CrowdStrike on Thursday said more than 97% of the Windows computers disrupted by its bad update had been back online. The incident is expected to cause billions in direct losses for major companies. "Our recovery efforts have been enhanced thanks to the development of automatic recovery techniques and by mobilizing all our resources to support our customers," CrowdStrike CEO George Kurtz said on Thursday in a post on LinkedIn. READ MORE...
A long-known cyber-espionage group working on behalf of North Korea's foreign intelligence service is systematically stealing technical information and intellectual property from organizations in the US and other countries to advance its own nuclear and military programs. The group - which security vendors track variously as Andariel, Silent Chollima, Onyx Sleet, and Stonefly - is using ransomware attacks on US health care entities to fund the campaign, the US government warned this week. READ MORE...
Infosec researchers have discovered a network of over three thousand malicious GitHub accounts used to spread malware, targeting groups including gamers, malware researchers, and even other threat actors who themselves seek to spread malware. The research, penned by Antonis Terefos of Check Point Software, named the collection of GitHub accounts "Stargazer Ghost Network" and asserted it's operated by a threat actor the cyber security firm labelled "Stargazer Goblin." READ MORE...
The US Department of State has announced a reward of up to $10 million for information on a North Korean national charged with hacking hospitals, military bases, and NASA. The individual, Rim Jong Hyok, is an alleged member of the hacking group tracked as APT45, Andariel, DarkSeoul, Onyx Sleet (formerly Plutonium), Silent Chollima, and Stonefly/Clasiopa, which operates on behalf of a North Korean military intelligence agency, the Reconnaissance General Bureau. READ MORE...
Russian-speaking threat actors accounted for at least 69% of all crypto proceeds linked to ransomware throughout the previous year, exceeding $500,000,000. This number is from TRM Labs, a blockchain intelligence and analytics firm specializing in crypto-assisted money laundering and financial crime. North Korea is the leader in stealing cryptocurrency through exploits and breaches, having stolen over a billion dollars in 2023. Asia also remains the leader in scams and investment fraud. READ MORE...
Progress Software's latest security advisory warns customers about the second critical vulnerability targeting its Telerik Report Server in as many months. CVE-2024-6327 is an insecure deserialization vulnerability (CWE-502) carrying a 9.9 CVSS score. Successful exploits can lead to remote code execution (RCE) on servers running all versions prior to 10.1.24.709. READ MORE...
In 2012, an industry-wide coalition of hardware and software makers adopted Secure Boot to protect against a long-looming security threat. The threat was the specter of malware that could infect the BIOS, the firmware that loaded the operating system each time a computer booted up. From there, it could remain immune to detection and removal and could load even before the OS and security apps did. READ MORE...
Threat actors are chaining together ServiceNow flaws using publicly available exploits to breach government agencies and private firms in data theft attacks. This malicious activity was reported by Resecurity, which, after monitoring it for a week, identified multiple victims, including government agencies, data centers, energy providers, and software development firms. READ MORE...