CrowdStrike on Monday informed customers that it has tested a new technique to speed up the remediation of systems impacted by the recent bad update, and the company claims many systems have already been restored. Roughly 8.5 million Windows devices started displaying a Blue Screen of Death (BSOD) late last week after receiving a faulty update pertaining to CrowdStrike's Falcon product. READ MORE...
The Heritage Foundation this month denied that it had suffered an earlier system breach and the subsequent leaking of internal data. But the organization had to admit that cybercriminals gained access to an archive of Heritage's affiliated media site, The Daily Signal, dating back to 2022. That archive reportedly contained content of Heritage and non-Heritage contributors' personal information. Either way, a Malwarebytes review of the data shows over half a million usernames and passwords. READ MORE...
Los Angeles County Superior Court, the largest trial court in America, closed all 36 of its courthouses today following an "unprecedented" ransomware attack on Friday. According to a statement, the malware bricked "every electronic platform containing court data," both internal and external court systems, as well as every internet-connected device including the phones. Since Friday, court employees and infosec experts have been working around the clock to reconfigure and restore court servers. READ MORE...
The Land Registry agency in Greece has announced that it suffered a limited-scope data breach following a wave of 400 cyberattacks targeting its IT infrastructure over the last week. The agency said hackers managed to compromise employee terminals and steal 1.2 GB of data, corresponding to roughly 0.0006% of the total data held by the government organization. The stolen data reportedly does not contain any citizens' personal information but primarily consists of typical administrative documents. READ MORE...
Threat actors have used a vulnerability in Telegram for Android to distribute malicious files disguised as videos, ESET warns. The cybersecurity firm identified the security defect after finding on a cybercrime forum an advertisement for a zero-day exploit targeting Telegram for Android. According to ESET, the exploit was likely developed using the Telegram API, allowing developers to upload crafted multimedia files to Telegram chats or channels programmatically. READ MORE...
Malware targeting the widely-used Modbus industrial communication protocol was responsible for more than 600 apartment buildings in Ukraine losing heat for two days in January, according to a new report by cybersecurity firm Dragos. The malware, which Dragos has named FrostyGoop, uses Modbus to allow attackers to further attack industrial-controlled systems (ICS). READ MORE...
Play ransomware is the latest ransomware gang to start deploying a dedicated Linux locker for encrypting VMware ESXi virtual machines. Cybersecurity company Trend Micro, whose analysts spotted the new ransomware variant, says the locker is designed to first check whether it's running in an ESXi environment before executing and that it can evade detection on Linux systems. "This is the first time that we've observed Play ransomware targeting ESXi environments," Trend Micro said. READ MORE...