become a favorite among some users because aside from shrinking it down to a size that can fit on a DVD, it also needs very little system memory (RAM) to run, leaving the rest of the device’s memory free for other tasks, which can lead to big performance boosts, even with underpowered devices. Previously, Neowin had reported about NDTEV demonstrating that they can run Tiny11 with just 176MB of RAM, a magnitude less than the amount of RAM required for the officially versions of Windows 11 (which is 4 GB).

In another impressive move, NDTEV made a “text-only” version of Windows 11 that used just 100MB of RAM by stripping away the OS’s graphical interface (the visuals you see that makes it easier to use, such as the Start menu and even the iconic windows that gave the operating system its name).

If you’re a little more confident when it comes to tinkering with your devices, you could try installing Tiny11 on your PC, but even if you’d rather stick with full-fat Windows 11, you can still appreciate NDTEV’s accomplishments. They continue to demonstrate the very real potential to run a modern OS with minimal hardware requirements, and Tiny11’s modest hardware requirements allow older and less powerful machines to run modern operating systems like Windows 10 and 11, which they might otherwise struggle with.

As hardware performance demands continue to grow, projects like these show both the initiative and creativity of developers like NDTEV, as well as how efficient software design can extend the lifespan of devices. In a world where we are having to begin reckoning with the environmental cost of our consumer demands, it’s a hopeful glimpse of how we can navigate it while continuing to innovate our technologies.

YOU MIGHT ALSO LIKE...

• Tiny11 is now even smaller, giving you Windows 11 23H2 but without the clutter
• Ditch Microsoft’s data-gathering and take control of your Windows 11 experience with the new Tiny11 Builder tool
• Windows 11 on an iPhone 15? Tiny11 developer gets cats and dogs living together!

Elon Musk’s latest changes for X are driving more users away – not exactly a surprise, granted – and many of them are flocking to rival social media outlet Bluesky. So many made the switch, in fact, it led to Bluesky briefly going down due to the volume of incoming new users.

The central move initiated by X that made the headlines for driving migration away from Musk’s platform is a change to the way the ‘Block’ button works. This was actually announced back in September, but is officially being implemented now (well, it’ll be in place ‘soon’ we’re told).

It means that going forward, X users who you have blocked will still be able to view your (public) posts – though they won’t be able to engage with them in any way (from replies to liking and so forth).

This is problematic for obvious reasons, in terms of enabling stalkers and trolls who will still be able to view the posts of an account that has blocked them, when previously this wasn’t the case. In the past, blocking meant that the blocked user couldn’t see any posts (or anything at all, save for a message telling them that they’ve been blocked), but soon, this will change.

As The Independent reports, this confirmation of the move to relax what blocking means led to a flood of departures from X to Bluesky, a decentralized take on X that was the brainchild of former co-founder and CEO of Twitter, Jack Dorsey.

Bluesky posted to say it had in excess of 100,000 new users inside 12 hours following the announcement by X, after the rival network highlighted the fact that its block function stops those who are blocked from viewing any posts.

Such was the volume of disgruntled defectors that Bluesky actually went down for a couple of hours, with those fleeing X noting that they couldn’t sign up (and for that matter, users couldn’t even login). Down Detector recorded a server outage lasting for a couple of hours, though this has now calmed down to a few scattered reports, and normal service appears to have resumed for Bluesky.

In an update, Bluesky noted that it has now gained half a million new users in the past day.

There’s another reason that some folks are rapidly exiting from X stage left (and right, and indeed center, clambering over the audience, it would seem), and that’s a change to X’s privacy policy.

As TechCrunch reports, the new policy includes an update that allows third-party collaborators to use content on X to train their AI models – unless the user opts out. This is a notable extension of the reach of AI training on X, which has so far only been used to train Musk’s own Grok AI (unless users opt out, again).

(Image credit: Getty Images) Analysis: You mystify me

There’s been a strong reaction to both moves, particularly the blocking change.

Let’s start with the AI side of the equation, though, and what’s going on there. Artists are not at all happy about the possibility of their content being used in AI training – for which they read as being ‘stolen’ effectively – but there is a choice to opt out (although we don’t yet know where that option will lie).

Still, clearly many folks feel this is an ominous switch in direction for X, and are voting with their feet to make a point. Certainly, it should be an opt in rather than opt out decision, but often this is a concern glossed over in the tech industry for obvious reasons.

To be fair to Musk, X isn’t the only social media platform heading down this path, of course – Reddit is at the head of the pack in terms of monetizing in the AI sphere.

The switch in blocking policy is a truly mystifying one, though, and seemingly part of Musk’s self-destructive side when it comes to his social media property. We can’t think of a good reason why this has been enacted, save for… nope. We just can’t think of one.

For X’s part, the main argument in favor of the change is that “block can be used by users to share and hide harmful or private information about those they’ve blocked,” and so the ability to still view the posts of a blocked account means greater transparency in terms of detecting such instances.

But that does not square up at all, not even remotely, with wider and far more pressing concerns about blocked people now being able to act in harmful ways towards those who have blocked them.

Diluting blocking in this way is undeniably going to make life better for stalkers, unhinged trolls and folks who might harass other denizens of X for kicks, and as many have rightly pointed out, there are genuine online safety concerns here.

While a blocked person may not be able to repost in theory, there is nothing to stop them from taking a screenshot of a post, and sharing that on X (or elsewhere). Or more broadly, there’s nothing preventing the blocked person from using info from the visible posts of the person they might be harassing or stalking.

Surely when you weigh up these two factors – the rights of the blocked, and rights of the blocker – on the scales of worry, the tipping that’s going on is severe.

Another reason raised for doing away with full-blocking is that it’s easy to get around by creating another dummy account – but not everyone will go to those lengths (far from it, we’d imagine), and so this is only a partial point of argument at best.

All in all, at the very least, isn’t some sort of compromise called for here? Perhaps in the form of some sort of full block option that could be left in.

The reaction to the move has been entirely negative, and hopefully, X and Musk are taking that on board.

Bluesky is certainly capitalizing on this, not just reinforcing that it offers full blocking capabilities as mentioned, but also more besides (the ability to “subscribe to block lists maintained by users you trust” for example).

Currently, Bluesky has half a million new recruits for its platform, as mentioned, and it’s currently trending on X with over 200K posts. The talk is now turning to how the new philosophy on blocking might end up with the X app being blocked itself from Google and Apple’s stores.

You might also like...

• Jack Dorsey's Bluesky is like Twitter without Musk – and that's good
• Elon Musk's year-long quest to destroy Twitter is the most successful inside job in tech history
• How to use ChatGPT – everything beginners need to know about the AI chatbot

Asus has announced its new ROG Thor III series PSUs that have been built to meet the demands of upcoming power-hungry components like Nvidia’s expected RTX 5090 GPUs, which are rumored to consume up to 600W of power. With PCIe 5.0 connectors, ATX 3.0 compliance, and wattage ranging between 1000 and 1600, it’s clear the Thor III series should be more than up to the task of powering the next generation of computer components.

A standout feature is Asus’ “GPU-FIRST” voltage-sensing technology. As the name suggests, it means the PSU will prioritize the GPU over the CPU. This seems sensible, considering it’s the new GPUs that may eat up the watts. The feature is paired with a patented “intelligent voltage stabilizer”, which Asus says enhances voltage delivery by up to 45%.

The Thor III series promises high energy efficiency and minimal power loss, with the 1000W and 1200W  models being  rated at 80 Plus at Platinum, and the 1600 model is rated at Titanium. It also boasts Lambda A+ acoustic ratings (the highest) – which should hopefully mean that the PSUs are near silent even when under load The PSUs are cooled  by a 135 mm axial-tech fan, and they also feature a 0dB mode, which optimizes cooling without unnecessary noise. If you hate the sound of gaming PCs whirring up their fans when the action heats up, the ROG Thor III series PSUs could be a great investment.

For easy, smoother installation, the ROG Thor series III includes native 12VHPWR connectors, so you won’t need to worry about adapters or keeping your build neat and tidy on the inside. The PSU comes with an integrated OLED display, with which you can monitor power usage in real-time. The PSU also has ARGB lighting, and you can customize it to your heart’s content through Aura Sync, ASUS’ lighting control software.

Following leaks of Asus’ flagship ROG Maximus Z890 Extreme motherboards (which will cost upwards of $1,000), designed to target Intel’s flagship Arrow Lake CPUs and Nvidia’s RTX 5090 GPU, it was obvious that ASUS would release an equally powerful PSU to compliment these builds. Judging by its specs, the Thor III series delivers.

PSU prices and lightning, very very frightening

How much this will set you back we don’t yet know, but what we do know is that it won’t be great for your energy bills, as these are designed to pump out the kinds of wattage that would impress the God of Thunder himself.

While that’s great for keeping powerful components running at their full strength, it could lead to a spike in your energy consumption, and at a time when many people’s bills are already rising, you’ll need to think carefully about spending money when they release, which should be soon.

You might also like

• What is a PSU? We explain all
• Nvidia’s RTX 5090 now rumored to have superfast clock speeds – as well as being super-slim – could this GPU be too good to be true?
• Top gaming PCs: great rigs for serious PC gaming

At nearly twice the size of some competitors, Elehear’s new hearing aids certainly make a statement.

Permira has confirmed the completion of its acquisition of top website builder platform Squarespace in an all-cash deal valued at $7.2 billion.

As part of the deal, Squarespace will be taken private, meaning it will no longer be listed on the New York Stock Exchange (NYSE).

The buyout, initially announced in early summer of 2024, ended up costing Permira $300 million more than the $6.9 billion it had initially set out to pay.

Squarespace is now a private company

Although members of the public can no longer buy shares in the company, Squarespace founder and CEO Anthony Casalena has retained a substantial majority of his equity, remaining one of the largest shareholders.

Casalena will continue to lead the company as CEO and Board Chairman, with the company’s other leadership members also remaining in place, confirmed Permira.

"We are excited to embark on a new chapter with Permira, one focused on our long-term strategy and commitment to serving entrepreneurs globally," Casalena added.

Permira Partner David Erlong said the investment company’s decision to back Squarespace recognizes the company’s strong relationships with small businesses and entrepreneurs, making a vote of confidence in the platform.

“We look forward to leveraging our decades-long experience and track record backing internet platforms and technologies that enable SMBs, as we support Anthony and his team in growing Squarespace and expanding its product suite through its next chapter of success.”

The deal, valued at $7.2 billion, equates to $44.50 per share, up from the $44 per share that was initially suggested and subsequently rejected by shareholders under the advice of Institutional Shareholder Services on the basis that the valuation undervalued the company.

More from TechRadar Pro

• Cut the costs by using the best free website builders
• We’ve rounded up a list of all the best web hosting providers
• Squarespace says it will go private after $6.9bn Permira deal

Portland residents still have several ISP options available, from speedy fiber internet to more affordable broadband selections.

The company behind Trump Watches prominently features an iconic image of the presidential candidate on its timepieces. There’s one big problem: It’s not allowed to.

If you're looking for more control over your lights, then this deal is for you.

When Sonos unveiled the Sonos Arc Ultra soundbar earlier this week, we had a few questions. And now we have the answers.

In particular, we've confirmation about the Arc Ultra's Dolby Atmos channels, its current stance on DTS, and its HDMI ports – and we've had an update on the status of the app.

The first questions was around its channel count, which is officially given as 9.1.4. The last number there is the relevant part – it means four height channels for Dolby Atmos. However, the Arc Ultra's specs say it has two upfiring drivers, so we wanted to get Sonos' official line on how two turns into four.

Sonos confirmed that are indeed two up-firing drivers, but the way they work with the rest of the soundbar makes them act like there are actually four upwards firing speakers – at least in theory. "The rear height arrays utilize a very strategic combination of the upfiring, outward firing and forward firing transducers to position it deeper in the room than the front height channels," the company said – so basically, it'll offer virtual rear height channels. However effective this is remains to be seen.

Checking the disappointments

There were two potential disappointments about the Sonos Arc Ultra, but that weren't explicit from Sonos' information and specs, so we also asked to confirm that a) it only has one HDMI eARC port, and no passthrough, and b) that there is still no DTS support.

In both cases, what we expect was confirmed. Sonos' long-standing line on DTS hasn't changed – it will consider adding new formats in the future, but nothing is planned – and there is just a single HDMI port.

That's very unusual among the best soundbars now: all the major premium competition considers at least one HDMI passthrough as the bare minimum. A lot of people today need more flexibility in their connection, because they have a high number of boxes to connect to their TV. The Samsung HW-Q990D soundbar actually adds to the number of ports you have available. The Sonos Arc Ultra leaves you with one fewer.

How's the app going?

According to CEO Patrick Spence, the app is 90% back to normal since its troubled update. "We've worked tirelessly to address the most critical app issues and reintroduce the most requested legacy features. We've now reached a level of quality that gives us the confidence to release our exciting new products," he said in a statement. "As outlined in our commitments, we will continue to improve the software regularly and are determined to make the Sonos experience better than ever."

Sonos continues to provide app update timescales on its support page; the to-do list for late October includes:

• Improving system setup and reliability of adding new products
• Improved volume control & responsiveness (iOS)
• Music library performance improvements (iOS)
• Improving overall system stability and error handling
• Support for Arc Ultra and Sub 4

And the mid-November update will deliver:

• Playlist editing
• Support for Android users with multiple homes
• User Interface improvements (based on your feedback)
• Improved music playback error handling

Those plans are for both the iOS and Android versions of the Sonos app. The Android app will also get "improved volume control & responsiveness" in a December update.

You might also like

• 7 movies with stunning Dolby Atmos music and soundtracks to make your home theater sing
• I didn't care for Dolby Atmos music, but this one mind-blowing experience made me a believer
• I experienced Dolby's reference 34-speaker Dolby Atmos theater – and it made me appreciate the importance of movie theaters

Nothing's better than a crispy fry, but you can only achieve them in an air fryer by following these rules.

Contrary to popular belief, buying a gift for a girlfriend doesn't have to be stressful. Whether you're shopping for a significant other, long-distance pal or BFF, we've curated this list of unique and thoughtful gifts for girlfriends that are sure to delight.

Launching a smart home has never been easier. We'll show you where to start.

John Graham-Cumming, who happens to be Cloudflare's CTO, cracked a 30-year-old encrypted file that had a role in rewriting South Africa’s history.

Google is finally fixing a longstanding problem with the way third-party password managers work within the Android version of Chrome.

In an update coming next month, Google will enable native autofill for third-party password manager apps like Dashlane and 1Password in the Chrome app on Android.

The update was announced in a post to Google’s Android Developers Blog by developer advocate Eiji Kitamura and will hopefully alleviate several issues with the way such password managers work with the app currently.

In the post, Kitamura details current issues including “showing duplicate suggestions from Google and a third party”, and “janky page scrolling” when using third party password managers. This stems from the password manager having to use a “compatibility mode” when interacting with Chrome, even when set as the Android phone’s system default in settings. As The Verge notes, this causes glitching that isn’t present on Safari or even Chrome for iOS.

The forthcoming update will, in turn, enable third party password managers to natively autofill passwords and passkeys, as well as other details including addresses and payment information.

How to test the update yourself

This fix will hopefully put an end to the issues. But if you’d rather check for yourself you can test the new third party password manager integration by installing a beta version of the upcoming Chrome 131 update from the Google Play store and following these instructions.

First, head to the Settings app and select the Passwords, passkeys and accounts tab, and tap the Change button underneath the currently selected service. Select a new third party service.

This is where it gets a bit technical – open the Chrome app and paste the following into the URL bar: chrome://flags#enable-autofill-virtual-view-structure

Set the flag that appears to Enabled, then restart Chrome. Head to Chrome’s Settings and select Autofill services, select Autofill using another service, and then restart Chrome again.

Voila! You should now have access to smoother autofill for your third party password manager.

The stable version of Chrome 131 releases to all users on November 12. Until then, be sure to keep up with our Android coverage for the latest updates.

You might also like

• OnePlus shares release date for Android 15 update, announces new AI features
• Leaked dummy units of all three Samsung Galaxy S25 phones show off their sizes and dimensions
• You’re not alone – many users are reporting iPhone 16 battery life issues on iOS 18

Google Flights added a "Cheapest" tab to help you make the most of your travel budget.

After some first-look teasers, we finally have a full trailer for Dune: Prophecy, Max's new prequel series to the movies Dune and Dune Part Two, which is now confirmed to be arriving on November 17. The exciting trailer debuted at New York Comic-Con, proving to be a real treat for fans who have been waiting to return to the sci-fi universe once more.

There's plenty to get excited about and it's a huge time for HBO, with The Batman spin-off series The Penguin receiving critical acclaim in recent weeks. Though the days of The Sopranos and Succession are over, it seems HBO is still smashing out excellent originals, and I wouldn't be surprised if Dune Prophecy earns a spot on our best Max shows feature in the near future.

Take a look at the new trailer below.

What do we know about Dune: Prophecy?

For a start, we know the prequel series occurs long before the events of Denis Villeneuve's cinematic epic. It's set 10,000 years before the ascension of Timothee Chalamet's Paul Atreides, and follows two Harkonnen sisters as they combat forces that threaten the future of humankind and establish the sect that will become known as the Bene Gesserit.

There are six episodes in total, so it's a fairly short watch. It looks like episodes will be releasing weekly on Sundays, so unfortunately you won't be able to binge this one unless you wait, which is an impossible task. The series is spread out and ready to be savored which, in my opinion, is exactly how you should approach Dune. Elsewhere, we know a videogame called Dune Awakening is in the works, so the franchise is growing rapidly.

We have an excellent cast here too with Emily Watson and Olivia Williams leading as the two sisters, and Mark Strong playing the role of Emperor Javicco Corrino. There are some big names attached to this and it's got me even more excited.

You might also like

• Dune Awakening will let you choose between the Harkonnen and Arrakis factions, plus a third that will arrive after launch
• Peacemaker season 2: HBO Max release date prediction, confirmed cast, possible plot, and more news and rumors
• The Last of Us season 2: HBO Max release date prediction, trailer, confirmed cast, plot details, and more news and rumors