In the latest weekly update, ISMG editors discussed the massive CrowdStrike IT outage that crashed 8.5 million Windows systems and severely affected the healthcare, finance and transportation sectors. Here's what you need to know one week later about the recovery, impact and lessons learned.
A critical vulnerability in Exim Mail Transfer Agent enables threat actors to bypass email security filters and deliver malicious attachments directly to user inboxes. Nearly 5 million servers could be vulnerable, but only 82 public-facing servers have updated to the patched release, Exim 4.98.
A relatively new threat actor has compromised over 1,500 organizations worldwide since February, using open-source security tools to automate and streamline attack processes. Security researchers have tracked a significant escalation in CRYSTALRAY operations.
Multiple threat actors began exploiting a critical vulnerability in PHP within a day of its public disclosure last month and are moving quickly to infect systems with malware, according to a report by the Akamai Security Intelligence Response Team. Administrators are advised to patch immediately.
The Australian cybersecurity agency is blaming a Chinese state-backed cyberespionage group, tracked as APT40, for persistent cyberattacks on Australian organizations to steal sensitive information. The group exploits known software vulnerabilities to compromise networks.
Rapid7's acquisition of Noetic Cyber aims to deliver improved attack surface management by offering comprehensive visibility into internal and external assets. The deal will aid security outcomes and operational efficiency for clients while helping them anticipate risks and manage them efficiently.
Red teaming is not effective for evaluating the efficacy of preventative or detective security controls, said Jared Atkinson of Specter Ops, but purple teaming is. Purple teaming as "the evaluation of security control efficacy through atomic testing, using deliberately selected test cases."
Multiple critical vulnerabilities in Emerson Rosemount 370XA gas chromatographs could allow malicious actors to access sensitive data, cause denial-of-service conditions and execute arbitrary commands. Emerson recommends that end users update the firmware on the products.
Jana Partners announced a "significant" stake in Boston-based Rapid7 on Wednesday and plans to push the vulnerability management firm to sell itself. The activist investor is working with investment firm Cannae Holdings and wants Cannae to team up with a private equity firm to buy Rapid7.
Cloud security is becoming a major challenge for security leaders. Kevin Kiley, chief revenue officer at Lacework, explains why traditional security methods fall short in cloud environments and how data-driven approaches offer better protection against new and complex threats.
Brian Honan, CEO of BH Consulting, discusses the need for robust logging capabilities in Microsoft 365 to prevent security breaches. He called for security features to be standard, highlighting issues from a recent intrusion and the risks associated with technologies such as Microsoft's Copilot.
Christiaan Beek of Rapid7 reveals alarming trends in zero-day exploits, especially against network appliances. The financial rewards of ransomware are enabling threat actors to buy zero-days. He urges firms to enhance detection and patching strategies.
The Cybersecurity and Infrastructure Security Agency is hosting a series of tabletop exercises through its flagship public-private collaborative while developing a new playbook for both sectors to better respond to emerging cybersecurity risks associated with artificial intelligence.
Researchers have found a new way of poisoning machine learning models that could allow hackers to steal data and manipulate the artificial intelligence unit's output. Using the Sleepy Pickle attack method, hackers can inject malicious code into the serialization process, said Trail of Bits.
NetSPI acquired startup Hubble to bolster its attack surface management capabilities, promising a consolidated offering for both internal and external visibility within four months. The transaction aims to drive significant cross-selling opportunities and operational efficiencies.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.