Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

July 2024

splunk

Splunk Security Content for Impact Assessment of CrowdStrike Windows Outage

Jul 21, 2024 By Splunk Threat Research Team In Splunk
On July 19, 2024, CrowdStrike, a global cybersecurity company, experienced a significant outage caused by a faulty software update. This incident impacted millions of Windows machines across multiple industries, including transportation, defense, manufacturing, and finance. CrowdStrike has released an official statement and is posting updates on their blog. Microsoft has also published a blog with remediations, which we encourage you to review.
Read Post
CalCom

Understanding Structured Exception Handling Overwrite Protection (SEHOP)

Jul 21, 2024 By Ben Balkin In CalCom
Structured Exception Handling Overwrite Protection (SEHOP) is a security safeguard setting within Windows designed to prevent malicious actors from exploiting the Structured Exception Handler (SEH) overwrite. By preventing this exploit, SEHOP helps to ensure programs run smoothly and securely. Structured Exception Handler(SEH) is a mechanism within software that’s responsible to keep the program running smoothly in the event of an error.
Read Post
device authority

Why Your Business Needs a Robust IoT Security Framework

Jul 20, 2024 By Louise José In Device Authority
In a digital landscape teeming with possibilities, safeguarding your business with a robust Internet of Things security framework is paramount. From interconnected devices to data privacy concerns, the stakes are high. Let’s delve into the realm of IoT security and unveil the crucial reasons behind fortifying your business against evolving cyber threats.
Read Post
CrowdStrike

Likely eCrime Actor Uses Filenames Capitalizing on July 19, 2024, Falcon Sensor Content Issues in Operation Targeting LATAM-Based CrowdStrike Customers

Jul 20, 2024 By Counter Adversary Operations In CrowdStrike
On July 19, 2024, an issue present in a single content update for the CrowdStrike Falcon sensor impacting Windows operating systems was identified, and a fix was deployed.1 CrowdStrike Intelligence has since observed threat actors leveraging the event to distribute a malicious ZIP archive named crowdstrike-hotfix.zip. The ZIP archive contains a HijackLoader payload that, when executed, loads RemCos.
Read Post

The 443 Podcast - Episode 298 - Global Security Outage

Jul 20, 2024 By WatchGuard In WatchGuard
This week on the podcast we are with WatchGuard CSO, Corey Nachreiner and Trevor Collins as they explain the recent Global IT outage cause by a CrowdStrike update. We also follow-up on RockYou and the RockYou2024 data dump of 10 billion records. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.
View Video

The IT Hour | SME IT Trends 07.19.24

Jul 20, 2024 By JumpCloud In JumpCloud
Chase Doelling, Principal Strategist, will join to give a sneak peek of our biannual SME IT Trends survey. Be the first group to see what's in store! Join us at 11:30 am ET The #IT Hour hosted by #JumpCloud is a #communityprogram focused on the life of #ITAdministrators. With the ever changing #ITlandscape, having community and professional networking opportunities is very valuable.
View Video
indusface

Crowdstrike Falcon Disruption: Why SaaS Security Vendors Need to Focus on Designing for Failure

Jul 20, 2024 By Vivek Gopalan In Indusface
By now, everyone is aware of the CrowdStrike Falcon update that caused major disruptions to key services such as hospitals, flights, news channels, and millions of end-user and cloud-based Windows machines worldwide. Details, including recovery options, can be found in the CrowdStrike advisory. At Indusface, designing for failure is a core tenet that we use while building all our SaaS products. After all, despite the best processes, checks, and balances, any system can fail.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.