π Beyond the blue screen of death: Why software updates matter π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
The widespread IT outages triggered by a faulty CrowdStrike update have put software updates in the spotlight. Heres why you shouldnt dread them.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
Beyond the blue screen of death: Why you shouldnβt dread software updates
The widespread IT outage blamed on a faulty update to CrowdStrike software for Windows devices brings software updates into the spotlight. Here's why they matter for your cyber-defenses.
π The complexities of cybersecurity update processes π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
If a software update process fails, it can lead to catastrophic consequences, as seen today with widespread blue screens of death blamed on a bad update by CrowdStrike.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
The complexities of cybersecurity update processes
If the software update process fails, it can lead to catastrophic consequences, as seen today with widespread blue screens of death blamed on a bad update by CrowdStrike
π1
ποΈ Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity firm CrowdStrike, which is facing the heat for causing worldwide IT disruptions by pushing out a flawed update to Windows devices, is now warning that threat actors are exploiting the situation to distribute Remcos RAT to its customers in Latin America under the guise of a providing a hotfix. The attack chains involve distributing a ZIP archive file named "crowdstrikehotfix.zip,".π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1
π¦
Threat Actors Exploit Recent CrowdStrike Outage to Ramp Up Suspicious Domain Creation π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
On July 19th, 2024, CrowdStrike, a leading cybersecurity provider of advanced endpoint security detection and protection solutions, released a sensor configuration update to Windows systems. This update contained a logic error that resulted in system crashes and Blue Screen of Death BSOD incidents. The faulty software update caused widespread disruptions on Friday, affecting critical services in banks, airlines, hospitals, stock markets, and IT industries globally. On July 20th,2024, CrowdStrike released technical details explaining that a logic error in a channel file caused the BSOD. This buggy channel file was designed to detect newly observed malicious named pipes for identifying standard C2 Command and Control frameworks in cyberattacks. CrowdStrike also mentioned conducting a...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
π’ UK police arrest teen in connection with MGM Resorts hack π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The unnamed teenager is believed to be part of the Scattered Spider gang, responsible for more than 100 attacks.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
UK police arrest teen in connection with MGM Resorts hack
The unnamed teenager is believed to be part of the Scattered Spider gang, responsible for more than 100 attacks
π’ AI will change the face of cyber security - hereβs how businesses can prepare π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
AI promises to be a doubleedged sword, bringing new threats and new solutions to businesses.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
AI will change the face of cyber security - hereβs how businesses can prepare
AI promises to be a double-edged sword, bringing new threats and new solutions to businesses
π’ DDoS attacks have doubled so far in 2024 π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Research on DDoS attacks from Imperva identified two new major application layer attack vectors, while DNS attacks have skyrocketed.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
DDoS attacks have doubled so far in 2024
Research on DDoS attacks from Imperva identified two new major application layer attack vectors, while DNS attacks have skyrocketed
π’ CISA breached a federal agency as part of its red team program β and nobody noticed for five months π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
A red team assessment performed by CISA on an unnamed federal agency found a series of critical security weaknesses.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
CISA breached a federal agency as part of its red team program β and nobody noticed for five months
A red team assessment performed by CISA on an unnamed federal agency found a series of critical security weaknesses
π΅οΈββοΈ Kaspersky Is an Unacceptable Risk Threatening the Nation's Cyber Defense π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
As geopolitical tensions rise, foreign software presents a grave supply chain risk and an ideal attack vector for nationstate adversaries.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Kaspersky Is an Unacceptable Risk Threatening the US's Cyber Defense
As geopolitical tensions rise, foreign software presents a grave supply chain risk and an ideal attack vector for nation state adversaries.
π΅οΈββοΈ Chinese Forced-Labor Ring Sponsors Football Clubs, Hides Behind Stealth Tech π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
An illegal gambling empire fueled by modernday slavery is being propped up by highprofile sponsorships and defended with sophisticated antidetection software.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Chinese Crime Ring Hides Behind Stealth Tech and Soccer
An illegal gambling empire fueled by modern-day slavery is being propped up by high-profile sponsorships β and defended with sophisticated anti-detection software.
π΅οΈββοΈ Fallout From Faulty Friday CrowdStrike Update Persists π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Historic IT outage expected to spur regulatory scrutiny, soulsearching over "monoculture" of IT infrastructure and cyberattack threats.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Fallout From Faulty Friday CrowdStrike Update Persists
Historic IT outage expected to spur regulatory scrutiny, soul-searching over "monoculture" of IT infrastructure - and cyberattack threats.
π΅οΈββοΈ Under-Resourced Maintainers Pose Risk to Africa's Open Source Push π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Many nations see open source software as a great equalizer, giving the Global South the tools necessary for sustainable development. But recent supply chain attacks highlight the need for security.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Under-Resourced Maintainers Pose Risk to Africa's Open Source Push
Many nations see open source software as a great equalizer, giving the Global South the tools necessary for sustainable development. But recent supply chain attacks highlight the need for security.
π¦Ώ CrowdStrike Outage Disrupts Microsoft Systems Worldwide π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Airports and law enforcement agencies were among the organizations hit by the Blue Screen of Death. CrowdStrike said the error has been fixed.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
CrowdStrike: Buggy Validator Started Massive Outage
A bug in the Content Validator, part of CrowdStrike's deployment process, allowed an error through, the security company revealed on July 24.
π¦Ώ Get a Lifetime Subscription of FastestVPN for just $40 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
In the market for a new VPN? The toprated FastestVPN has been reduced to just 39.99 for a lifetime subscription at TechRepublic Academy.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Price Drop: Get a Lifetime Subscription of FastestVPN for just $25
In the market for a new VPN? The top-rated FastestVPN has been reduced to just $24.97 for a lifetime subscription at TechRepublic Academy.
π¦Ώ Surfshark vs CyberGhost (2024): Which VPN Is Better? π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Which VPN is better, Surfshark or CyberGhost? Compare these VPNs with our guide and find out which one is best for you.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Surfshark vs CyberGhost (2024): Which VPN Is Better?
Which VPN is better, Surfshark or CyberGhost? Compare these VPNs with our guide and find out which one is best for you.
π I2P 2.6.0 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
I2P is an anonymizing network, offering a simple layer that identitysensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π Logwatch 7.11 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
ποΈ Experts Uncover Chinese Cybercrime Network Behind Gambling and Human Trafficking ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The relationship between various TDSs and DNS associated with Vigorish Viper and the final landing experience for the user A Chinese organized crime syndicate with links to money laundering and human trafficking across Southeast Asia has been using an advanced "technology suite" that runs the whole cybercrime supply chain spectrum to spearhead its operations. Infoblox is tracking the proprietor.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A Latin America LATAMbased financially motivated actor codenamed FLUXROOT has been observed leveraging Google Cloud serverless projects to orchestrate credential phishing activity, highlighting the abuse of the cloud computing model for malicious purposes. "Serverless architectures are attractive to developers and enterprises for their flexibility, cost effectiveness, and ease of use," Google.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ How to Set up an Automated SMS Analysis Service with AI in Tines ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The opportunities to use AI in workflow automation are many and varied, but one of the simplest ways to use AI to save time and enhance your organizations security posture is by building an automated SMS analysis service. Workflow automation platform Tines provides a good example of how to do it. The vendor recently released their first native AI features, and security teams have already.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ MSPs & MSSPs: How to Increase Engagement with Your Cybersecurity Clients Through vCISO Reporting ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, Your First 100 Days as a vCISO 5 Steps to Success, which covers all the phases entailed in launching a successful vCISO engagement, along with recommended.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity