In this episode, host Tom Eston welcomes Dan DeCloss, founder and CTO of PlexTrac. They exchange insights about their history at Veracode and explore Dan’s journey in cybersecurity. Dan shares his experience in penetration testing, the origins of PlexTrac, and…
Tag: EN
North Korean Hackers Target USA Critical Infrastructure and Military Bases
North Korean hackers have been actively targeting critical infrastructure and military operations located in the USA. The hacker group Andariel, also known as APT45 and… The post North Korean Hackers Target USA Critical Infrastructure and Military Bases appeared first on…
Microsoft admits 8.5 million CrowdStruck machines estimate was lowballed
Promises to discourage use of kernel drivers – so they don’t crash the world again Microsoft has admitted that its estimate of 8.5 million machines crashed by CrowdStrike’s faulty software update was almost certainly too low, and vowed to reduce…
Gh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome Site
The remote access trojan known as Gh0st RAT has been observed being delivered by an “evasive dropper” called Gh0stGambit as part of a drive-by download scheme targeting Chinese-speaking Windows users. These infections stem from a fake website (“chrome-web[.]com”) serving malicious…
Google’s Password Bug Hits Millions: Cybersecurity Today for Monday, July 29, 2024
Google’s Password Bug Hits Millions & French Police Battle Malware – Cybersecurity Today In this episode of Cybersecurity Today, Jim Love covers Google’s recent apology after a bug caused the passwords of 15 million Chrome users to vanish. The episode…
How Software Updates Can Lead to Cyber Attacks
In the world of cybersecurity, software updates are a double-edged sword. On one hand, they are crucial for patching vulnerabilities, enhancing features, and improving overall system performance. On the other hand, if not managed properly, software updates can inadvertently create…
Belarus-linked APT Ghostwriter targeted Ukraine with PicassoLoader malware
Belarus-linked APT group GhostWriter targeted Ukrainian organizations with a malware family known as PicassoLoader, used to deliver various malicious payloads. The Ukrainian Government’s Computer Emergency Response Team (CERT-UA) reported a surge in activity associated with the APT group UAC-0057 (aka…
Fake Falcon crash reporter installer used to target German Crowdstrike users
CrowdStrike warns about a new threat actor targeting German customers by exploiting a recent issue with Falcon Sensor updates. On July 24, 2024, CrowdStrike experts identified a spear-phishing campaign targeting German customers by exploiting the recent issue with Falcon Sensor…
China ponders creating a national ‘cyberspace ID’
Because clearly it’s better for Beijing to know who you are than for every ISP and social service to keep its own records Beijing may soon issue “cyberspace IDs” to its citizens, after floating a proposal for the scheme last…
Microsoft CrowdStrike Software Update leading to Phishing Attacks
A couple weeks ago, an IT outage hit Microsoft Windows 10 and 11 servers shortly after CrowdStrike released a Falcon Sensors software update. Rather than resolving, the update transformed into a software bug , affecting over 8.2 million PCs and…
Enhancing threat detection for GenAI workloads with cloud attack emulation
Cloud GenAI workloads inherit pre-existing cloud security challenges, and security teams must proactively evolve innovative security countermeasures, including threat detection mechanisms. Traditional cloud threat detection Threat detection systems are designed to allow early detection of potential security breaches; usually, these…
Cirrus: Open-source Google Cloud forensic collection
Cirrus is an open-source Python-based tool designed to streamline Google Cloud forensic evidence collection. It can streamline environment access and evidence collection in investigations involving Google Workspace and GCP. The tool simplifies incident response activities and enhances an organization’s security…
The cost of cybersecurity burnout: Impact on performance and well-being
This article includes excerpts from recent reports we covered, providing statistics and insights into the levels of stress and burnout experienced by cybersecurity professionals. Most cybersecurity pros took time off due to mental health issues Hack The Box | Building…
Why a strong patch management strategy is essential for reducing business risk
In this Help Net Security interview, Eran Livne, Senior Director of Product Management, Endpoint Remediation at Qualys and Thomas Scheffler, Security Operations Manager of Cintas Corporation, discuss their experiences with automated patch management. Scheffler details how Cintas transitioned from manual…
The gap between business confidence and cyber resiliency
In this Help Net Security video, Jim Liddle, Nasuni’s Chief Innovation Officer, discusses the findings of its new 2024 industry research report, The Era of Hybrid Cloud Storage. Key takeaways: Cloud strategies are at the forefront of enterprise success. Enterprises…
Whitepaper: DevSecOps Blueprint
In the DevSecOps Blueprint whitepaper, GitGuardian outlines a robust foundation for building an automated and technology-driven DevSecOps Program that addresses every aspect of the SDLC. Learn how your organization can embed security at every layer: the tools and technologies, the…
ISC Stormcast For Monday, July 29th, 2024 https://isc.sans.edu/podcastdetail/9072, (Mon, Jul 29th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, July 29th, 2024…
Secure Boot useless on hundreds of PCs from major vendors after key leak
Plus: More stalkerware exposure; a $16M TracFone fine; Ransomware victims don’t use MFA, and more Infosec in brief Protecting computers’ BIOS and the boot process is essential for modern security – but knowing it’s important isn’t the same as actually…

Quickie: Password Cracking & Energy, (Sun, Jul 28th)
When Johannes talked about my diary entry “Protected OOXML Spreadsheets” on his StormCast podcast, he mentioned that I privately shared data on the power consumption of my desktop with a NVIDIA GeForce RTX 3080 GPU when running Hashcat. This article…
CrowdStrike Outage Themed Maldoc, (Mon, Jul 29th)
I found a malicious Word document with VBA code using the CrowdStrike outage for social engineering purposes. It's an .ASD file (AutoRecover file). My tool oledump.py can analyze it: This article has been indexed from SANS Internet Storm Center, InfoCON:…