Fri.Jul 19, 2024

article thumbnail

Global Microsoft Meltdown Tied to Bad Crowdstrike Update

Krebs on Security

A faulty software update from cybersecurity vendor Crowdstrike crippled countless Microsoft Windows computers across the globe today, disrupting everything from airline travel and financial institutions to hospitals and businesses online. Crowdstrike said a fix has been deployed, but experts say the recovery from this outage could take some time, as Crowdstrike’s solution needs to be applied manually on a per-machine basis.

article thumbnail

Brett Solomon on Digital Rights

Schneier on Security

Brett Solomon is retiring from AccessNow after fifteen years as its Executive Director. He’s written a blog post about what he’s learned and what comes next.

277
277
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

CrowdStrike Outage Disrupts Microsoft Systems Worldwide

Tech Republic Security

Airports and law enforcement agencies were among the organizations hit by the Blue Screen of Death. CrowdStrike said the error has been fixed.Airports and law enforcement agencies were among the organizations hit by the Blue Screen of Death.

206
206
article thumbnail

How One Bad CrowdStrike Update Crashed the World’s Computers

WIRED Threat Level

A defective CrowdStrike kernel driver sent computers around the globe into a reboot death spiral, taking down air travel, hospitals, banks, and more with it. Here’s how that’s possible.

Banking 145
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Faulty CrowdStrike Update Crashes Windows Systems, Impacting Businesses Worldwide

The Hacker News

Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed out by cybersecurity company CrowdStrike. "CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts," the company's CEO George Kurtz said in a statement. "Mac and Linux hosts are not impacted.

article thumbnail

Huge Microsoft Outage Linked to CrowdStrike Takes Down Computers Around the World

WIRED Threat Level

A software update from cybersecurity company CrowdStrike appears to have inadvertently disrupted IT systems globally.

Software 145

More Trending

article thumbnail

Russian nationals plead guilty to participating in the LockBit ransomware group

Security Affairs

Two Russian nationals pleaded guilty to participating in the LockBit ransomware group and carrying out attacks against victims worldwide. Two foreign nationals, Ruslan Magomedovich Astamirov and Mikhail Vasiliev, pleaded guilty in Newark federal court for their roles in the LockBit ransomware operation. The LockBit ransomware operation has been active since January 2020, the group hit over 2,500 victims across 120 countries, including 1,800 in the U.S.

article thumbnail

17-Year-Old Linked to Scattered Spider Cybercrime Syndicate Arrested in U.K.

The Hacker News

Law enforcement officials in the U.K. have arrested a 17-year-old boy from Walsall who is suspected to be a member of the notorious Scattered Spider cybercrime syndicate. The arrest was made "in connection with a global cyber online crime group which has been targeting large organizations with ransomware and gaining access to computer networks," West Midlands police said.

article thumbnail

Don't Fall for CrowdStrike Outage Scams

WIRED Threat Level

Swindlers are spinning up bogus websites in an attempt to dupe people with “CrowdStrike support” scams following the security firm's catastrophic software update.

Scams 142
article thumbnail

CrowdStrike update crashes Windows systems, causes outages worldwide

Bleeping Computer

A faulty component in the latest CrowdStrike Falcon update is crashing Windows systems, impacting various organizations and services across the world, including airports, TV stations, and hospitals. [.

142
142
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

SolarWinds Patches 11 Critical Flaws in Access Rights Manager Software

The Hacker News

SolarWinds has addressed a set of critical security flaws impacting its Access Rights Manager (ARM) software that could be exploited to access sensitive information or execute arbitrary code. Of the 11 vulnerabilities, seven are rated Critical in severity and carry a CVSS score of 9.6 out of 10.0.

Software 139
article thumbnail

Major Microsoft 365 outage caused by Azure configuration change

Bleeping Computer

Microsoft says an Azure configuration change caused a major Microsoft 365 outage on Thursday, affecting customers across the Central US region. [.

141
141
article thumbnail

Pro-Houthi Group Targets Yemen Aid Organizations with Android Spyware

The Hacker News

A suspected pro-Houthi threat group targeted at least three humanitarian organizations in Yemen with Android spyware designed to harvest sensitive information. These attacks, attributed to an activity cluster codenamed OilAlpha, entail a new set of malicious mobile apps that come with their own supporting infrastructure, Recorded Future's Insikt Group said.

Spyware 138
article thumbnail

MediSecure data breach impacted 12.9 million individuals

Security Affairs

Personal and health information of 12.9 million individuals was exposed in a ransomware attack on Australian digital prescription services provider MediSecure. MediSecure is a company that provides digital health solutions, particularly focusing on secure electronic prescription delivery services in Australia. In May, the company was forced to shut down its website and phone lines following a cyber attack, but it did not mention a ransomware attack.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Global Outage Outrage: CrowdStrike Security Tool Blamed

Security Boulevard

BSODs beyond belief: A buggy update to CrowdStrike Falcon made Windows PCs and servers crash—worldwide. The post Global Outage Outrage: CrowdStrike Security Tool Blamed appeared first on Security Boulevard.

article thumbnail

CrowdStrike update epic fail crashed Windows systems worldwide

Security Affairs

Windows machines worldwide displayed BSoD screen following a faulty update pushed out by cybersecurity firm CrowdStrike. A faulty update released by CrowdStrike Falcon is causing Windows systems to display a BSoD screen. The incident is causing widespread global disruptions, impacting critical infrastructure such as airports, hospitals, and TV stations.

article thumbnail

Number of data breach victims goes up 1,000%

Malwarebytes

Nope, that headline’s not a typo. Over one thousand percent. The Identity Theft Resource Center (ITRC) tracked 1,041,312,601 data breach victims in Q2 2024, an increase of 1,170% over Q2 2023 (81,958,874 victims). The ITRC is a national non-profit organization set up with the goal of minimizing the risk and mitigating the impact of identity compromise.

article thumbnail

Cisco fixed a critical flaw in Security Email Gateway that could allow attackers to add root users

Security Affairs

Cisco has addressed a critical vulnerability that could allow attackers to add new root users to Security Email Gateway (SEG) appliances. Cisco fixed a critical vulnerability, tracked as CVE-2024-20401 (CVSS score 9.8), that could allow unauthenticated, remote attackers to add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances.

Passwords 136
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

CrowdStrike update at center of Windows “Blue Screen of Death” outage

Malwarebytes

A faulty update from the cybersecurity vendor CrowdStrike crashed countless Windows computers and sent them into a “Blue Screen of Death” (BSOD), grinding to a halt the global operations of airlines, hospitals, news broadcasters, transportation agencies, and more. The incident itself is not the result of a cyberattack. There is no evidence of a breach or of any cybercriminal involvement.

Phishing 134
article thumbnail

Two Russian Nationals Plead Guilty in LockBit Ransomware Attacks

The Hacker News

Two Russian nationals have pleaded guilty in a U.S. court for their participation as affiliates in the LockBit ransomware scheme and helping facilitate ransomware attacks across the world. The defendants include Ruslan Magomedovich Astamirov, 21, of Chechen Republic, and Mikhail Vasiliev, 34, a dual Canadian and Russian national of Bradford, Ontario.

article thumbnail

Beyond the blue screen of death: Why software updates matter

We Live Security

The widespread IT outage blamed on a faulty update to CrowdStrike software for Windows devices brings software updates into the spotlight. Here's why they matter for your cyber-defenses.

Software 120
article thumbnail

Safeguard Personal and Corporate Identities with Identity Intelligence

The Hacker News

Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk. In the current cyber threat landscape, the protection of personal and corporate identities has become vital.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

The complexities of cybersecurity update processes

We Live Security

If a software update process fails, it can lead to catastrophic consequences, as seen today with widespread blue screens of death blamed on a bad update by CrowdStrike

article thumbnail

Summary of "AI Leaders Spill Their Secrets" Webinar

The Hacker News

Event Overview The "AI Leaders Spill Their Secrets" webinar, hosted by Sigma Computing, featured prominent AI experts sharing their experiences and strategies for success in the AI industry. The panel included Michael Ward from Sardine, Damon Bryan from Hyperfinity, and Stephen Hillian from Astronomer, moderated by Zalak Trivedi, Sigma Computing's Product Manager.

122
122
article thumbnail

Security of Custom GitHub Actions

Security Boulevard

Get details on Legit's research on the security of custom GitHub Actions. The post Security of Custom GitHub Actions appeared first on Security Boulevard.

CISO 119
article thumbnail

What Caused the CrowdStrike Microsoft Outage?

Identity IQ

What Caused the CrowdStrike Microsoft Outage? IdentityIQ The CrowdStrike Microsoft outage is the largest IT outage in history with businesses affected worldwide. Triggered by a software update issue at CrowdStrike and compounded by disruptions in Microsoft’s Azure cloud platform, the outage led to significant operational disruptions across airlines, financial institutions, and media companies.

Banking 111
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Judge Dismisses Most SEC Charges Against SolarWinds

Security Boulevard

A federal district court judge blew a hole in the SEC's case against SolarWinds, saying that while the company and its CISO could be tried for statements made before the high-profile Sunburst attack, those that came after were based on "speculation and hindsight." The post Judge Dismisses Most SEC Charges Against SolarWinds appeared first on Security Boulevard.

CISO 117
article thumbnail

Russians plead guilty to involvement in LockBit ransomware attacks

Bleeping Computer

Two Russian nations have pleaded guilty to involvement in many LockBit ransomware attacks, which targeted victims worldwide and across the United States. [.

article thumbnail

Future-Proofing Cities: LYT’s Story

Security Boulevard

As cities expand with smart technologies to enhance infrastructure, robust cybersecurity is crucial. Discover how continuous assessments with NodeZero keep urban operations safe and efficient. The post Future-Proofing Cities: LYT’s Story appeared first on Horizon3.ai. The post Future-Proofing Cities: LYT’s Story appeared first on Security Boulevard.

article thumbnail

CrowdStrike Falcon Sensor Crash Triggers Global IT Outage, Emergency Patch Released

Penetration Testing

A critical crash error in CrowdStrike’s Falcon Sensor platform has caused widespread IT disruptions across the globe, affecting critical services like 911 call centers, airlines, banks, and major media outlets. Over the past 24... The post CrowdStrike Falcon Sensor Crash Triggers Global IT Outage, Emergency Patch Released appeared first on Cybersecurity News.

Banking 103
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.