July 24, 2024 at 10:36AM CrowdStrike’s faulty security content configuration update for their Falcon sensor caused a global incident last Friday, impacting global IT teams, and disrupting business continuity. The update, designed to provide new security content to its software, triggered a Windows operating system crash. CrowdStrike released a preliminary Post Incident Review, apologized for … Read more
July 19, 2024 at 01:11PM This morning, a defective update to CrowdStrike Falcon Sensor caused widespread IT outages, resulting in disruptions to businesses, airlines, healthcare providers, banks, and more. The update caused Windows-based systems to crash due to a bug in the Memory Scanning prevention policy. The severity of the impact led to flight cancellations, … Read more
July 11, 2024 at 01:18PM Dallas County recently notified over 200,000 individuals of a Play ransomware attack in October 2023, which exposed their personal data. The attack led to the exposure of various sensitive information including names, social security numbers, and medical data. Dallas is taking steps to strengthen its cybersecurity following a series of … Read more
April 26, 2024 at 08:37AM Mike Wagner, the former information security professional at Johnson & Johnson, transitioned to become the first CISO of J&J’s spin-off Kenvue. He aimed to create a streamlined, cost-effective security architecture using key roles and incorporating machine learning and AI. Wagner’s team also determined which J&J cybersecurity tools and processes to … Read more
April 16, 2024 at 09:47AM The LockBit ransomware group launched a sophisticated attack in West Africa using a leaked variant of LockBit 3.0. Kaspersky discovered this new variant and flagged its ability to generate custom, self-propagating ransomware. The attack involved using leaked privileged credentials and affected multiple systems. Organizations are advised to take preventive measures … Read more
January 4, 2024 at 08:37PM Threat actor UNC-0050, known for targeting Ukrainian organizations with RemcosRAT, is back with a new tactic using anonymous pipes to transfer data covertly. The group’s latest campaign aims at Ukrainian government entities, posing a significant risk to Windows-reliant sectors. Uptycs researchers highlighted the group’s politically motivated activities and state the … Read more
October 26, 2023 at 10:39AM Japanese watchmaker Seiko has confirmed a data breach caused by a ransomware attack that occurred a few months ago. The attack resulted in the compromise of customer, business partner, and employee data. The ransomware group, BlackCat and ALPHV, claimed responsibility for the attack and leaked over 2TB of information when … Read more
October 25, 2023 at 11:15AM A new project presented at the SecurityWeek ICS Cybersecurity Conference aims to assist PLC programmers in implementing secure coding practices. The project analyzes and catalogues useful files and functions from different PLC vendors to provide easy-to-digest information on vendor-specific secure coding practices. Currently, the project covers products from Schneider Electric, … Read more
October 18, 2023 at 10:07AM Creating a culture of cybersecurity requires more than just technology and skilled resources. It starts at the top, with leadership understanding and investing in cybersecurity. Demonstrating the importance of cybersecurity through communication and engagement with employees is essential. Educating employees and regularly testing their knowledge is also crucial. Ultimately, the … Read more