And reveals more and more about small mistake that bricked 8.5M Windows boxes CrowdStrike has hired two outside security firms to review its threat-detection suite Falcon that sparked a global IT outage last month – though it may not have an awful lot to find, because CrowdStrike has identified …
And Qualcomm addresses 'permanent denial of service' flaw in its stuff Google released 46 fixes for Android in its August security patch batch, including one for a Linux kernel flaw in the mobile OS that can lead to remote code execution (RCE).... [...]
Misery loves company – all of its competitors were also negatively impacted One of the US's largest car dealerships says the IT outage caused by CDK Global's June ransomware attack cost it approximately $30 million.... [...]
Windows SmartScreen and Smart App Control both have weaknesses of which to be wary Elastic Security Labs has lifted the lid on a slew of methods available to attackers who want to run malicious apps without triggering Windows' security warnings, including one in use for six years.... [...]
That one weird thing in Outlook that gives phishers and scammers an in to an inbox Users are urging Microsoft to rethink how it shows sender email addresses in Outlook because phishing criminals are taking advantage, using helpful, friendly names to serve up emails loaded with malicious intent.... [...]
Chap named 'Roman Boss' accused of being just that at a cryptocash laundering outfit Users of Cryptonator – an online digital wallet and cryptocurrency exchange – received an unpleasant surprise last weekend after the service was shuttered in a combined operation run by the FBI, the US Internal Revenue Service (IRS …
Singapore Ministry of Education orders software removed after string of snafus UK-based mobile device management vendor Mobile Guardian has admitted that on August 4 it suffered a security incident that involved unauthorized access to iOS and ChromeOS devices managed by its tools, which are currently unavailable. In Singapore, the …
Some scowl, some smile, as fines no longer apply every time your mugshot or fingerprint is shared The US state of Illinois has reduced penalties for breaches of its tough Biometric Information Privacy Act (BIPA).... [...]
Smile for the camera to get in, or buy a beer without lining up The National Football League and all 32 of its teams will use tech from facial recognition software vendor Wicket to verify the identity of thousands of staff, media and fans as part of its credentialing …
Background check biz accused of negligence A lawsuit has accused a Florida data broker of carelessly failing to secure billions of records of people's private information, which was subsequently stolen from the biz and sold on an online criminal marketplace.... [...]
Watch this video to learn how Palo Alto Networks is using GenAI to automate and simplify cybersecurity Sponsored Post Cyber security is complex right, particularly when you're tyring to monitor and configure multiple tools across a host of different on- and off-premise IT environments?... [...]
Malware logs users' keystrokes, pilfers credentials, exfiltrates data Criminals are preying on Windows users yet again, this time in an effort to hit them with a keylogger that can also steal credentials and take screenshots.... [...]
Vendor plans to aggressively defend its case before listing catalog of shortcomings at the airline CrowdStrike says it is "highly disappointed" and rejects the claims made by Delta and its lawyers that the vendor exhibited gross negligence in the events that led to the global IT outage a little …
Eighty-one apps signed up to pilot facial recognition and real name ID system Chinese app developers have signed up to beta test a national cyberspace ID system that will use facial recognition technology and the real names of users, according to Chinese media.... [...]
Plus: CISA's AI hire; and claimed Canuck SIM swappers busted Infosec in brief Scammers have been using Google's own ad system to fool people into downloading a borked copy of the Chocolate Factory's Authenticator software.... [...]
Who wants to make a TRACTOR pull request? To accelerate the transition to memory safe programming languages, the US Defense Advanced Research Projects Agency (DARPA) is driving the development of TRACTOR, a programmatic code conversion vehicle.... [...]
WeRedEvils alleges successful attack on infrastructure, including data theft Israel-based hacktivists are taking credit for an ongoing internet outage in Iran.... [...]
Hear how AI runtime security secures applications in the complete journey from design to build to run Sponsored Post Ensuring access to mission critical, AI-enabled applications is important for modern businesses keen on boosting employee productivity and transforming customer operations. But not if it compromises data security.... [...]
They say crime doesn't pay. They're right – it's the victims doing the paying An unnamed Fortune 50 corporation paid a stonking $75 million to a ransomware gang to stop it leaking terabytes of stolen data.... [...]
Work aims to build on the success of NCSC's 2016 initiative – and private sector will play a part The UK's National Cyber Security Centre (NCSC) says it's in the planning stages of bringing a new suite of services to its existing Active Cyber Defence (ACD) program.... [...]
Suspected devs behind Russian Coms cuffed – now to find the users of the nastyware The UK's National Crime Agency (NCA) has shut down an outfit called Russian Coms – a call-spoofing service believed to have swindled hundreds of thousands of victims.... [...]
First delays, then data leaks – now fraud detection needed at point of use The Japanese government has released details of of an app that verifies the legitimacy of its troubled My Number Card – a national identity document.... [...]
SMS OTPs are overused, so bring on the tokens and biometrics India's central bank on Wednesday proposed a requirement for dynamically generated second authentication factors for most digital payments.... [...]
Techno-crooks greeted by grinning Putin after landing At least two Russian cybercriminals are among those being returned to their motherland as part of a multinational prisoner exchange deal announced Thursday.... [...]
That horse has not just bolted, it's trampled all over kernel space CrowdStrike, after suggesting canary testing as a way to ensure it avoids future blunders leading to global computer outages, has been sued in federal court by investors for not using a phased approach in rolling out updates …