July 26, 2024 at 06:59PM CrowdStrike’s update caused widespread disruption, particularly in healthcare, with over half of the Health Information Sharing and Analysis Center affected. Recovery efforts continue, with only 18% fully recovered as of July 25. Microsoft released a USB Recovery Tool, but some systems, especially in healthcare, require manual intervention. The outage may … Read more
July 26, 2024 at 05:24PM Millions of Intel and ARM-based computing systems are vulnerable to attackers due to a leaked cryptographic key used in the Secure Boot process. The issue, dubbed “PKFail,” allows bypassing of Secure Boot and affects devices from vendors like Lenovo, HP, and Asus. Firmware updates are needed to address this widespread … Read more
July 26, 2024 at 04:55PM Researchers discovered a Python package called “lr-utils-lib” on PyPi, designed to target specific macOS machines and steal Google Cloud Platform credentials. The package conceals malicious code in its setup, posing as a legitimate package, and uses social engineering tactics. The campaign is unique due to its highly targeted nature, posing … Read more
July 26, 2024 at 04:47PM The CrowdStrike Falcon outage has led to estimated $5.4 billion in losses for Fortune 500 companies, with healthcare and banking being the most impacted financially. The transportation and airlines sector experienced 100% impact, with estimated $0.86 billion in losses. The report suggests focusing on mapping, managing, and assessing cloud-based service … Read more
July 26, 2024 at 03:37PM Cryptocurrency exchange Gemini experienced a data breach due to a cyberattack at its ACH service provider. A third-party breached the system, affecting customers’ banking information, including full names, bank account numbers, and routing numbers used for ACH fund transfers. The incident has been contained, and an investigation is ongoing. Recipients … Read more
July 26, 2024 at 03:08PM Google resolved a bug in Chrome’s Password Manager that caused user credentials to disappear for over 18 hours, affecting 2% of Windows users on Chrome 127. After fixing the issue and deploying a workaround, users were advised to restart their browser. If the fix didn’t apply, they were instructed to … Read more
July 26, 2024 at 02:53PM Debt collection agency FBCS has expanded the number of people affected by a February data breach to 4.2 million in the US. The breached data includes personal info such as SSN, account details, and more. New notifications have been sent out, warning of increased phishing risks, and offering free credit … Read more
July 26, 2024 at 02:44PM CrowdStrike’s recent Windows debacle caused a massive IT outage, impacting flights, healthcare, and 911 systems. The failure was traced to a “logic error” in a routine sensor configuration update, revealing testing shortcomings and inadequate initial response. The incident underscores the need for rigorous testing and fail-safe mechanisms when dealing with … Read more
July 26, 2024 at 02:34PM The US Department of Justice has unsealed an indictment of a North Korean military intelligence operative, Rom Jong Hyok, accused of carrying out ransomware attacks against US healthcare facilities, and funneling the ransom payments to other breaches globally. The hacking crew, Andariel, controlled by DPRK’s military intelligence agency, poses an … Read more
July 26, 2024 at 01:49PM Nvidia has embraced the generative AI revolution, utilizing large language models (LLMs) and internal AI applications. At Black Hat USA, Richard Harang will discuss lessons learned in securing these systems. Despite potential risks, securing AI systems is not inherently more difficult than traditional systems and requires essential security attributes. Additionally, … Read more