DarkReading.com

"CrowdStrike 'updates' deliver malware & more as attacks snowball."

Views expressed in this cybersecurity, cyber espionage, and cyber crime update are those of the reporters and correspondents.  Accessed on 27 July 2024, 1334 UTC

Content and Source:  www.darkreading.com.

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

 

Dark Reading

154K followers48 articles per week#security#tech

31

Most popular

CrowdStrike 'Updates' Deliver Malware & More as Attacks Snowball

IoC > 3 domains

•

33by Nate Nelson, Contributing Writer / 1d

•

3 TTPs

•

CrowdStrike outage sparks cybercrime surge

The fake updates are part of a phishing and fraud surge that is both more voluminous and more targeted that the usual activity around national news stories.

Feds Warn of North Korean Cyberattacks on US Critical Infrastructure

15 TTPs

•

23by Jai Vijayan, Contributing Writer / 1d

The Andariel group is targeting critical defense, aerospace, nuclear, and engineering companies for data theft, the FBI, NSA, and others said.

Security Firm Accidentally Hires North Korean Hacker, Did Not KnowBe4

KnowBe4 hires North Korean hacker

•

by Elizabeth Montalbano, Contributing Writer / 1d

A software engineer hired for an internal IT AI team immediately became an insider threat by loading malware onto his workstation.

Yesterday

China-Backed Phishing Attack Targets India Postal System Users

3 TTPs

•

by Nathan Eddy, Contributing Writer / 9h

•

Chinese phishing group targets iPhone users

A large text-message phishing attack campaign attributed to the China-based Smishing Triad employs malicious iMessages.

Companies Struggle to Recover From CrowdStrike's Crippling Falcon Update

CrowdStrike update causes global outage

•

by Robert Lemos, Contributing Writer / 14h

The cybersecurity firm says that 97% of sensors are back online, but some organizations continue to recover with costs tallied at $5.4 billion for the Fortune 500 alone.

Millions of Devices Vulnerable to 'PKFail' Secure Boot Bypass Issue

2 TTPs

•

by Jai Vijayan, Contributing Writer / 16h

Several vendors for consumer and enterprise PCs share a compromised crypto key that should never have been on the devices in the first place.

Targeted PyPi Package Steals Google Cloud Credentials from macOS Devs

7 TTPs

•

by Nate Nelson, Contributing Writer / 16h

The campaign is laser-targeted, bucking the trend of "spray-and-pray" malicious open source packages turning up in code repositories seemingly every other day.

CrowdStrike Outage Losses Estimated at a Staggering $5.4B

CrowdStrike outage prompts phishing

•

by Dark Reading Staff / 16h

Researchers track the healthcare sector as experiencing the biggest financial losses, with banking and transportation following close behind.

US Offers $10M Reward for Information on North Korean Hacker

6 TTPs

•

by Dark Reading Staff / 19h

•

North Korean man indicted for hacking

The individual is part of a DPRK-backed group known as Andariel, which is known for using the 'Maui' ransomware strain to target and extort healthcare entities.

Nvidia Embraces LLMs & Commonsense Cybersecurity Strategy

by Robert Lemos, Contributing Writer / 19h

Nvidia doesn't just make the chips that accelerate a lot of AI applications — the company regularly creates and uses its own large language models, too.

Could Intel Have Fixed Spectre & Meltdown Bugs Earlier?

by Agam Shah, Contributing Writer / 23h

Intel works closely with academic researchers on hardware flaws and coordinates efforts with other vendors to roll out fixes for emerging vulnerabilities. That wasn't always the case.

Distributing Security Responsibilities (Responsibly)

by Lenny Zeltser / 23h

Outlining the wider organization's proactive role in fortifying the security program allows the security team to focus on the most pressing issues that only they can solve.

Mimecast Joins Human Risk Management Fray With Code42 Deal

Mimecast launches HRM platform cybersecurity

•

by Jeffrey Schwartz, Contributing Writer / 1d

Mimecast's acquisition of Code42 helps the company move into insider risk management, joining key rival Proofpoint and others in the space.

Jul 25, 2024

Microsoft's Internet Explorer Gets Revived to Lure in Windows Victims

4 TTPs

•

by Dark Reading Staff / 1d

Though IE was officially retired in June 2022, the vulnerability ramped up in January 2023 and has been going strong since.

Unexpected Lessons Learned From the CrowdStrike Event

by Chip Stewart / 1d

How your organization can leverage the disruptive CrowdStrike update to become more resilient.

Is Our Water Safe to Drink? Securing Our Critical Infrastructure

by Christopher Walcutt / 1d

Our critical systems can be protected from looming threats by embracing a proactive approach, investing in education, and fostering collaboration between IT and OT professionals.

Google Will Not Remove Third-Party Cookies From Chrome

Google keeps third-party cookies

•

by Dark Reading Staff / 2d

Cookies aren't going away, after all. After years of saying it will do so, Google has decided to not remove third-party cookies from Chrome.

Jul 24, 2024

Zest Security Aims to Resolve Cloud Risks

by Dark Reading Staff / 2d

Cybersecurity startup Zest Security emerged from stealth with an AI-powered cloud risk resolution platform to reduce time from discovery to remediation.

Pro-Palestinian Actor Levels 6-Day DDoS Attack on UAE Bank

2 TTPs

•

by Robert Lemos, Contributing Writer / 2d

DDoS cyberattack campaign averaged 4.5 million requests per second, putting the bank under attack 70% of the time.

Small Businesses Need Default Security in Products Now

by Robert Lemos, Contributing Writer / 2d

Small businesses are increasingly being targeted by cyberattackers. Why, then, are security features priced at a premium?

Fighting Third-Party Risk With Threat Intelligence

by George V. Hulme, Contributing Writer / 2d

With every new third-party provider and partner, an organization's attack surface grows. How, then, do enterprises use threat intelligence to enhance their third-party risk management efforts?

'Stargazer Goblin' Amasses Rogue GitHub Accounts to Spread Malware

4 TTPs

•

by Jai Vijayan, Contributing Writer / 2d

•

Ghost network spreads malware on GitHub

The threat group uses its "Stargazers Ghost Network" to star, fork, and watch malicious repos to make them seem legitimate, all to distribute a variety of notorious information-stealers-as-a-service.

Cyberattackers Exploit Microsoft SmartScreen Bug in Stealer Campaign

9 TTPs

•

by Nate Nelson, Contributing Writer / 2d

The good news: Only organizations far behind on standard Windows patching have anything to worry about.

Hamster Kombat Players Threatened by Spyware & Infostealers

by Dark Reading Staff / 2d

Players can only access the game by first joining its Telegram channel, with some going astray in copycat channels with hidden malware.

CrowdStrike Blames Crash on Buggy Security Content Update

by Elizabeth Montalbano, Contributing Writer / 2d

CrowdStrike vows to provide customers with greater control over the delivery of future content updates by allowing granular selection of when and where these updates are deployed.

Navigating the Complex Landscape of Web Browser Security

by Mike Walters / 2d

The more we use the cloud, the more maintaining browser security becomes crucial.

Jul 23, 2024

Russia Adjusts Cyber Strategy for the Long Haul in War With Ukraine

by Dark Reading Staff / 3d

Russia has cast aside its focus on civilian infrastructures and is instead targeting Ukraine's military operations in myriad ways.

China's 'Evasive Panda' APT Spies on Taiwan Targets Across Platforms

by Nate Nelson, Contributing Writer / 3d

The cohort's variety of individual tools covers just about any operating system it could possibly wish to attack.

Goodbye? Attackers Can Bypass 'Windows Hello' Strong Authentication

4 TTPs

•

39by Jeffrey Schwartz, Contributing Writer / 3d

Accenture researcher undercut WHfB's default authentication using open source Evilginx adversary-in-the-middle (AitM) reverse-proxy attack framework.

Sprawling CrowdStrike Incident Mitigation Showcases Resilience Gaps

CrowdStrike incident impacts 8.5m devices

•

by Jai Vijayan, Contributing Writer / 3d

A painful recovery from arguably one of the worst IT outages ever continues, and the focus is shifting to what can be done to prevent something similar from happening again.

Attackers Exploit 'EvilVideo' Telegram Zero-Day to Hide Malware

Telegram Android vulnerability EvilVideo

•

by Elizabeth Montalbano, Contributing Writer / 3d

An exploit sold on an underground forum requires user action to download an unspecified malicious payload.

End of feed