[
News
|
Newsletters
|
Blogs
|
Reddits
|
Lists
|
Media
|
Jobs
]
HoneyDB
DarkReading
China-Backed Phishing Attack Targets India Postal System Users
Millions of Devices Vulnerable to 'PKFail' Secure Boot Bypass Issue
CrowdStrike Outage Losses Estimated at a Staggering $5.4B
Targeted PyPi Package Steals Google Cloud Credentials from macOS Devs
Companies Struggle to Recover From CrowdStrike's Crippling Falcon Update
US Offers $10M Reward for Information on North Korean Hacker
Nvidia Embraces LLMs & Commonsense Cybersecurity Strategy
Distributing Security Responsibilities (Responsibly)
Could Intel Have Fixed Spectre & Meltdown Bugs Earlier?
Mimecast Joins Human Risk Management Fray With Code42 Deal
Ars Technica
97% of CrowdStrike systems are back online; Microsoft suggests Windows changes
At the Olympics, AI is watching you
Hang out with Ars in San Jose and DC this fall for two infrastructure events
Google claims math breakthrough with proof-solving AI models
OpenAI hits Google where it hurts with new SearchGPT prototype
Chrome will now prompt some users to send passwords for suspicious files
Secure Boot is completely broken on 200+ models from 5 big device makers
We made a cat drink a beer with Runway’s AI video generator, and it sprouted hands
CrowdStrike blames testing bugs for security update that took down 8.5M Windows PCs
Elon Musk claims he is training “the world’s most powerful AI by every metric”
CyberScoop
Senate Intel chair warns confluence of factors make election threats worse
North Korean hacker used hospital ransomware attacks to fund espionage
Banking, oil and IT industry reps call on Congress to harmonize cyber regulations … again
North Korean hacking group makes waves to gain Mandiant, FBI spotlight
Cyber firm KnowBe4 hired a fake IT worker from North Korea
Cyberattacks may follow CrowdStrike outage, warns MS-ISAC
Low-level cybercriminals are pouncing on CrowdStrike-connected outage
Simple ‘FrostyGoop’ malware responsible for turning off Ukrainians’ heat in January attack
Police nab 17-year-old linked to group behind MGM Resorts cyberattack
FCC, Tracfone Wireless reach $16M cyber and privacy settlement
HITBSecNews
AI-Powered Super Soldiers Are More Than Just a Pipe Dream
China's APT40 gang is ready to attack vulns within hours or days of public release
Massive car dealer ransom attack is mostly over after 2 weeks of work-arounds
The president ordered a board to probe a massive Russian cyberattack. It never did.
Two of the German military’s new spy satellites appear to have failed in orbit
“RegreSSHion” vulnerability in OpenSSH gives attackers root on Linux
Cisco Talos warns of wider security implications following Snowflake breach
Indonesian Airports, Data Centres Hit By Worst Cyberattack in Years
Researchers upend AI status quo by eliminating matrix multiplication in LLMs
I Wore Meta Ray-Bans in Montreal to Test Their AI Translation Skills. It Did Not Go Well
SecurityWeek
IAM for MSPs Provider Evo Security Raises $6 Million
Progress Patches Critical Telerik Report Server Vulnerability
Threat Actors Exploit Fresh ServiceNow Vulnerabilities in Attacks
In Other News: FBI Cyber Action Team, Pentagon IT Firm Leak, Nigerian Gets 12 Years in Prison
US Offers $10 Million Reward for Information on North Korean Hacker
PKfail Vulnerability Allows Secure Boot Bypass on Hundreds of Computer Models
97% of Devices Disrupted by CrowdStrike Restored as Insurer Estimates Billions in Losses
North Korean Charged in Cyberattacks on US Hospitals, NASA and Military Bases
Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads
BIND Updates Resolve High-Severity DoS Vulnerabilities
ZDNet
These transparent earbuds by Nothing made my AirPods look and sound boring
The best Alexa devices of 2024: Expert tested and recommended
How to calibrate your TV for the best picture quality - 2 easy and simple methods
This Asus Copilot+ PC has one of the best displays I've seen on a laptop (and it exudes premium)
One of the best budget Android tablets I've tested is not made by Samsung or Google
My new favorite travel gadget is an e-reader that looks like a phone (but isn't)
Switzerland's open-source rules and Google's privacy plans lead the Index
The best wired earbuds of 2024: Expert reviewed
How to watch the 2024 Summer Olympics: Every streaming option (including free ones)
Get Microsoft Office 2021 for Windows for $60
The Hacker News
French Authorities Launch Operation to Remove PlugX Malware from Infected Systems
Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials
This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps
Offensive AI: The Sine Qua Non of Cybersecurity
U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals
Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining
CrowdStrike Warns of New Phishing Scam Targeting German Customers
Critical Flaw in Telerik Report Server Poses Remote Code Execution Risk
North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks
6 Types of Applications Security Testing You Must Know About
BleepingComputer
Crypto exchange Gemini discloses third-party data breach
Google fixes Chrome Password Manager bug that hides credentials
FBCS data breach impact now reaches 4.2 million people
July Windows Server updates break Remote Desktop connections
Acronis warns of Cyber Infrastructure default password abused in attacks
Russian ransomware gangs account for 69% of all ransom proceeds
PKfail Secure Boot bypass lets attackers install UEFI malware
Critical ServiceNow RCE flaws actively exploited to steal credentials
Windows 11 KB5040527 update fixes Windows Backup failures
US offers $10M for tips on DPRK hacker linked to Maui ransomware attacks
gbhackers
OpenAI Launches SearchGPT Prototype
Play & LockBit Ransomware Join Hands to Launch Cyber Attacks
Threat Actors Claiming Leak of IOC list with 250M Data, CrowdStrike Responded
Google Chrome Warns of Malicious Files While Downloading
Microsoft’s Windows Hello for Business Flaw Let Attackers Bypass Authentication
LummaC2 Malware Using Steam Gaming Platform as C2 Server
Ukraine Hackers Hit Major Russian banks with DDoS attacks
ShadowRoot Ransomware Attacking Organizations With Weaponized PDF Documents
BreachForumsV1 Database Leaked: Private messages, Emails & IP Exposed
250 Million Hamster Kombat Players Targeted Via Android And Windows Malware
Cybersecurity Dive
White House, CISA name key cybersecurity officials as national resilience strategy rollout continues
CrowdStrike CEO says 97% of Windows sensors restored in IT outage recovery effort
How cyber insurance coverage is evolving
CrowdStrike disruption direct losses to reach $5.4B for Fortune 500, study finds
CrowdStrike software crash linked to undetected error in content update for Windows users
CrowdStrike CEO’s quick apology stands out in an industry rife with deflection
Dragos warns of novel malware targeting industrial control systems
CrowdStrike says flawed update was live for 78 minutes
CrowdStrike, Microsoft scramble to contain fallout from global IT outage
CrowdStrike’s unforced error puts its reputation on the line
Threatpost
Student Loan Breach Exposes 2.5M Records
Watering Hole Attacks Push ScanBox Keylogger
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Ransomware Attacks are on the Rise
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Twitter Whistleblower Complaint: The TL;DR Version
Firewall Bug Under Active Attack Triggers CISA Warning
Fake Reservation Links Prey on Weary Travelers
iPhone Users Urged to Update to Patch 2 Zero-Days
Google Patches Chrome’s Fifth Zero-Day of the Year
CISA News
Statement from CISA Director Easterly on Leadership Changes at CISA
CISA Releases Playbook for Infrastructure Resilience Planning
CISA Announces Key Leadership Appointments in Cybersecurity and Stakeholder Engagement
CISA Releases Guide to Operational Security for Election Officials
CISA Releases the Marine Transportation System Resilience Assessment Guide
CISA and Fauquier County Hold K-12 Active Shooter Exercise
CISA Releases Guide to Enhance Election Security Through Public Communications
CISA, JCDC, Government and Industry Partners Conduct AI Tabletop Exercise
CISA Hosts First Annual Information and Communications Technology Supply Chain Risk Management Task Force Conference
Readout from CISA’s 2024 Second Quarter Cybersecurity Advisory Committee Meeting
The Register
CrowdStrike meets Murphy's Law: Anything that can go wrong will
Progress discloses second critical flaw in Telerik Report Server in as many months
North Korean chap charged for attacks on US hospitals, military, NASA – and even China
Malware crew Stargazers Goblin used 3,000 GitHub accounts to make bank
CrowdStrike update blunder may cost world billions – and insurance ain't covering it all
Beware of fake CrowdStrike domains pumping out Lumma infostealing malware
FYI: Data from deleted GitHub repos may not actually be deleted
Uncle Sam accuses telco IT pro of decade-long spying campaign for China
You should probably fix this 5-year-old critical Docker vuln fairly sharpish
Kaspersky says Uncle Sam snubbed proposal to open up its code for third-party review
TechCrunch
Apple reports iCloud Private Relay global outages for some users
ZeroTier raises $13.5M to help avert CrowdStrike-like network problems
Hacked, leaked, exposed: Why you should never use stalkerware apps
Data breach exposes US spyware maker behind Windows, Mac, Android and Chromebook malware
Hacker claims theft of Piramal Group’s employee data
CrowdStrike offers a $10 apology gift card to say sorry for outage
Dazz snaps up $50M for AI-based, automated cloud security remediation
Hackers shut down heating in Ukrainian city with malware, researchers say
Wiz walks away from Google’s $23B acquisition offer: Read the CEO’s note to employees
CrowdStrike’s fallout, Harris’s stance on tech and Yandex’s rise from the ashes
Network World Security
Broadcom tosses VMware users a bone, extends vSphere 7 support six months
Network jobs watch: Hiring, skills and certification trends
Data center liquid cooling market heats up
Oak Ridge seeks next-level supercomputer to blow away Frontier
Gauging system activity on Linux with dstat
Microsoft Entra Suite is late to the SSE pool but still makes waves
CrowdStrike failure: What you need to know
FCC post-mortem on AT&T outage uncovers similar QA issues to those that plagued CrowdStrike
AI workloads: There’s room for Nvidia competition in the AI market
CrowdStrike incident has CIOs rethinking their cloud strategies
Help Net Security
Ledger Flex: Secure self-custody with E Ink touchscreen display
Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
16% of organizations experience disruptions due to insufficient AI maturity
AI-generated deepfake attacks force companies to reassess cybersecurity
Most CISOs feel unprepared for new compliance regulations
New infosec products of the week: July 26, 2024
Chainguard raises $140 million to strengthen open source software security
Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
Learning from CrowdStrike’s quality assurance failures
CAST SBOM Manager automates creation and handling of SBOMs
SC Magazine
PKFail bug puts firmware security at risk
Twitter, the DOJ, DarkSeoul, Fake Employees, PlugX, Stargazer Ghost, Aaran Leyland... - SWN #401
Foreign threat actors exploit ServiceNow bugs
Streamlined cyber regulations pushed by industries
US cities, municipalities hit by separate cyberattacks
UEFI malware delivery possible with PKfail issue
Extensive spyware compromise revealed by Spytech breach
Attacks exploiting critical ServiceNow RCE bugs underway
CrowdStrike outage exploited for Lumma infostealer deployment
Financially motivated attacks part of Andariel expansion
InfoSecurity Magazine
Synnovis Restores Systems After Cyber-Attack, But Blood Shortages Remain
Hacktivists Claim Leak of CrowdStrike Threat Intelligence
Despite Bans, AI Code Tools Widespread in Organizations
North Korean Hackers Target Critical Infrastructure for Military Gain
Ransomware and BEC Make Up 60% of Cyber Incidents
Malware Attacks Surge 30% in First Half of 2024
Most IT Leaders Say Severity of Cyber-Attacks has Increased
CrowdStrike Shares How a Rapid Response Content Update Caused Global Outage
North Korean Hackers Targeted Cybersecurity Firm KnowBe4 with Fake IT Worker
Google Criticized for Abandoning Cookie Phase-Out
© 2024 RiskDiscovery | Sponsored by:
Deception Logic