Thu.Jul 25, 2024

article thumbnail

LW ROUNDTABLE: CrowdStrike outage reveals long road ahead to achieve digital resiliency

The Last Watchdog

Last week, CrowdStrike, one of the cybersecurity industry’s most reputable solution providers, inadvertently caused more disruption across the Internet than all the threat actors active online at the time. Related: Microsoft blames outage on EU A flawed update to CrowdStrike’s Falcon security software caused millions of computers running Microsoft Windows to display the infamous blue screen of death.

article thumbnail

The CrowdStrike Outage and Market-Driven Brittleness

Schneier on Security

Friday’s massive internet outage, caused by a mid-sized tech company called CrowdStrike, disrupted major airlines, hospitals, and banks. Nearly 7,000 flights were canceled. It took down 911 systems and factories, courthouses, and television stations. Tallying the total cost will take time. The outage affected more than 8.5 million Windows computers, and the cost will surely be in the billions of dollars ­easily matching the most costly previous cyberattacks, such as NotPetya.

Marketing 300
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Critical bug in Docker Engine allowed attackers to bypass authorization plugins

Security Affairs

A critical flaw in some versions of Docker Engine can be exploited to bypass authorization plugins (AuthZ) under specific circumstances. A vulnerability, tracked as CVE-2024-41110 (CVSS score of 10.0), in certain versions of Docker Engine can allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. “An attacker could exploit a bypass using an API request with Content-Length set to 0, causing the Docker daemon to forward the request without the body to the Aut

article thumbnail

Data Wallets Using the Solid Protocol

Schneier on Security

I am the Chief of Security Architecture at Inrupt, Inc. , the company that is commercializing Tim Berners-Lee’s Solid open W3C standard for distributed data ownership. This week, we announced a digital wallet based on the Solid architecture. Details are here , but basically a digital wallet is a repository for personal data and documents. Right now, there are hundreds of different wallets, but no standard.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Hackers exploit Microsoft Defender SmartScreen bug CVE-2024-21412 to deliver ACR, Lumma, and Meduza Stealers

Security Affairs

The CVE-2024-21412 flaw in the Microsoft Defender SmartScreen has been exploited to deliver information stealers such as ACR Stealer, Lumma, and Meduza. Fortinet FortiGuard Labs researchers observed a malware campaign exploiting the vulnerability CVE-2024-21412 (CVSS score: 8.1) to spread information stealer, such as ACR Stealer, Lumma , and Meduza.

Education 140
article thumbnail

PKfail Secure Boot bypass lets attackers install UEFI malware

Bleeping Computer

Hundreds of UEFI products from 10 vendors are susceptible to compromise due to a critical firmware supply-chain issue known as PKfail, which allows attackers to bypass Secure Boot and install malware. [.

Malware 137

More Trending

article thumbnail

Windows update may present users with a BitLocker recovery screen

Malwarebytes

Some Windows users may see a BitLocker Recovery screen after applying the Microsoft patch Tuesday updates. BitLocker is a Windows security feature that encrypts entire drives. It prevents someone that has obtained a stolen or lost device from reading the files stored on that drive. Unfortunately, though, Microsoft launched an update this month that has caused problems for some Windows systems.

article thumbnail

Progress Software fixed critical RCE CVE-2024-6327 in the Telerik Report Server

Security Affairs

Progress Software addressed a critical remote code execution vulnerability, tracked as CVE-2024-6327, in the Telerik Report Server. Telerik Report Server is a web-based application designed for creating, managing, and delivering reports in various formats. It provides tools for report design, scheduling, and secure delivery, allowing organizations to centralize their reporting processes.

Software 121
article thumbnail

Robot dog trained to jam wireless devices during police raids

Graham Cluley

The US Department of Homeland Security has unveiled a dog-like robot that it says has been adapted to jam the connectivity of smart home devices. Read more in my article on the Hot for Security blog.

Wireless 124
article thumbnail

CVE-2024-40767: OpenStack Nova Vulnerability Exposes Cloud Servers to Data Theft Risk

Penetration Testing

A critical vulnerability (CVE-2024-40767) has been discovered in OpenStack Nova, the open-source cloud computing platform’s core component for managing virtual servers. This flaw could allow unauthorized users to access sensitive data on cloud servers,... The post CVE-2024-40767: OpenStack Nova Vulnerability Exposes Cloud Servers to Data Theft Risk appeared first on Cybersecurity News.

Risk 122
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks

The Hacker News

A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country.

article thumbnail

Understanding Identity Acronyms: What Are ISPM & ITDR?

Duo's Security Blog

The challenge: Limited visibility Not all new software categories are created equal. Cisco Talos reported in February that three of the top five MITRE ATT@CK techniques used in 2023 were identity-based, so identity needed some focused security attention. Why? Access and identity sprawl is creating new security challenges for organizations of all sizes: More likely than not, your organization has hundreds of applications across different departments and roles.

article thumbnail

SEXi / APT Inc ransomware – what you need to know

Graham Cluley

A cybercrime group has gained notoriety for attacking VMware ESXi servers since February 2024. Learn more about the SEXi / APT Inc ransomware in my article on the Tripwire State of Security blog.

article thumbnail

Meta Removes 63,000 Instagram Accounts Linked to Nigerian Sextortion Scams

The Hacker News

Meta Platforms on Wednesday said it took steps to remove around 63,000 Instagram accounts in Nigeria that were found to target people with financial sextortion scams. "These included a smaller coordinated network of around 2,500 accounts that we were able to link to a group of around 20 individuals," the company said. "They targeted primarily adult men in the U.S.

Scams 116
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

New Auto Blocker in Samsung OneUI 6.1.1: Blocking APK Sideloading for Enhanced Security

Penetration Testing

Starting with OneUI 6.1.1, Samsung has implemented a default setting that blocks users from sideloading APK files. This setting is now applied to Samsung’s latest Android devices, even if the REQUEST_INSTALL_PACKAGES permission has been... The post New Auto Blocker in Samsung OneUI 6.1.1: Blocking APK Sideloading for Enhanced Security appeared first on Cybersecurity News.

article thumbnail

CrowdStrike Warns of New Phishing Scam Targeting German Customers

The Hacker News

CrowdStrike is alerting about an unfamiliar threat actor attempting to capitalize on the Falcon Sensor update fiasco to distribute dubious installers targeting German customers as part of a highly targeted campaign.

Phishing 114
article thumbnail

Google, Microsoft, Others Support U.S.-Based Spyware Lawsuits

Security Boulevard

Microsoft and Google were joined by LinkedIn, GitHub, and Trend Micro in a supporting an appeal of a lawsuit against spyware maker NSO Group that was tossed by a U.S. judge who said that, as a Salvadoran citizen, the plaintiff's case had no standing in a U.S. court. The post Google, Microsoft, Others Support U.S.-Based Spyware Lawsuits appeared first on Security Boulevard.

Spyware 104
article thumbnail

Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining

The Hacker News

Cybersecurity researchers are sounding the alarm over an ongoing campaign that's leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining. Cloud security Wiz is tracking the activity under the name SeleniumGreed. The campaign, which is targeting older versions of Selenium (3.141.59 and prior), is believed to be underway since at least April 2023.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Meta nukes massive Instagram sextortion network of 63,000 accounts

Bleeping Computer

Meta has removed 63,000 Instagram accounts from Nigeria that were involved in sextortion scams, including a coordinated network of 2,500 accounts linked to 20 individuals targeting primarily adult men in the United States. [.

article thumbnail

Managing Digital Certificates in a Hybrid and Multi-Cloud Environment

GlobalSign

While hybrid and multi-cloud environments are more convenient, they can complicate certificate management. Explore how automation may be the solution.

109
109
article thumbnail

Critical ServiceNow RCE flaws actively exploited to steal credentials

Bleeping Computer

Threat actors are chaining together ServiceNow flaws using publicly available exploits to breach government agencies and private firms in data theft attacks. [.

article thumbnail

Researchers Reveal ConfusedFunction Vulnerability in Google Cloud Platform

The Hacker News

Cybersecurity researchers have disclosed a privilege escalation vulnerability impacting Google Cloud Platform's Cloud Functions service that an attacker could exploit to access other services and sensitive data in an unauthorized manner. Tenable has given the vulnerability the name ConfusedFunction.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

At The 2024 Summer Olympics, AI Is Watching You

WIRED Threat Level

A controversial new surveillance system in Paris foreshadows a future where there are too many CCTV cameras for humans to physically watch.

article thumbnail

6 Types of Applications Security Testing You Must Know About

The Hacker News

While the specifics for security testing vary for applications, web applications, and APIs, a holistic and proactive applications security strategy is essential for all three types. There are six core types of testing that every security professional should know about to secure their applications, regardless of what phase they are in in development or deployment.

103
103
article thumbnail

Windows 11 KB5040527 update fixes Windows Backup failures

Bleeping Computer

Microsoft has released the optional KB5040527 preview cumulative update for Windows 11 23H2 and 22H2, which includes fixes for Windows Backup and upgrade failures. [.

Backups 92
article thumbnail

Critical Flaw in Telerik Report Server Poses Remote Code Execution Risk

The Hacker News

Progress Software is urging users to update their Telerik Report Server instances following the discovery of a critical security flaw that could result in remote code execution. The vulnerability, tracked as CVE-2024-6327 (CVSS score: 9.9), impacts Report Server version 2024 Q2 (10.1.24.514) and earlier. "In Progress Telerik Report Server versions prior to 2024 Q2 (10.1.24.

Risk 98
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Executive Cybersecurity Accountability: A Rising Trend?

Security Boulevard

The accountability for security failures or breaches typically falls on security teams or specific IT leaders rather than higher-level executives or the board. This accountability has long been the case; cyber risks were often siloed as technical issues rather than integrated into broader company business risk management frameworks. However, bucking this historical trend are recent moves from big companies like.

article thumbnail

Webinar: Securing the Modern Workspace: What Enterprises MUST Know about Enterprise Browser Security

The Hacker News

The browser is the nerve center of the modern workspace. Ironically, however, the browser is also one of the least protected threat surfaces of the modern enterprise. Traditional security tools provide little protection against browser-based threats, leaving organizations exposed.

article thumbnail

Comparative Analysis of Password Hashing Algorithms: Argon2, bcrypt, scrypt, and PBKDF2

Security Boulevard

Explore the strengths and weaknesses of Argon2, bcrypt, scrypt, and PBKDF2 in this comprehensive comparison of password hashing algorithms. Learn which algorithm suits your security needs, from cutting-edge Argon2 to the widely-used bcrypt, and understand the future of cryptographic protection. The post Comparative Analysis of Password Hashing Algorithms: Argon2, bcrypt, scrypt, and PBKDF2 appeared first on Security Boulevard.

article thumbnail

US offers $10M for tips on DPRK hacker linked to Maui ransomware attacks

Bleeping Computer

The U.S. State Department is offering a reward of up to $10 million for information that could lead to the identification or location of a North Korean military hacker. [.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.