This should be the last security wake-up calls for organizations. This article has been indexed from Latest news Read the original article: Who needs ransomware when a faulty software update can shut down critical infrastructure?
Tag: EN
Linx emerges from stealth with $33M to lock down the new security perimeter: Identity
Identity management is one of the most common fulcrums around which security breaches have pivoted in the last several years, and one of the main reasons it’s the gift that keeps on giving to malicious hackers is that it’s a…
EU gave CrowdStrike the keys to the Windows kernel, claims Microsoft
Was a 2009 directive on interoperability to blame? Did the EU force Microsoft to let third parties like CrowdStrike run riot in the Windows kernel as a result of a 2009 undertaking? This is the implication being peddled by the…
Heeler Security raises $8.5 million to boost application security
Heeler Security announced the successful closing of an $8.5 million Seed Series funding round, led by Norwest Venture Partners with significant participation from Storm Ventures. “Application security requires a new approach that focuses on runtime visibility and that’s exactly what…
PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing
A Latin America (LATAM)-based financially motivated actor codenamed FLUXROOT has been observed leveraging Google Cloud serverless projects to orchestrate credential phishing activity, highlighting the abuse of the cloud computing model for malicious purposes. “Serverless architectures are attractive to developers and…
India’s Largest Cryptocurrency Exchange WazirX Hacked: $234.9 Million Stolen
India’s largest cryptocurrency exchange WazirX launches bug bounty program “to help recover the stolen funds” as cybercriminals stole… This article has been indexed from Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News Read the original article: India’s Largest Cryptocurrency…
Pioneering the New Frontier in AI Consumer Protection and Cyber Defense
In a groundbreaking move, the first state in the U.S. has passed comprehensive legislation aimed at protecting consumers from the potential risks associated with AI. The new Utah Artificial Intelligence… The post Pioneering the New Frontier in AI Consumer Protection…
Two Russians sanctioned over cyberattacks on US critical infrastructure
Supposed hacktivist efforts previously linked to the Kremlin’s GRU Flying under the radar on Clownstrike day last week, two members of the Cyber Army of Russia Reborn (CARR) hacktivist crew are the latest additions to the US sanctions list.… This…
Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update
By now, most people are aware of – or have been personally affected by – the largest IT outage the world have ever witnessed, courtesy of a defective update for Crowdstrike Falcon Sensors that threw Windows hosts into a blue-screen-of-death…
CrowdStrike: Key Perspectives on the IT Outage
As experts are now also warning of possible further risks as criminals seek to exploit the IT issues, I am commenting about key steps to be taken strategically to ensure that this situation and ‘harm’ does not impact the customers…
Hackers Claim Breach of Daikin: 40 GB of Confidential Data Exposed
Daikin, the world’s largest air conditioner manufacturer, has become the latest target of the notorious Meow hacking group. The USA branch of Daikin has been listed as a victim, with hackers demanding a ransom of $40,000. The incident has raised…
What caused the great CrowdStrike-Windows meltdown of 2024? History has the answer
When a trusted software provider delivers an update that causes PCs to immediately stop working across the world, chaos ensues. Last week’s incident wasn’t the first such event. Here’s how to make sure it doesn’t happen again. This article has…
SocGholish malware used to spread AsyncRAT malware
The JavaScript downloader SocGholish (aka FakeUpdates) is being used to deliver the AsyncRAT and the legitimate open-source project BOINC. Huntress researchers observed the JavaScript downloader malware SocGholish (aka FakeUpdates) that is being used to deliver remote access trojan AsyncRAT and…
Application Security Startup Heeler Raises $8.5 Million in Seed Funding
Heeler Security has raised $8.5 million in seed funding for its ProductDNA application security technology. The post Application Security Startup Heeler Raises $8.5 Million in Seed Funding appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed…
MSPs & MSSPs: How to Increase Engagement with Your Cybersecurity Clients Through vCISO Reporting
As a vCISO, you are responsible for your client’s cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, “Your First 100 Days as a vCISO –…
How to Set up an Automated SMS Analysis Service with AI in Tines
The opportunities to use AI in workflow automation are many and varied, but one of the simplest ways to use AI to save time and enhance your organization’s security posture is by building an automated SMS analysis service. Workflow automation…
Emojis Are To Express Emotions, But CyberCriminals For Attacks
There are 3,664 emojis that can be used to express emotions, ideas, or objects in digital communication. While seemingly harmless, criminals are increasingly exploiting emojis for covert communication in illegal activities. This allows them to conduct transactions and target victims…
The Pentagon Wants to Spend $141 Billion on a Doomsday Machine
The DOD wants to refurbish ICBM silos that give it the ability to end civilization. But these missiles are useless as weapons, and their other main purpose—attracting an enemy’s nuclear strikes—serves no end. This article has been indexed from Security…
Snake Mimics a Spider
This is a fantastic video. It’s an Iranian spider-tailed horned viper (Pseudocerastes urarachnoides). Its tail looks like a spider, which the snake uses to fool passing birds looking for a meal. This article has been indexed from Schneier on Security…
Beware Of Fake Browser Updates That Installs Malicious BOINC Infrastructre
SocGholish malware, also known as FakeUpdates, has exhibited new behavior since July 4th, 2024, as the infection chain still begins with a compromised website prompting a fake browser update. Downloading the update triggers malicious code that fetches additional malware. Unlike…