Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

July 2024

centripetal

Enhanced CleanINTERNET Protections to Combat Subsequent Threats from the CrowdStrike Outage

Jul 23, 2024 By Sean Moore In Centripetal
Last week (19-July-2024), a significant IT outage occurred because CrowdStrike distributed a faulty update to its Falcon security software running on millions of computers using the Microsoft Windows operating system. This faulty update caused many of these computers to crash, which interrupted the operations of businesses across the globe.
Read Post
secude

Is your IP safe from China? The US Government doesn't think so.

Jul 23, 2024 By Secude In SECUDE
An Economist article published in June 2024 claimed that China is actively targeting US SMEs for long-term sabotage and for financial gain through sustained IP theft. With China using previously undetected methods of ‘cyber warfare’, it’s increasingly important that US companies adopt Zero Trust protection for their most valuable IP data.
Read Post
jumpcloud

How to Plan an Active Directory Migration

Jul 23, 2024 By David Worthington In JumpCloud
Microsoft’s Active Directory (AD) runs your Windows network and keeps mission-critical legacy apps and workflows running at some organizations. Replacing can be a big commitment and migration planning is an essential step to undertake before kicking off your project. Big commitments are made for very good reasons. Consider that AD has become a top target for cyber attackers and doesn’t meet modern IT requirements.
Read Post
sysdig

Introducing Layered Analysis for Enhanced Container Security

Jul 23, 2024 By Fede Barcelona In Sysdig
Containerized applications deliver exceptional speed and flexibility, but they also bring complex security challenges, particularly in managing and mitigating vulnerabilities within container images. To tackle these issues, we are excited to introduce Layered Analysis — an important enhancement that provides precise and actionable security insights.
Read Post
cyberark

EP 57 - Proactive Defense: Security's AI Infusion

Jul 23, 2024 By CyberArk In CyberArk
In this episode of the Trust Issues podcast, we explore the transformative impact of artificial intelligence (AI) on identity security. Guest Peretz Regev, CyberArk’s Chief Product Officer, joins host David Puner, for a discussion about how AI is reshaping cyber protection, offering solutions that are as intelligent as they are intuitive. With the ability to predict threats and adapt with unprecedented agility, AI is ushering in a new era of proactive security.
Read Post
ThreatQuotient

From Legacy Systems to IoT: Protecting Critical Infrastructure Against Evolving Threats

Jul 23, 2024 By Noor Boulos In ThreatQuotient
The explosive growth in connectivity and the geopolitical environment is putting critical infrastructure around the world at risk. Connecting legacy industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems that critical infrastructure runs on to IT environments, Internet of Things (IoT) devices, and out to the Internet makes it easier for cybercriminals and state-sponsored groups to gain access to systems and conduct malicious activities.
Read Post
Arctic Wolf

Abusing BOINC: FakeUpdates Campaign Bundling Malware with Legitimate Software

Jul 23, 2024 By Arctic Wolf In Arctic Wolf
Beginning in early July 2024, Arctic Wolf responded to multiple SocGholish/FakeUpdate intrusions that resulted in a seemingly benign payload being delivered as a second-stage download. The zip file payload contained software from the Berkeley Open Infrastructure for Network Computing (BOINC) project, open-source software that allows users to contribute computing power to scientific research projects focused on solving complex calculations.
Read Post
Arctic Wolf

CVE-2024-20401 and CVE-2024-20419: Critical Vulnerabilities in Cisco Secure Email and Cisco Smart Software Manager On-Prem

Jul 23, 2024 By Stefan Hostetler In Arctic Wolf
On July 17, 2024, Cisco publicly disclosed critical vulnerabilities in Cisco Secure Email Gateway (SEG) and Cisco Smart Software Manager On-Prem (SSM), identified as CVE-2024-20401 and CVE-2024-20419 respectively. Both of these vulnerabilities may allow for unauthenticated administrative actions to be taken by threat actors when exploited.
Read Post
WatchGuard

Ransomware: Attackers resort to old-school techniques and minimal investment

Jul 23, 2024 By Sam Manjarres In WatchGuard
The modus operandi of cybercriminals is constantly changing. It comes as no surprise that, every so often, hackers switch up their methods to become more evasive. However, contrary to what we might imagine, these changes don’t always have to be innovative, or involve new attack strategies. Cybercriminals are increasingly opting to employ old-school techniques, and couple this with minimal investment.
Read Post
securitysenses

How Do Law Firms Protect Their Clients' Data?

Jul 23, 2024 By SecuritySenses In SecuritySenses
In this technologically advanced era, law firms may start to store sensitive information about their clients' cases on computers. But they need to be able to protect this information properly so that it does not fall into the hands of malicious people. Knowing what the other side knows and being able to use that information against them in a litigation process is very valuable. During the litigation process, the other side may want to access this information ambitiously, and the law firm in Indiana's job is to protect this information in the best way possible and keep its client safe.
Read Post
securitysenses

Bridging Lemon Law and Cybersecurity: Protecting Consumers in the Digital Age

Jul 23, 2024 By SecuritySenses In SecuritySenses
The convergence of lemon law and cybersecurity, the odd pairing at first sight. Yet, when both are viewed under the light of consumer protection, a common objective comes into focus. With this emerging relationship between technology-based consumer products and traditional concerns due to their use, we see an interesting intersection taking shape between these seemingly unrelated topics. About Lemon Law.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.