CrowdStrike has blamed a bug in its own test software for the mass-crash-event it caused last week. A Wednesday update to its remediation guide added a Preliminary Post Incident Review (PIR) that offers the vendor's view of how it brought down 8.5 million Windows boxes. The explanation opens by detailing that CrowdStrike's Falcon Sensor ships with "Sensor Content" that defines its capabilities. READ MORE...
CrowdStrike's ill-fated update was live for 78 minutes, the company said in new details shared Monday in a filing with the Securities and Exchange Commission. The defective software update it deployed Friday quickly rendered global IT networks non-operational. The sensor configuration update for CrowdStrike's Falcon sensor software was released at 4:09 UTC on Friday, shortly after midnight in the Eastern time zone, the company said in the SEC filing. READ MORE...
The Chinese company in charge of handing out domain names ending in ".top" has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. The warning comes amid the release of new findings that .top was the most common suffix in phishing websites over the past year, second only to domains ending in ".com." READ MORE...
Microsoft warned that some Windows devices will boot into BitLocker recovery after installing the July 2024 Windows security updates. The BitLocker Windows security feature mitigates the risk of data theft or information exposure from lost, stolen, or inappropriately decommissioned devices by encrypting the storage drives. Windows computers can automatically enter BitLocker recovery mode following various events, including hardware and firmware upgrades or changes to the Trusted Platform Module. READ MORE...
With an increasing reliance on the cloud, Web browsers are mission-critical applications for organizations. This not only means that people and organizations are using browsers more frequently and intensively than before, but also that more critical systems and data are accessed through browsers. All of this puts Web browser security at the forefront of organizational cybersecurity concerns. READ MORE...
Last week, at 0409 UTC on July 19, 2024, antivirus maker CrowdStrike released an update to its widely used Falcon platform that caused Microsoft Windows machines around the world to crash. The impact was extensive. Supply chain firm Interos estimates 674,620 direct enterprise customer relationships of CrowdStrike and Microsoft were affected. Microsoft said 8.5 million Windows machines failed. READ MORE...
Microsoft's Windows Hello for Business (WHfB) default phishing-resistant authentication model recently was found susceptible to downgrade attacks, allowing threat actors to crack into even biometrically protected PCs and laptops. WHfB authentication, which uses cryptographic keys embedded in a computer's Trusted Platform Module (TPM) and enabled by biometric or PIN-based verification, can be bypassed by altering the parameters within an authentication request. READ MORE...
ESET researchers discovered a zero-day exploit that targets Telegram for Android, which appeared for sale for an unspecified price in an underground forum post from June 6th, 2024. Using the exploit to abuse a vulnerability that we named EvilVideo, attackers could share malicious Android payloads via Telegram channels, groups, and chat, and make them appear as multimedia files. We were able to locate an example of the exploit and report it to Telegram on June 26th, 2024. READ MORE...