Trustwave-Cybereason Merger Boost MDR Portfolio

November 14, 2024 at 07:40AM Managed services provider Trustwave and endpoint detection firm Cybereason have announced a merger to enhance integrated cybersecurity solutions. They will operate independently while strategically collaborating on a comprehensive service portfolio. Focus areas include client consulting and threat detection AI. The merger is set to close in early 2025. ### Meeting … Read more

Zero-Days Wins the Prize for Most Exploited Vulns

November 13, 2024 at 05:36PM The Cybersecurity and Infrastructure Security Agency’s report reveals that zero-day vulnerabilities were the most exploited in 2023, a shift from 2022. Key exploits stemmed from Citrix and Cisco. CISA recommends organizations enhance defenses with EDR, web application firewalls, and network tools to mitigate ongoing risks. ### Meeting Takeaways 1. **CISA … Read more

SOC Around the Clock: World Tour Survey Findings

November 4, 2024 at 10:39PM SOC teams aim to enhance cybersecurity by breaking data silos and integrating tools into a unified platform, leveraging AI for faster threat response. Key technologies to explore include AI, zero-trust architectures, and identity management. Utilizing managed services can optimize resources, while a comprehensive platform approach ensures effective risk mitigation and … Read more

Ivanti warns of three more CSA zero-days exploited in attacks

October 8, 2024 at 12:12PM Ivanti released security updates to address three new Cloud Services Appliance (CSA) zero-day vulnerabilities being actively exploited. These flaws impact CSA 5.0.1 and earlier, with the company advising affected customers to upgrade to version 5.0.2 and monitor for signs of compromise. Ivanti pledged a focus on Secure by Design and … Read more

RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software

September 10, 2024 at 02:31PM The RansomHub ransomware gang has utilized TDSSKiller, a legitimate tool from Kaspersky, to neutralize endpoint detection and response (EDR) services on target systems. Based on the meeting notes, it appears that the RansomHub ransomware gang has been utilizing TDSSKiller, a legitimate tool from Kaspersky, to bypass endpoint detection and response … Read more

CrowdStrike Blames Crash on Buggy Security Content Update

July 24, 2024 at 10:36AM CrowdStrike’s faulty security content configuration update for their Falcon sensor caused a global incident last Friday, impacting global IT teams, and disrupting business continuity. The update, designed to provide new security content to its software, triggered a Windows operating system crash. CrowdStrike released a preliminary Post Incident Review, apologized for … Read more

Buggy CrowdStrike EDR Update Crashes Windows Systems Worldwide

July 19, 2024 at 01:11PM This morning, a defective update to CrowdStrike Falcon Sensor caused widespread IT outages, resulting in disruptions to businesses, airlines, healthcare providers, banks, and more. The update caused Windows-based systems to crash due to a bug in the Memory Scanning prevention policy. The severity of the impact led to flight cancellations, … Read more

Dallas County: Data of 200,000 exposed in 2023 ransomware attack

July 11, 2024 at 01:18PM Dallas County recently notified over 200,000 individuals of a Play ransomware attack in October 2023, which exposed their personal data. The attack led to the exposure of various sensitive information including names, social security numbers, and medical data. Dallas is taking steps to strengthen its cybersecurity following a series of … Read more

J&J Spin-Off CISO on Maximizing Cybersecurity

April 26, 2024 at 08:37AM Mike Wagner, the former information security professional at Johnson & Johnson, transitioned to become the first CISO of J&J’s spin-off Kenvue. He aimed to create a streamlined, cost-effective security architecture using key roles and incorporating machine learning and AI. Wagner’s team also determined which J&J cybersecurity tools and processes to … Read more

LockBit 3.0 Variant Generates Custom, Self-Propagating Malware

April 16, 2024 at 09:47AM The LockBit ransomware group launched a sophisticated attack in West Africa using a leaked variant of LockBit 3.0. Kaspersky discovered this new variant and flagged its ability to generate custom, self-propagating ransomware. The attack involved using leaked privileged credentials and affected multiple systems. Organizations are advised to take preventive measures … Read more