The threat landscape is ever evolving. Modern threat actors constantly develop new tactics, techniques and procedures (TTP) so it's crucial to stay up to date with the latest strategies for protecting your organization.
Security experts from Unit 42™ have unveiled the most commonly observed TTPs in ransomware and...
Australia's Western Sydney University said hackers exploited its Microsoft Office 365 environment to steal up to 580 terabytes of data. Breached data includes names, birthdates, health information, government identification documents, bank account information and superannuation details.
Data breaches continue to grow more costly, with the average cost of a breach hitting an all-time high of $4.9 million, driven by greater business disruption and post-breach customer support and remediation expenses, according to the latest annual Cost of a Data Breach Report from IBM.
The global IT outage triggered by a faulty CrowdStrike software update could lead to $400 million to $1.5 billion in payouts to cyber insurance policyholders, although the nonstandardized language used for such policies will make determining final losses a "lengthy process," analysts say.
Successful cybersecurity requires integrating people, processes and technology. According to Tyler Zito, senior solutions architect at Expel, without well-defined processes and communication, even advanced technology and skilled personnel can't effectively secure the enterprise.
CrowdStrike said nearly all of the Windows hosts disrupted by its faulty July 19 update are now fixed. The company said the flaw involved a relatively new threat detection feature that uses configuration data that "maps to specific behaviors for the sensor to observe, detect or prevent."
Friday's global computer outage caused by an update gone wrong from cybersecurity firm CrowdStrike continues to bring out hucksters seeking to capitalize on the incident. Hackers began milking it almost immediately, and self-proclaimed hacktivist group USDoD appears to be the latest.
This week, ICANN warned of phishing, BreachForums data was leaked, police arrested alleged pro-Russian hackers, the U.K shut down a DDoS booter site, the EU gave Meta a deadline, Russia decried U.S. sanctions, Verizon settled on breaches, and Windows 10 security support will end in October 2025.
Expect the healthcare and banking sectors to record the greatest direct losses in the U.S. as a result of the global disruptions caused by a faulty CrowdStrike software update crashing Windows systems, an underwriting agency reported, forecasting Fortune 500 direct losses of $5.4 billion.
On day five of the Windows outages due to a faulty CrowdStrike update, there is cautious optimism as IT experts report significant restoration of downed systems. One IT asset management provider said that 93% of affected CrowdStrike systems across its customer base appear to have been fixed.
Hackers stole sensitive information belonging to roughly half of Australia's population during an April ransomware attack against e-prescription firm MediSecure, which says it can't afford the incident's "significant" response costs. The company has announced its liquidation.
Microsoft's statement that a faulty CrowdStrike update affected less than 1% of active Windows systems doesn't tell the full story, since large organizations in critical sectors make up a disproportionate part of the user base, as the outages in healthcare, transportation and banking demonstrate.
Banks, airlines, media giants and others are being disrupted by a mass, global IT outage tied to Windows PCs. While CrowdStrike has issued a workaround tied to a Falcon software update that appears to be the culprit, many IT administrators say it so far remains difficult to implement at scale.
This week, Microsoft and Adobe released patches, Europol pushed back against mobile encryption, Japan warned of Kimsuky attacks, the FBCS breach victim count grew, and a fraud campaign offered fake tickets to the Summer Olympics in Paris.
In the wake of multiple customers of Snowflake collectively losing terabytes of data to attackers, the cloud-based data warehousing platform has rolled out a swath of cybersecurity improvements, including allowing administrators to make multifactor authentication mandatory for all users.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.