CVE-2024-23113 is a critical (9.8) Fortinet FortiOS vulnerability allowing remote, unauthenticated attackers to execute arbitrary code or commands using specially crafted requests. The flaw uses an externally-controlled format string vulnerability in the FortiOS fgfmd daemon.

In recent years, Telegram has emerged as a popular messaging platform among cybercriminals, driven by its combination of simplicity, security, and efficiency. Telegram's encrypted messaging capabilities, real-time communication, and the ability to send large data files make it an ideal platform for cybercriminal activities, making it an attractive alternative to traditional underground forums.

Collaboration is critical to take down today’s most advanced adversaries. CrowdStrike regularly works with law enforcement agencies and industry leaders to identify, track and stop cyber threats. We recently cooperated with the Department of Justice as part of a broader effort to disrupt two individuals heavily involved in operating Anonymous Sudan.

The second most popular OS in today’s business environment, macOS, is often neglected in cybersecurity discussions. This is likely due to Windows OS holding a dominant share (72.1%) of the global workstation market and Linux (4.03%) running critical parts of IT infrastructure. This often leaves macOS excluded from the conversation.

As the Internet of Things (IoT) continues to expand across industries such as healthcare, automotive, manufacturing, and smart cities, the need for robust security measures has become more critical than ever. The proliferation of internet connected devices across various sectors, including healthcare and smart homes, has introduced significant security risks.

Imagine this: You’ve just started a new job at a new company when you get a text message that says it's from the CEO. They are requesting that you take care of a time-sensitive task. At first, you may think it’s a real request, but it’s more likely a pernicious form of SMS phishing known as executive impersonation, or CEO fraud. As we continue to rely on mobile devices for work, attackers are getting smarter about how they exploit our trust in these devices against us.

The threat of cyberattacks is at an all-time high. In fact, research shows that worldwide cybercrime costs are anticipated to reach $10.5 trillion annually by 2025. Cybercriminals threaten all, as 43% of cyberattacks target small enterprises. The rise of these threats underscores the importance of a robust cyber defense strategy, and one key way to do that is through layered cybersecurity solutions.

In the ever-evolving landscape of cybersecurity, IT practitioners stand as the first line of defense against an increasingly sophisticated array of threats. Their role in safeguarding critical assets, data, and infrastructure has never been more crucial. But as the complexity and frequency of cyber attacks escalate, these professionals often find themselves overwhelmed by an ever-growing list of responsibilities and tasks.

In recent years, the digital asset market has experienced both explosive growth and sobering setbacks. The collapse of FTX in November 2022 highlighted a significant vulnerability within the crypto ecosystem – the inherent counterparty risk that emerges when exchanges serve as both trading venues and custodians, roles traditionally held separately to protect market participants.

Most computer systems and applications use passwords as a common authentication method. The simplest way to implement authentication is to store a list of all valid passwords for each user. The downside of this method is that if the list is compromised, the attacker will know all the user passwords. A more common approach is to store the cryptographic hash value of the password phrase.