CISA’s red team acted like a nation-state attacker in its assessment of a federal agency’s cybersecurity. Plus, the Cloud Security Alliance has given its cloud security guidance a major revamping. Meanwhile, a Google report puts a spotlight on insecure credentials. And the latest on open source security, CIS Benchmarks and much more! Dive into six…
Read More
A faulty component in the latest CrowdStrike Falcon update is crashing Windows systems, impacting various organizations and services across the world, including airports, TV stations, and hospitals. The glitch is affecting Windows workstations and servers, with users reporting massive outages that took offline entire companies and fleets of hundreds of thousands of computers. According to…
Read More
Two Russian nations have pleaded guilty to involvement in many LockBit ransomware attacks, which targeted victims worldwide and across the United States. According to a Justice Department press release on Thursday, Russian national Ruslan Magomedovich Astamirov and Canadian/Russian national Mikhail Vasiliev were both affiliates of LockBit’s ransomware-as-a-service operation. LockBit affiliates like Vasiliev and Astamirov would…
Read More
Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk. In the current cyber threat landscape, the protection of personal…
Read More
CrowdStrike has admitted to pushing out a bad software update, causing many Windows machines running the affected software to crash. The problem, apparently affecting its Falcon platform, brought down servers at airlines, locked up computers at banks, and hurt healthcare services. “CrowdStrike is actively working with customers impacted by a defect found in a single…
Read More
Jul 19, 2024The Hacker NewsMalware / Mobile Security A suspected pro-Houthi threat group targeted at least three humanitarian organizations in Yemen with Android spyware designed to harvest sensitive information. These attacks, attributed to an activity cluster codenamed OilAlpha, entail a new set of malicious mobile apps that come with their own supporting infrastructure, Recorded Future’s…
Read More
The test is known in cybersecurity circles as Red Team vs. Blue Team, and this year nearly 4,000 people are taking part. The team here in Spain is “played” by around 200 experts made up of 40% military personnel from the MCCE, Land, Sea and Air, who are supported by soldiers from Portugal, Brazil and Chile; and…
Read More
Microsoft says an Azure configuration change caused a major Microsoft 365 outage on Thursday, affecting customers across the Central US region. This massive outage started around 6:00 PM EST and prevented users from accessing various Microsoft 365 apps and services. The list of services impacted by the outage includes Microsoft Defender, Intune, Teams, PowerBI, Fabric,…
Read More
Malware research involves studying threat actor TTPs, mapping infrastructure, analyzing novel techniques… And while most of these investigations build on existing research, sometimes they start from a hunch, something that looks too simple. At the end of 2023, we stumbled upon an installer named HotPage.exe that deploys a driver capable of injecting code into remote…
Read More
Jul 19, 2024The Hacker NewsTechnology / Artificial Intelligence Event Overview The “AI Leaders Spill Their Secrets” webinar, hosted by Sigma Computing, featured prominent AI experts sharing their experiences and strategies for success in the AI industry. The panel included Michael Ward from Sardine, Damon Bryan from Hyperfinity, and Stephen Hillian from Astronomer, moderated by Zalak…
Read More