On July 23, 2024, CrowdStrike Intelligence identified a malicious ZIP file containing a Python-based information stealer now tracked as Connecio. A threat actor distributed this file days after the July 19, 2024, single content update for CrowdStrike’s Falcon sensor — which impacted Windows operating systems — was identified and a fix was deployed. The ZIP file uses the filename CrowdStrike Falcon.zip in an attempt to masquerade as a Falcon update.

The back-to-school season is a hectic and overwhelming time for both students and parents alike.

Over the last few months, there have been a number of credential-based breaches, including the attacks on Ticketmaster, Santander Bank, and others. As details regarding this string of attacks continue to be uncovered, it is critical that organizations take precautionary measures in order to protect themselves and their customers from potentially being compromised by cybercriminals.

Several threat actors are abusing legitimate cloud services to launch phishing attacks against users in Latin America, according to Google’s latest Threat Horizons Report. One threat actor, tracked as “PINEAPPLE,” impersonated Brazil’s revenue service, Receita Federal do Brasil, to deliver the Astaroth infostealer.

Last week (19-July-2024), a significant IT outage occurred because CrowdStrike distributed a faulty update to its Falcon security software running on millions of computers using the Microsoft Windows operating system. This faulty update caused many of these computers to crash, which interrupted the operations of businesses across the globe.

The digital economy runs on APIs, the building blocks of the modern internet. From effortless mobile payments to convenient food deliveries, APIs work silently behind the scenes to power the applications we use every day. While APIs aren't new, their usage has exploded in recent years. Cloud computing, agile development practices, and the pandemic-driven surge in digital services have fueled this rapid growth.

Healthcare data breaches are on the rise, with a total of 809 data violation cases across the industry in 2023, up from 343 in 2022. The cost of these breaches also soared to $10.93 million last year, an increase of over 53% over the past three years, IBM’s 2023 Cost of a Data Breach report reveals. But data breaches aren’t just expensive, they also harm patient privacy, damage organizational reputation, and erode patient trust in healthcare providers.

SenseOn is a direct competitor to CrowdStrike. On 19th July 2024 BST, an update to CrowdStrike endpoint software caused worldwide IT outages that resulted in over 8 million Windows devices being disabled. This caused major disruption to organisations in a range of industries, including aviation and healthcare. Quality assurance gaps and deployment processes were not the only factors, or even the most significant factors, in the widespread disruption.

It's never been more important for organizations to demonstrate their security practices in order to win the trust of customers. ‍ Historically, companies have used static web pages to demonstrate their security posture. And while these can act as helpful marketing tools, these pages don't provide enough evidence for customers to evaluate a vendor’s security program. This leads to lengthy email threads and manual processes in order to manage incoming customer requests. ‍

Cybersecurity has become an integral part of our daily lives, impacting everyone around the world. However, the question arises: are rules and regulations alone sufficient to make cyberspace secure? Ethics, which are the principles that guide our decisions and help us discern right from wrong, play a crucial role in this context. They aim to create positive impacts and promote the betterment of society.