Krebs on Security

JULY 19, 2024

A faulty software update from cybersecurity vendor Crowdstrike crippled countless Microsoft Windows computers across the globe today, disrupting everything from airline travel and financial institutions to hospitals and businesses online. Crowdstrike said a fix has been deployed, but experts say the recovery from this outage could take some time, as Crowdstrike’s solution needs to be applied manually on a per-machine basis.

Artificial Intelligence 312

Artificial Intelligence Media Software Cybersecurity 312

Schneier on Security

JULY 19, 2024

Brett Solomon is retiring from AccessNow after fifteen years as its Executive Director. He’s written a blog post about what he’s learned and what comes next.

257

257

Tech Republic Security

JULY 19, 2024

Airports and law enforcement agencies were among the organizations hit by the Blue Screen of Death. CrowdStrike said the error has been fixed.Airports and law enforcement agencies were among the organizations hit by the Blue Screen of Death.

198

198

WIRED Threat Level

JULY 19, 2024

A defective CrowdStrike kernel driver sent computers around the globe into a reboot death spiral, taking down air travel, hospitals, banks, and more with it. Here’s how that’s possible.

Banking 145

Banking 145

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

The Hacker News

JULY 19, 2024

Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed out by cybersecurity company CrowdStrike. "CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts," the company's CEO George Kurtz said in a statement. "Mac and Linux hosts are not impacted.

Cybersecurity 143

Cybersecurity 143

Bleeping Computer

JULY 19, 2024

A faulty component in the latest CrowdStrike Falcon update is crashing Windows systems, impacting various organizations and services across the world, including airports, TV stations, and hospitals. [.

142

142

Security Affairs

JULY 19, 2024

Two Russian nationals pleaded guilty to participating in the LockBit ransomware group and carrying out attacks against victims worldwide. Two foreign nationals, Ruslan Magomedovich Astamirov and Mikhail Vasiliev, pleaded guilty in Newark federal court for their roles in the LockBit ransomware operation. The LockBit ransomware operation has been active since January 2020, the group hit over 2,500 victims across 120 countries, including 1,800 in the U.S.

Ransomware 142

Ransomware Healthcare Encryption Government 142

The Hacker News

JULY 19, 2024

Several organizations operating within global shipping and logistics, media and entertainment, technology, and automotive sectors in Italy, Spain, Taiwan, Thailand, Turkey, and the U.K. have become the target of a "sustained campaign" by the prolific China-based APT41 hacking group.

Media 130

Media Technology Hacking 130

Bleeping Computer

JULY 19, 2024

Microsoft says an Azure configuration change caused a major Microsoft 365 outage on Thursday, affecting customers across the Central US region. [.

141

141

The Hacker News

JULY 19, 2024

Law enforcement officials in the U.K. have arrested a 17-year-old boy from Walsall who is suspected to be a member of the notorious Scattered Spider cybercrime syndicate. The arrest was made "in connection with a global cyber online crime group which has been targeting large organizations with ransomware and gaining access to computer networks," West Midlands police said.

Cybercrime 127

Cybercrime Ransomware 127

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Security Affairs

JULY 19, 2024

Windows machines worldwide displayed BSoD screen following a faulty update pushed out by cybersecurity firm CrowdStrike. A faulty update released by CrowdStrike Falcon is causing Windows systems to display a BSoD screen. The incident is causing widespread global disruptions, impacting critical infrastructure such as airports, hospitals, and TV stations.

Cyber Attacks 130

Cyber Attacks Mobile Cybersecurity Hacking 130

WIRED Threat Level

JULY 19, 2024

A software update from cybersecurity company CrowdStrike appears to have inadvertently disrupted IT systems globally.

Software 145

Software Cybersecurity 145

Security Boulevard

JULY 19, 2024

A federal district court judge blew a hole in the SEC's case against SolarWinds, saying that while the company and its CISO could be tried for statements made before the high-profile Sunburst attack, those that came after were based on "speculation and hindsight." The post Judge Dismisses Most SEC Charges Against SolarWinds appeared first on Security Boulevard.

CISO 117

CISO Software Malware Cybersecurity 117

Malwarebytes

JULY 19, 2024

Nope, that headline’s not a typo. Over one thousand percent. The Identity Theft Resource Center (ITRC) tracked 1,041,312,601 data breach victims in Q2 2024, an increase of 1,170% over Q2 2023 (81,958,874 victims). The ITRC is a national non-profit organization set up with the goal of minimizing the risk and mitigating the impact of identity compromise.

Data breaches 116

Data breaches Passwords Identity Theft Phishing 116

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Security Affairs

JULY 19, 2024

Personal and health information of 12.9 million individuals was exposed in a ransomware attack on Australian digital prescription services provider MediSecure. MediSecure is a company that provides digital health solutions, particularly focusing on secure electronic prescription delivery services in Australia. In May, the company was forced to shut down its website and phone lines following a cyber attack, but it did not mention a ransomware attack.

Data breaches 131

Data breaches Unstructured Data Healthcare Identity Theft 131

The Hacker News

JULY 19, 2024

SolarWinds has addressed a set of critical security flaws impacting its Access Rights Manager (ARM) software that could be exploited to access sensitive information or execute arbitrary code. Of the 11 vulnerabilities, seven are rated Critical in severity and carry a CVSS score of 9.6 out of 10.0.

Software 115

Software 115

Identity IQ

JULY 19, 2024

What Caused the CrowdStrike Microsoft Outage? IdentityIQ The CrowdStrike Microsoft outage is the largest IT outage in history with businesses affected worldwide. Triggered by a software update issue at CrowdStrike and compounded by disruptions in Microsoft’s Azure cloud platform, the outage led to significant operational disruptions across airlines, financial institutions, and media companies.

Banking 111

Banking Media Data breaches Software 111

The Hacker News

JULY 19, 2024

A suspected pro-Houthi threat group targeted at least three humanitarian organizations in Yemen with Android spyware designed to harvest sensitive information. These attacks, attributed to an activity cluster codenamed OilAlpha, entail a new set of malicious mobile apps that come with their own supporting infrastructure, Recorded Future's Insikt Group said.

Spyware 114

Spyware Mobile 114

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Security Boulevard

JULY 19, 2024

As cities expand with smart technologies to enhance infrastructure, robust cybersecurity is crucial. Discover how continuous assessments with NodeZero keep urban operations safe and efficient. The post Future-Proofing Cities: LYT’s Story appeared first on Horizon3.ai. The post Future-Proofing Cities: LYT’s Story appeared first on Security Boulevard.

Technology 110

Technology Cybersecurity 110

WIRED Threat Level

JULY 19, 2024

Swindlers are spinning up bogus websites in an attempt to dupe people with “CrowdStrike support” scams following the security firm's catastrophic software update.

Scams 116

Scams Software Hacking 116

Security Boulevard

JULY 19, 2024

Get details on Legit's research on the security of custom GitHub Actions. The post Security of Custom GitHub Actions appeared first on Security Boulevard.

CISO 119

CISO 119

We Live Security

JULY 19, 2024

The widespread IT outage blamed on a faulty update to CrowdStrike software for Windows devices brings software updates into the spotlight. Here's why they matter for your cyber-defenses.

Software 106

Software 106

Advertisement

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

Security Affairs

JULY 19, 2024

Cisco has addressed a critical vulnerability that could allow attackers to add new root users to Security Email Gateway (SEG) appliances. Cisco fixed a critical vulnerability, tracked as CVE-2024-20401 (CVSS score 9.8), that could allow unauthenticated, remote attackers to add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances.

Passwords 126

Passwords Malware Software Hacking 126

Malwarebytes

JULY 19, 2024

A faulty update from the cybersecurity vendor CrowdStrike crashed countless Windows computers and sent them into a “Blue Screen of Death” (BSOD), grinding to a halt the global operations of airlines, hospitals, news broadcasters, transportation agencies, and more. The incident itself is not the result of a cyberattack. There is no evidence of a breach or of any cybercriminal involvement.

Phishing 106

Phishing Retail Scams Cybersecurity 106

We Live Security

JULY 19, 2024

If a software update process fails, it can lead to catastrophic consequences, as seen today with widespread blue screens of death blamed on a bad update by CrowdStrike

Cybersecurity 106

Cybersecurity Software 106

The Hacker News

JULY 19, 2024

Two Russian nationals have pleaded guilty in a U.S. court for their participation as affiliates in the LockBit ransomware scheme and helping facilitate ransomware attacks across the world. The defendants include Ruslan Magomedovich Astamirov, 21, of Chechen Republic, and Mikhail Vasiliev, 34, a dual Canadian and Russian national of Bradford, Ontario.

Ransomware 101

Ransomware 101

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity

Bleeping Computer

JULY 19, 2024

Two Russian nations have pleaded guilty to involvement in many LockBit ransomware attacks, which targeted victims worldwide and across the United States. [.

Ransomware 104

Ransomware 104

The Hacker News

JULY 19, 2024

Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk. In the current cyber threat landscape, the protection of personal and corporate identities has become vital.

Cyber threats 97

Cyber threats Risk 97

Bleeping Computer

JULY 19, 2024

MediSecure, an Australian prescription delivery service provider, revealed that roughly 12.9 million people had their personal and health information stolen in an April ransomware attack. [.

Ransomware 93

Ransomware 93

Security Affairs

JULY 19, 2024

Windows machines worldwide displayed BSoD screen following a faulty update pushed out by cybersecurity firm CrowdStrike. A faulty update released by CrowdStrike Falcon is causing Windows systems to display a BSoD screen. The incident is causing widespread global disruptions, impacting critical infrastructure such as airports, hospitals, and TV stations.

Cyber Attacks 98

Cyber Attacks Mobile Cybersecurity Hacking 98

Advertisement

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

Government