IT Security Newsletter

IT Security Newsletter - 7/19/2024

Written by Cadre | Fri, Jul 19, 2024

Major outages at CrowdStrike, Microsoft leave the world with BSODs and confusion

Millions of people outside the IT industry are learning what CrowdStrike is today, and that's a real bad thing. Meanwhile, Microsoft is also catching blame for global network outages, and between the two, it's unclear as of Friday morning just who caused what. After cybersecurity firm CrowdStrike shipped an update to its Falcon Sensor software that protects mission critical systems, Blue Screens of Death (BSODs) started taking down Windows-based systems. READ MORE...

MediSecure Data Breach Impacts 12.9 Million Individuals

Australian digital prescription services provider MediSecure has confirmed that the personal and health information of 12.9 million individuals was stolen in an April 2024 ransomware attack. The incident, which came to light in May, involved a database server containing the sensitive information of individuals who received services from MediSecure between March 2019 and November 2023. READ MORE...

US Data Breach Victim Numbers Increase by 1,000%, Literally

At the end of the second quarter of 2024, the number of US data breach victims has increased by more than 1,000% over the entire previous year, according to new analysis of publicly reported data breaches in the country. The analysis, conducted by Identity Theft Resource Center (ITRC), determined that the increase in the number of victims in the second quarter of the year was due to the impact of a small number of very large breaches. READ MORE...

North Korea likely behind takedown of Indian crypto exchange WazirX

Indian crypto exchange WazirX has revealed it lost virtual assets valued at over $230 million after a cyber attack that has since been linked to North Korea. According to a late Thursday WazirX Xeet, the attack targeted one of its multi-signature wallets - digi-cash lockers that are designed to offer superior security by requiring multiple private keys to authorize a transaction. WazirX's transaction verification process requires approval by multiple parties. READ MORE...

Ransomware Has Outsized Impact on Gas, Energy & Utility Firms

When ransomware targeted the city of Dallas, Texas last year, it took down city services, the municipal water utility's ability to bill and read meters, and emergency services. The city required more than a month to bring all its systems back online. Dallas is not alone. In 2023, two-thirds of critical infrastructure operators (67%) in the oil, energy, and utility sectors suffered a ransomware attack, compared to 59% of all industries, according to a survey by Sophos. READ MORE...

SolarWinds Patches Critical Vulnerabilities in Access Rights Manager

SolarWinds this week announced security updates for Access Rights Manager to address 13 vulnerabilities, including eight critical-severity bugs. Six of the critical flaws - CVE-2024-23466, CVE-2024-23467, CVE-2024-23469, CVE-2024-23470, CVE-2024-23471, CVE-2024-28074 - could be exploited for remote code execution, the company warns. The remaining two critical-severity issues are path traversal bugs that could allow attackers to read and delete arbitrary files. READ MORE...

  • ...in 1883, animator Max Fleischer, who brought to life the adventures of Popeye, Betty Boop, and Superman, is born in Krakow, Austria-Hungary.
  • ...in 1900, the first line of the Paris Metro opens for operation.
  • ...in 1976, English actor Benedict Cumberbatch ("Sherlock", "Doctor Strange") is born in London.
  • ...in 1977, the world's first GPS signal is transmitted from a navigation satellite and received by scientists at Rockwell Collins in Cedar Rapids, IA.