Schneier on Security

JULY 19, 2024

Brett Solomon is retiring from AccessNow after fifteen years as its Executive Director. He’s written a blog post about what he’s learned and what comes next.

241

241

Tech Republic Security

JULY 19, 2024

Airports and law enforcement agencies were among the organizations hit by the Blue Screen of Death. CrowdStrike said the error has been fixed.Airports and law enforcement agencies were among the organizations hit by the Blue Screen of Death.

196

196

WIRED Threat Level

JULY 19, 2024

A defective CrowdStrike kernel driver sent computers around the globe into a reboot death spiral, taking down air travel, hospitals, banks, and more with it. Here’s how that’s possible.

Banking 145

Banking 145

Bleeping Computer

JULY 19, 2024

A faulty component in the latest CrowdStrike Falcon update is crashing Windows systems, impacting various organizations and services across the world, including airports, TV stations, and hospitals. [.

142

142

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity

Security Boulevard

JULY 19, 2024

BSODs beyond belief: A buggy update to CrowdStrike Falcon made Windows PCs and servers crash—worldwide. The post Global Outage Outrage: CrowdStrike Security Tool Blamed appeared first on Security Boulevard.

Digital transformation 135

Digital transformation Software Risk Government 135

The Hacker News

JULY 19, 2024

Several organizations operating within global shipping and logistics, media and entertainment, technology, and automotive sectors in Italy, Spain, Taiwan, Thailand, Turkey, and the U.K. have become the target of a "sustained campaign" by the prolific China-based APT41 hacking group.

Media 131

Media Technology Hacking 131

The Hacker News

JULY 19, 2024

Law enforcement officials in the U.K. have arrested a 17-year-old boy from Walsall who is suspected to be a member of the notorious Scattered Spider cybercrime syndicate. The arrest was made "in connection with a global cyber online crime group which has been targeting large organizations with ransomware and gaining access to computer networks," West Midlands police said.

Cybercrime 129

Cybercrime Ransomware 129

Security Affairs

JULY 19, 2024

Two Russian nationals pleaded guilty to participating in the LockBit ransomware group and carrying out attacks against victims worldwide. Two foreign nationals, Ruslan Magomedovich Astamirov and Mikhail Vasiliev, pleaded guilty in Newark federal court for their roles in the LockBit ransomware operation. The LockBit ransomware operation has been active since January 2020, the group hit over 2,500 victims across 120 countries, including 1,800 in the U.S.

Ransomware 120

Ransomware Healthcare Encryption Government 120

The Hacker News

JULY 19, 2024

SolarWinds has addressed a set of critical security flaws impacting its Access Rights Manager (ARM) software that could be exploited to access sensitive information or execute arbitrary code. Of the 11 vulnerabilities, seven are rated Critical in severity and carry a CVSS score of 9.6 out of 10.0.

Software 119

Software 119

WIRED Threat Level

JULY 19, 2024

A software update from cybersecurity company CrowdStrike appears to have inadvertently disrupted IT systems globally.

Software 145

Software Cybersecurity 145

Speaker: Speakers:

In today's digital age, having an untrained workforce can be a significant risk to your business. Cyber threats are evolving; without proper training, your employees could be the weakest link in your defense. This webinar empowers leaders like you with the tools and strategies needed to transform your employees into a robust frontline defense against cyber attacks.

Cyber Attacks

The Hacker News

JULY 19, 2024

A suspected pro-Houthi threat group targeted at least three humanitarian organizations in Yemen with Android spyware designed to harvest sensitive information. These attacks, attributed to an activity cluster codenamed OilAlpha, entail a new set of malicious mobile apps that come with their own supporting infrastructure, Recorded Future's Insikt Group said.

Spyware 118

Spyware Mobile 118

WIRED Threat Level

JULY 19, 2024

Swindlers are spinning up bogus websites in an attempt to dupe people with “CrowdStrike support” scams following the security firm's catastrophic software update.

Scams 122

Scams Software Hacking 122

Security Boulevard

JULY 19, 2024

A federal district court judge blew a hole in the SEC's case against SolarWinds, saying that while the company and its CISO could be tried for statements made before the high-profile Sunburst attack, those that came after were based on "speculation and hindsight." The post Judge Dismisses Most SEC Charges Against SolarWinds appeared first on Security Boulevard.

CISO 114

CISO Software Malware Cybersecurity 114

Identity IQ

JULY 19, 2024

What Caused the CrowdStrike Microsoft Outage? IdentityIQ The CrowdStrike Microsoft outage is the largest IT outage in history with businesses affected worldwide. Triggered by a software update issue at CrowdStrike and compounded by disruptions in Microsoft’s Azure cloud platform, the outage led to significant operational disruptions across airlines, financial institutions, and media companies.

Banking 111

Banking Media Data breaches Software 111

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Boulevard

JULY 19, 2024

As cities expand with smart technologies to enhance infrastructure, robust cybersecurity is crucial. Discover how continuous assessments with NodeZero keep urban operations safe and efficient. The post Future-Proofing Cities: LYT’s Story appeared first on Horizon3.ai. The post Future-Proofing Cities: LYT’s Story appeared first on Security Boulevard.

Technology 109

Technology Cybersecurity 109

Malwarebytes

JULY 19, 2024

A faulty update from the cybersecurity vendor CrowdStrike crashed countless Windows computers and sent them into a “Blue Screen of Death” (BSOD), grinding to a halt the global operations of airlines, hospitals, news broadcasters, transportation agencies, and more. The incident itself is not the result of a cyberattack. There is no evidence of a breach or of any cybercriminal involvement.

Phishing 106

Phishing Retail Scams Cybersecurity 106

Security Boulevard

JULY 19, 2024

Get details on Legit's research on the security of custom GitHub Actions. The post Security of Custom GitHub Actions appeared first on Security Boulevard.

CISO 117

CISO 117

The Hacker News

JULY 19, 2024

Two Russian nationals have pleaded guilty in a U.S. court for their participation as affiliates in the LockBit ransomware scheme and helping facilitate ransomware attacks across the world. The defendants include Ruslan Magomedovich Astamirov, 21, of Chechen Republic, and Mikhail Vasiliev, 34, a dual Canadian and Russian national of Bradford, Ontario.

Ransomware 104

Ransomware 104

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Affairs

JULY 19, 2024

Personal and health information of 12.9 million individuals was exposed in a ransomware attack on Australian digital prescription services provider MediSecure. MediSecure is a company that provides digital health solutions, particularly focusing on secure electronic prescription delivery services in Australia. In May, the company was forced to shut down its website and phone lines following a cyber attack, but it did not mention a ransomware attack.

Data breaches 101

Data breaches Unstructured Data Healthcare Identity Theft 101

The Hacker News

JULY 19, 2024

Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk. In the current cyber threat landscape, the protection of personal and corporate identities has become vital.

Cyber threats 101

Cyber threats Risk 101

Bleeping Computer

JULY 19, 2024

Two Russian nations have pleaded guilty to involvement in many LockBit ransomware attacks, which targeted victims worldwide and across the United States. [.

Ransomware 104

Ransomware 104

The Hacker News

JULY 19, 2024

Event Overview The "AI Leaders Spill Their Secrets" webinar, hosted by Sigma Computing, featured prominent AI experts sharing their experiences and strategies for success in the AI industry. The panel included Michael Ward from Sardine, Damon Bryan from Hyperfinity, and Stephen Hillian from Astronomer, moderated by Zalak Trivedi, Sigma Computing's Product Manager.

98

98

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Security Boulevard

JULY 19, 2024

A faulty software update by CrowdStrike knocked Microsoft Windows users off of their systems, resulting in global outages that rippled through a broad range of businesses, from airlines and banks to hospitals and payment systems. The post CrowdStrike Software Update Sparks Microsoft Outage, Global Chaos appeared first on Security Boulevard.

Software 96

Software Banking Cybersecurity Network Security 96

Penetration Testing

JULY 19, 2024

A critical crash error in CrowdStrike’s Falcon Sensor platform has caused widespread IT disruptions across the globe, affecting critical services like 911 call centers, airlines, banks, and major media outlets. Over the past 24... The post CrowdStrike Falcon Sensor Crash Triggers Global IT Outage, Emergency Patch Released appeared first on Cybersecurity News.

Banking 102

Banking Media Cybersecurity Penetration Testing 102

We Live Security

JULY 19, 2024

The widespread IT outage blamed on a faulty update to CrowdStrike software for Windows devices brings software updates into the spotlight. Here's why they matter for your cyber-defenses.

Software 96

Software 96

Security Affairs

JULY 19, 2024

Cisco has addressed a critical vulnerability that could allow attackers to add new root users to Security Email Gateway (SEG) appliances. Cisco fixed a critical vulnerability, tracked as CVE-2024-20401 (CVSS score 9.8), that could allow unauthenticated, remote attackers to add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances.

Passwords 94

Passwords Malware Software Hacking 94

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

We Live Security

JULY 19, 2024

If a software update process fails, it can lead to catastrophic consequences, as seen today with widespread blue screens of death blamed on a bad update by CrowdStrike

Cybersecurity 95

Cybersecurity Software 95

Bleeping Computer

JULY 19, 2024

MediSecure, an Australian prescription delivery service provider, revealed that roughly 12.9 million people had their personal and health information stolen in an April ransomware attack. [.

Ransomware 93

Ransomware 93

Penetration Testing

JULY 19, 2024

A recent update to CrowdStrike’s Falcon endpoint security software has resulted in widespread system crashes for Windows users across the globe. The incident, which occurred on July 19, 2024, was triggered by a configuration... The post CrowdStrike Reveals Technical Details of Update Causing Windows Systems Crash appeared first on Cybersecurity News.

Software 88

Software Cybersecurity Technology 88

NetSpi Executives

JULY 19, 2024

The CrowdStrike-Microsoft outage shines a light on striking a delicate balance between velocity, hygiene, and change management when it comes to rolling out software updates and patches. Over the past 24 hours, “the largest IT outage in history” disrupted businesses across the globe. Resulting from an issue with a CrowdStrike Falcon content update for Windows Hosts, the outage serves as a stark reminder of our dependency on technology – and the impact of downtime.

Software 92

Software Technology Risk Cybersecurity 92

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft