Mon.Jul 22, 2024

article thumbnail

CrowdStrike Disruption Restoration Is Taking Time

Data Breach Today

Microsoft's Tool Requires Physical Access, a 'Time-Consuming and Laborious Task' Microsoft's statement that a faulty CrowdStrike update affected less than 1% of active Windows systems doesn't tell the full story, since large organizations in critical sectors make up a disproportionate part of the user base, as the outages in healthcare, transportation and banking demonstrate.

Access 308
article thumbnail

SocGholish malware used to spread AsyncRAT malware

Security Affairs

The JavaScript downloader SocGholish (aka FakeUpdates) is being used to deliver the AsyncRAT and the legitimate open-source project BOINC. Huntress researchers observed the JavaScript downloader malware SocGholish (aka FakeUpdates ) that is being used to deliver remote access trojan AsyncRAT and the legitimate open-source project BOINC (Berkeley Open Infrastructure Network Computing Client).

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

E-Prescription Vendor Breach Affects 12.9 Million Aussies

Data Breach Today

MediSecure Data Theft Has an Impact on Nearly Half of Australia's Population Hackers stole sensitive information belonging to roughly half of Australia's population during an April ransomware attack against e-prescription firm MediSecure, which says it can't afford the incident's "significant" response costs. The company has announced its liquidation.

article thumbnail

EvilVideo, a Telegram Android zero-day allowed sending malicious APKs disguised as videos

Security Affairs

EvilVideo is a zero-day in the Telegram App for Android that allowed attackers to send malicious APK payloads disguised as videos. ESET researchers discovered a zero-day exploit named EvilVideo that targets the Telegram app for Android. The exploit was for sale on an underground forum from June 6, 2024, it allows attackers to share malicious Android payloads via Telegram, disguising them as multimedia files.

Sales 134
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Fake Websites, Phishing Appear in Wake of CrowdStrike Outage

Data Breach Today

Authorities Warn About Domains Targeting Victims Seeking to Restore Windows Devices Cybercriminals are exploiting the chaos created by the CrowdStrike outage by launching fake websites and phishing campaigns to trick victims into downloading malware or divulging sensitive information, according to the U.S. Cybersecurity and Infrastructure Security Agency and others experts.

Phishing 286

More Trending

article thumbnail

CrowdStrike's Response to Outage Will Minimize Lost Business

Data Breach Today

Technical Analysts Emphasize Need for Enhanced Security Testing, Quality Assurance CrowdStrike must enhance testing and validation procedures and address deficiencies in its current quality assurance processes to minimize attrition. CrowdStrike should conduct a technical retrospective to understand the root cause of the faulty software content update and make necessary changes.

Security 274
article thumbnail

The Pentagon Wants to Spend $141 Billion on a Doomsday Machine

WIRED Threat Level

The DOD wants to refurbish ICBM silos that give it the ability to end civilization. But these missiles are useless as weapons, and their other main purpose—attracting an enemy’s nuclear strikes—serves no end.

IT 119
article thumbnail

Microsoft Sees 8.5M Systems Hit by Faulty CrowdStrike Update

Data Breach Today

Cybersecurity Vendor Reports 'A Significant Number Are Back Online and Operational' Microsoft said the faulty update CrowdStrike pushed Friday to its Falcon endpoint detection and response software affected 8.5 million Windows hosts, leading to what appears to be the largest IT outage in history, causing numerous disruptions for healthcare, banking travel, public safety and more.

article thumbnail

Vulnerability Recap 7/22/24 – CrowdStrike Issue Is One of Many

eSecurity Planet

The failed CrowdStrike sensor update that affected Windows systems may have put those computers at risk, but this is just one potential vulnerability during an interesting week. SolarWinds recently patched 13 vulnerabilities, and Ivanti has fixed yet another flaw in its Endpoint Manager product. The CISA requires federal agencies to patch their instances of GeoServer by August 5, and Wiz recently reported on a major AI model training vulnerability.

Libraries 113
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Response and Remediation: How CIOs Reacted to IT Outage

Data Breach Today

CIOs Recommend Resilience Strategies in the Wake of Global CrowdStrike Outage Global CIOs said the fallout from the CrowdStrike outage could have been mitigated by investing in comprehensive data resilience that can help restore corrupted data through orchestrated recovery. It can help recover from disasters such as ransomware, data corruption and catastrophic events.

IT 247
article thumbnail

Phishing Attacks Will Likely Follow Last Week’s Global IT Outage

KnowBe4

Organizations should expect to see phishing attacks exploiting the global IT outage that occurred last Friday, the Business Post reports.

Phishing 114
article thumbnail

How to stop spam texts on your iPhone in 3 easy steps

Collaboration 2.0

It only takes one minute to remove one of the iPhone's most annoying traits: spam text messages. Here's how to stop them once and for all.

IT 98
article thumbnail

Snake Mimics a Spider

Schneier on Security

This is a fantastic video. It’s an Iranian spider-tailed horned viper ( Pseudocerastes urarachnoides ). Its tail looks like a spider, which the snake uses to fool passing birds looking for a meal.

IT 85
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

[Security Masterminds Podcast] Securing Software Over 50 Years: Reflections from an Industry Veteran

KnowBe4

Does the challenge of keeping up with cybersecurity trends sound familiar? You may have been told to update your antivirus software and hope for the best, only to find that your digital assets are still at risk.

article thumbnail

CrowdStrike’s Faulty Update Triggers Global Microsoft Outage

eSecurity Planet

A major tech disruption swept across the globe on July 19, as a widespread Microsoft outage crippled crucial services for businesses and individual users alike. The outage, which lasted for several hours, sent shockwaves through various sectors, causing significant delays, cancellations, and frustration. Airlines grounded flights as crucial check-in and flight management software malfunctioned, stranding passengers and throwing travel plans into disarray.

article thumbnail

New from Collibra AI Governacne: Introducing the public beta of ML Platform integrations

Collibra

If you’re reading this, you’re likely one of the multitudes of people that are eagerly building and deploying AI models to help streamline operations, reduce costs, and offer customers and employees new and personalized experiences. You’re also probably wondering how best to govern all of the AI use cases you and your organization are deploying. Easy answer?

article thumbnail

What caused the great CrowdStrike-Windows meltdown of 2024? History has the answer

Collaboration 2.0

When a trusted software provider delivers an update that causes PCs to immediately stop working across the world, chaos ensues. Last week's incident wasn't the first such event. Here's how to make sure it doesn't happen again.

IT 98
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Shielding Your Network: Preparing for a Quantum-Safe Future Now

Thales Cloud Protection & Licensing

Shielding Your Network: Preparing for a Quantum-Safe Future Now josh.pearson@t… Tue, 07/23/2024 - 07:00 Imagine a world where your most sensitive data and your most secure communications are suddenly vulnerable. That's the future risk with the rise of quantum computers. These powerful machines threaten to break the encryption algorithms that safeguard our data in transit.

article thumbnail

Forget Windows 11: Nobara Linux is the OS for everyone

Collaboration 2.0

If you've soured on Windows 11 and are looking for something that's more secure, reliable, customizable, and can serve as your gaming console, Nobara Linux might be it.

article thumbnail

AI and the Digital Humanities at CILIP Conference 2024

CILIP

AI and the Digital Humanities at CILIP Conference 2024 Photo of Mia Ridge, Digital Curator at the British Library Digital Curator at the British Library, Mia Ridge reflects on the ‘AI and the digital humanities’ session at CILIP Conference 2024. This article is featured on the CILIP AI Hub I was invited to chair a session on 'AI and the digital humanities' at CILIP's 2024 conference with Ciaran Talbot (Associate Director AI & Ideas Adoption, University of Manchester Library) and Glen Robson

article thumbnail

The best satellite phones of 2024: Expert tested and reviewed

Collaboration 2.0

I tested the best satellite phones and communicators from brands like Garmin and Motorola, which offer features like messaging, live tracking, and SOS capabilities.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Professional Registration: My Top 10 Tips

CILIP

My Top Ten Professional Registration tips By Marlène Rak, Subject Support Librarian at the University of the West of England. Professional Registration with CILIP provides you with the opportunity to demonstrate your abilities, knowledge and experience. Here Marlène Rak shares her top tips on how to make your own Chartership, Fellowship or Certification journey as straightforward as possible.

article thumbnail

Why don't more people use desktop Linux? I have a theory you might not like

Collaboration 2.0

There might be a very simple explanation for why the masses have yet to adopt Linux as their desktop operating system, which the open-source community won't like.

76
article thumbnail

Security Teams Lean Into AI As Cyber Worker Shortage Persists

The Security Ledger

Cybersecurity teams are turning to artificial intelligence to cover a gap in skilled cyber talent, a report from Code42 finds. The post Security Teams Lean Into AI As Cyber Worker Shortage Persists appeared first on The Security Ledger with Paul F. Roberts. Related Stories China Calls Out U.S. For Hacking. The Proof? TBD! Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk Episode 256: Recursive Pollution?

article thumbnail

Sign up for a Costco membership and get a $40 gift card for free. Here's how

Collaboration 2.0

Don't miss this rare Costco deal that gives you a $40 store card with your Gold Star membership purchase -- effectively cutting the price down to just $20. (I bought one and highly recommend it.

IT 72
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

7 Ways Visitor Management Answers Physical Security Challenges

HID Global

Your organization's front lobby likely faces common physical security challenges that can be easily addressed with an integrated visitor management solution.

article thumbnail

How 'bubbling' Android messages can simplify your text life

Collaboration 2.0

This hidden Google Messages feature is a game-changer for staying on top of important text message conversations. Here's how to enable it and why you should.

IT 75
article thumbnail

How to Prepare for Google Chrome’s Distrust of Entrust Certificates: A Comprehensive Guide for Enterprises

HID Global

This guide breaks down the changes to Google Chrome's Entrust certificates and provides ways enterprises can smoothly transition to a trusted SSL solution.

52