Security News

Cloud security threats CISOs need to know aboutIn this Help Net Security interview, Ava Chawla, Head of Cloud Security at AlgoSec, discusses the most significant cloud security threats CISOs must be aware of in 2024. Cybersecurity ROI: Top metrics and KPIsIn this Help Net Security interview, Karthik Swarnam, Chief Security and Trust Officer at ArmorCode, discusses key metrics and KPIs to measure cybersecurity ROI. Confidential AI: Enabling secure processing of sensitive dataIn this Help Net Security interview, Anand Pashupathy, VP & GM, Security Software & Services Division at Intel, explains how Intel's approach to confidential computing, particularly at the silicon level, enhances data protection for AI applications and how collaborations with technology leaders like Google Cloud, Microsoft, and Nvidia contribute to the security of AI solutions.

Opinion CrowdStrike's recent Windows debacle will surely earn a prominent place in the annals of epic tech failures. In the beginning, Microsoft enabled CrowdStrike's Falcon security software to run at the zero level of the Windows kernel.

CrowdStrike is alerting about an unfamiliar threat actor attempting to capitalize on the Falcon Sensor update fiasco to distribute dubious installers targeting German customers as part of a highly targeted campaign. The cybersecurity company said it identified what it described as an unattributed spear-phishing attempt on July 24, 2024, distributing an inauthentic CrowdStrike Crash Reporter installer via a website impersonating an unnamed German entity.

The cost of CrowdStrike's apocalyptic Falcon update that brought down millions of Windows computers last week may be in the billions of dollars, and insurance isn't covering most of that. Parametrix says insurance might only pay out about $540 million to $1.1 billion of that hit for the Fortune 500, or between 10 and 20 percent.

CrowdStrike is the latest lure being used to trick Windows users into downloading and running the notorious Lumma infostealing malware, according to the security shop's threat intel team, which spotted the scam just days after the Falcon sensor update fiasco. Lumma is a relatively popular stealer that has been in high demand among ransomware crews since 2022.

The market rewards short-term profit-maximizing systems, and doesn't sufficiently penalize such companies for the impact their mistakes can have. The asymmetry of costs is largely due to our complex interdependency on so many systems and technologies, any one of which can cause major failures.

The PIR is a bit confusing to read and parse, because it attempts to assure readers that the company carefully and comprehensively tests their products - even though the company's failures on that front are obvious. CrowdStrike has implemented an update architecture that only rigorously tests some of the updates sent to clients.

Not long after Windows PCs and servers at the Australian limb of audit and tax advisory Grant Thornton started BSODing last Friday, senior systems engineer Rob Woltz remembered a small but important fact: When PCs boot, they consider barcode scanners no differently to keyboards. That knowledge nugget became important as the firm tried to figure out how to respond to the mess CrowdStrike created, which at Grant Thornton Australia threw hundreds of PCs and no fewer than 100 servers into the doomloop that CrowdStrike's shoddy testing software made possible.

As far as we're aware - and let us know any other details you may have - the security snafu started way back on February 28, when CrowdStrike developed and distributed a sensor update for Falcon intended to detect an emerging novel attack technique that abuses named pipes on Windows. At 0409 UTC on Friday, July 19, CrowdStrike pushed the ill-fated update to its Falcon endpoint security product.

The US Department of Transportation is investigating Delta Air Lines over its handling of the global IT outage caused by CrowdStrike's content update. Delta has had a particularly rough time since Friday, consistently cancelling hundreds of flights a day.