CrowdStrike, is a prominent cybersecurity technology company that provides security services for endpoints, cloud workloads, identity, and data. They are well-known for their Falcon Sensor Software designed to protect against cyberattacks. On Thursday, July 18 2024 there was a crash on Microsoft systems related to an update in Falcon Sensor software. This update involved a single file that added extra logic for detecting bad actors.

When it comes to how employees get work done, personal devices are an ever-growing part of the equation. The 2023 Lookout State of Remote Work Security Report found that 92% of remote workers have performed work tasks on their personal mobile devices. While putting security controls on employer-owned devices is a no-brainer, the increasing overlap of personal with professional means that organizations need to think about how to secure employee-owned devices that are being used for work.

Over the years, door-to-door scams have become rampant, targeting unsuspicious homeowners with various tactics. The door-to-door scam involves individuals disguising themselves as sales representatives or service providers to access people's homes to gain personally identifiable information like social security numbers, properties, or money. There are various door-to-door scams, and understanding how they work is crucial to protecting oneself and the community.

Earlier today, CrowdStrike released a new update on their Falcon Sensor product. Unfortunately, the update caused technical issues, resulting in major outages globally to Microsoft Windows machines. The issue caused the “Blue Screen of Death” and several reports worldwide stated that several industries were affected, such as airlines, banks, media, etc. According to CrowdStrike Tech Alert, they are already aware of reports of crashes on Windows hosts related to the CrowdStrike Sensors.

Trustwave SpiderLabs issued a warning that threat actors may attempt to take advantage of CrowdStrike’s software update that caused widespread outages by using the news as the center of a social engineering scheme to convince people to open malicious phishing emails or fall for other types of attacks. Using this news cycle is nothing new.

Nowadays, there is an increase in offensive real estate fraud, with potentially disastrous outcomes for homeowners. The practice known as deed fraud or house title theft involves an online scam for a fraudulent transfer of property ownership. Then, in order to make money, thieves can either sell the house, get a mortgage on it, or even rent it out. Home title theft can cause significant financial loss for individuals and families.

With the threat landscape being on the rise, CISOs need to be much more attentive while building the organization’s security strategy. Constantly arising vulnerabilities, ransomware attacks, critical workflows, outages – all of that require CISOs to stay up to date to security issues and keep their finger on the pulse to change their security strategy once the prerequisites pop up. We’ve been tracking GitHub, GitLab, and Atlassian -related incidents for the latest few years…

It’s time to ‘Have Your Say’ on the future of cybersecurity regulations in the European Union. The draft implementing regulation for the NIS2 Directive is now open for public feedback through the ‘Have Your Say’ portal until July 25, 2024. This consultation period allows stakeholders to contribute to refining the regulation, with all feedback shaping the final regulations.

We're gearing up with some seriously cool stuff for Black Hat! But first, a little sneak peek - not just one, but TWO of Wallarm's open-source tools will be featured in the Arsenal showcase at Black Hat USA this year. Black Hat Arsenal unites researchers and the open-source community to display their newest open-source tools and products, allowing presenters to engage directly with attendees. Its schedule is now live, so save the date to watch presentations of API Firewall and GoTestWAF.